Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

450 host down puzzle 3

Status
Not open for further replies.
deejay33

deejay33

IS-IT--Management
May 30, 2002
147
US
System:
Novell Netware 4.2
Groupwise 5.5
Proxy with Boardermanager

We have noticed (in woking on another problem) that we are repeadedly getting the
Detected error on SMTP command
command:smtp.ourdomain.com
Response: 450 host down
We recieve the same error for other domains only very, very rarely. I believe it is only when the server on that domain is having problems. I have noticed though, that when we do get these other errors on other domains it never includes the smtp part. For example it only says command: compuserve.com. I am not sure if there is anything there that says something. We do have our resolve.cfg setup to direct internal mail for inside our domain. It is setup as ourdomain.com [10.?.?.?]. Should we have another entry as smtp.ourdomain.com [10.?.?.?]? I have pinged the domains from outside the firewall and it works ok for ourdomain.com but does not return anything for smtp.ourdomain.com. Is this normal? Also to add to the puzzle we have noticed that our gwia/defer directory has about 20,000 files in it. Is that normal? All of our e-mail seems to be delivered and recieved normally. I am new to GroupWise and fairly new to network administration so any suggestions would help. If you need any more info just let me know.

Thanks,
Deejay33
 
Sort by date Sort by votes
Deejay,

I have the same problem on one of my systems, I've been looking for an answer for this for quite some time. I hope someone can answer it here.

I started to get this error after I removed bordermanager off my server and disabled the external nic card. I then had a Cisco router setup to do NAT. I am running a Windows NT DNS server to resolve host names. The funny thing is I also have my resolve.cfg file setup and can fully ping the domain name from anywhere in the network to include outside if I have the firewall down. I was thinking it was a problem with the firewall so I disabled that. No luck I still got the same error.

I believe if you check the messages (open them up with notepad) you will see that those messages in your Defer directory are ones going to your own domain. For the life of me I can't seem to pin point the problem. I would think that if one message does not get delivered then all of them would fail. Not such the case here, only a problem with some messages.

I'm running GroupWise 5.5 on a NetWare 5.0 box but this also occurs on a GroupWise 5.5 system on a 4.11 box as well. I was thinking it was how my addressing rules were but the two systems are setup for totally different address rules.

Not sure if this helps maybe we can compare notes and figure this out together.

david e
*end users are just like computers, some you can work with...others just need a simple reBOOTing to fix their problems.*
 
Upvote 0 Downvote
I found that the messages in the directory that are going to my domain have been either sent to a mis-spelled or non-existent user @mydomain or are a result of a user's rule replying to a listserv or site that sends but does not receive and returns mail to postmaster@mydomain.

According to Novell:
The WPGATE\GWIA\DEFER directory is used to store message files that the GWIA cannot immediately deliver.
Note: The DEFER directory is a holding queue for message files that the GWIA cannot deliver right at the moment. These files are deleted, and an undeliverable message is returned to the sender, if delivery is not accomplished in 4 days.
The DEFER directory retries messages every 20 min for the first hour then every 4 hours for 4 days. After this time the sender is sent an undeliverable message.

Possible reasons for 450 error:
1. IP address to DNS has changed. If this is the case update the RESOLV.CFG
2. IP filtering has been added to the routers so the gateway cannot see the DNS machine.
3. Bad network card (NIC).
4. TCP/IP is not bound to the network card.
5. Bad network cabling.
6. named is not running on the DNS machine.
7. The DNS machine is down.
8. The specific site your sending email may be down. If you can send email to other locations, then in most cases all your GWIA/DNS settings are fine. Try sending the email again later to see if their site is running. A good test is loading ping at the server console and try pinging the site your trying to send email to.
9. The ISP which is hosting the DNS may have the wrong entry for the MX record.


Cheers,

Mark ;-)
 
Upvote 0 Downvote
sobak,
You just helped me break this case. Until you told me to try it, I never realized you can check the messages in the defer directory with notepad. I had assumed the files were encrypted just like they are in the message databases. You were exactly right in saying they would be from my own domain. Thats only the begining. Appon futher investigation I found that all the messages are undeliverable messeges. Even better than that they are undiliverable messeges to undiliverable messages. What I meen is the message in the defer directory says something to the effect of "The following messege was undiliverable" and the message that follows says "The following message was undiliverable" and again and again. The same messages are bouncing around the defer directory. Then I realized where the original messages are starting. They are virus messages (w32.KlezH) trying to relay through our server. We have the relaying feature turned of off to prevent this very thing. Since the virus is "Spoofing" us the undeliverable message is sent back to postmaster@mydomain.com. Only we don't have a postmaster@mydomain so it creates an undiliverable for the undileverable message and you get the picture. The million doller question is how to stop it. I will try to set up a dummy GW account postmaster@mydomein.com and see if it starts to catch the messages. Well got to go. Any other suggestions would be useful.

Deejay33
 
Upvote 0 Downvote
Well I'm glad that helped you, unfortunately my problem is still ongoing. Try to create you dummy account then set a rule up on it to delete everything that comes into it. I have done just that but not for that reason. I use my postmaster account to relay virus messages from Guinevere to my own inbox. We never receive anything of interest into that account anyway so I just go ahead and delete anything that comes in. I use the account to send information from......

Hope this gets you closer to fixing your issue.

david e
*end users are just like computers, some you can work with...others just need a simple reBOOTing to fix their problems.*
 
Upvote 0 Downvote
We are having the same 450 problem. We cannot send or receive email from brooks.af.mil. We always get the 450 error from GWise.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

quinnc
  • Locked
  • Question
GroupWise 6.5 IMAP Service Shuts Down-Needs Constant Restarting
Replies
0
Views
519
quinnc
quinnc
ChrisMarin
  • Locked
  • Question
Can't send email to 1 particular client - "Client host rejected"
Replies
0
Views
49
ChrisMarin
ChrisMarin
JimKenzie
  • Locked
  • Question
Eudora can't download gmail messages
Replies
0
Views
64
JimKenzie
JimKenzie
bhagwan123
  • Locked
  • Question
Multiple instances of Qmail on the same host
Replies
3
Views
79
thedaver
thedaver
jfk8680
  • Locked
  • Question
GWIA: Error 450 Host Down
2
Replies
20
Views
143
bytehd
bytehd

Part and Inventory Search

Sponsor

Back
Top