Very interesting problem...

[MarkyDPR]

I’m having a very interesting problem.
I’m not sure where my problem lies.
First, some background.
The company I work for had a DSL line with “theshop.net.” They are a local ISP here in OKC. They also hosted our website and DNS/MX records. We have an exchange server in house. Well, theshop started to drop off with the speeds, and the buck got passed between them and SBC. They each blamed each other. So, I decided to get DSL from SBC on a different line, to see if the problem was SBC or theshop.net. I got the DSL and it worked great. So, I hooked both connections into a dual wan router, and decided I’d slowly phase out theshop.net. At that time, my exchange server was running on the static IP from theshop.net. So, my task would now be to set up DNS/MX with the new host to point to my new SBC DSL address.
I found a great host for my website and DNS/MX. They went ahead and set it up, I uploaded the site to their servers, and all was well.

http://www.dnsreport.com

shows the MX record pointing to my new SBC DSL address. Mail gets through OK. I can also send mail fine. So, I decided to take theshop.net off of the router to make sure everything performs as expected.
At first, all seemed to be well. Then my boss informed me he could not send to one domain. I tried sending to that domain from an address outside of our network, and it went thru OK. I checked with their ADMIN, and there are no spam filters catching the mail. So, I plugged theshop.net back into the router…and guess what? E-Mail now goes thru just fine to that domain we couldn’t get mail to when theshop.net was unplugged from the router. Yet, without theshop.net plugged in, I can get e-mail to any other domain, just not the one in question.
Here is the error message I get back (almost instantly, and it looks like an Exchange error…)
Your message did not reach some or all of the intended recipients.

Subject: test
Sent: 5/24/2004 1:20 PM

The following recipient(s) could not be reached:

Alexis@xxxxxxx.com on 5/24/2004 1:20 PM
You do not have permission to send to this recipient. For assistance, contact your system administrator.


Does anyone have any idea what is going on? I’m at a loss.
This is Exchange 2000 on SBS 2000.

 

[gurner]

How are you trying to send email?

do you having a connector trying to route email to an ISPs SMTP server or are you using DNS to try and send yourself?

If you are using a connector, is the IP Address of the new ISP server you are sending to authorised as being able to relay your server?

Is there a Firewall/Router in the way that is doing a PAT (Port Address Translation) on port 25 to your Exchange Server?

is the IP of this box authorised? This maybe less of an issue as it seems ISP specific. But is it only port forwarding 25 traffic from the old ISP only and not the new ISP?

It is in all likely hood coming from your Exchange server because it is having Permissions issues with the new ISPs mail server or a Firewall is complicating the issue

Gurner

What is Divine Paradox?

http://www.divineparadox.co.uk

 

[MarkyDPR]

"do you having a connector trying to route email to an ISPs SMTP server or are you using DNS to try and send yourself?"

I am using DNS to send mail myself.

"Is there a Firewall/Router in the way that is doing a PAT (Port Address Translation) on port 25 to your Exchange Server?"

I am using a Xincom DPG-502 as my firewall. On the firewall, Port 25 is forwarded to my exchange server. I believe that is all configured correctly, as far as I can see.

Now, let's check out some mail headers, sent from inside my network to another address I have that is outside the network.
First, I have a message sent to my alternate address, with BOTH internet connections plugged in. Here's what I see: (edited to remove IP addresses and/or hostnames...)

From: Mark@xxxxxx.com This is coming from my exchange server
Subject: test
Date: May 25, 2004 11:57:33 AM CDT
To: mxxxxxxx@mac.com
Return-Path: <Mark@xxxxxxxxx.com>
Received: from mac.com (smtpin04-en2 [10.13.10.149]) by ms15.mac.com (iPlanet Messaging Server 5.2 HotFix 1.25 (built Mar 3 2004)) with ESMTP id <0HYA00G814BH66@ms15.mac.com> for xxxxxx@mac.com; Tue, 25 May 2004 09:54:54 -0700 (PDT)
Received: from pro-01.xxxxxxx.com (net-66-210-xxx-xx.theshop.net [66.210.xxx.xx])now, this shows the mail is being routed thru the IP address of the ISP I am wanting to get rid of. Remember, at this point I have both the NEW and the OLD ISPs plugged into the router. by mac.com (Xserve/smtpin04/MantshX 4.0) with ESMTP id i4PGsqIT021623for <xxxxxx@mac.com>; Tue, 25 May 2004 09:54:53 -0700 (PDT)
Message-Id: <D815AB4F7A8A7E45949FE65E55A56CBA0D10FD@pro-01.xxxxxx.com>
Mime-Version: 1.0
X-Mimeole: Produced By Microsoft Exchange V6.0.4712.0
Content-Type: multipart/related; type="multipart/alternative"; boundary="----_=_NextPart_001_01C44279.5FDA70A6"
Content-Class: urn:content-classes:message
Thread-Topic: test
Thread-Index: AcRCeV8DIQZ6gHamQru0nXzEs7mQNQ==
X-Ms-Has-Attach:
X-Ms-Tnef-Correlator:
Original-Recipient: rfc822;xxxxxxx@mac.com
--------------------------

OK, now, I have unplugged the OLD internet connection, the one that I want to get rid of. I now send an e-mail to my same external address, and it goes thru fine. Here are the headers:

From: Mark@xxxxxxxx.com
Subject: test
Date: May 25, 2004 12:00:51 PM CDT
To: xxxxxxxx@mac.com
Return-Path: <Mark@xxxxxxxx.com>
Received: from mac.com (smtpin18-en2 [10.13.11.246]) by ms15.mac.com (iPlanet Messaging Server 5.2 HotFix 1.25 (built Mar 3 2004)) with ESMTP id <0HYA00GN04HB5G@ms15.mac.com> for xxxxxxx@mac.com; Tue, 25 May 2004 09:58:23 -0700 (PDT)
Received: from pro-01.xxxxxx.com ([69.149.xxx.xxx])Now, this shows the IP of my SBC connection, the one we want to keep. It also shows it was received from my exchange server, on that SBC IP. by mac.com (Xserve/smtpin18/MantshX 4.0) with ESMTP id i4PGwG54026976for <xxxxxxxx@mac.com>; Tue, 25 May 2004 09:58:21 -0700 (PDT)
Message-Id: <D815AB4F7A8A7E45949FE65E55A56CBA0D10FE@pro-01.xxxxxx.com>
Mime-Version: 1.0
X-Mimeole: Produced By Microsoft Exchange V6.0.4712.0
Content-Type: multipart/related; type="multipart/alternative"; boundary="----_=_NextPart_001_01C44279.D5653FB8"
Content-Class: urn:content-classes:message
Thread-Topic: test
Thread-Index: AcRCedTNpaINKY9YStm5GY2TVn8OlA==
X-Ms-Has-Attach:
X-Ms-Tnef-Correlator:
Original-Recipient: rfc822;xxxxxxxx@mac.com
--------------------------
And finally, last, but not least. I still have the OLD connection unplugged, and now I'm going to try to send an E-Mail to the domain in question. (The same domain that I cannot mail from inside my network, but I CAN mail from outside.) It gets BOUNCED. Here is the error message, followed by the headers:
From: System Administrator
Sent: Tuesday, May 25, 2004 12:02 PM
To: alexis+AEA-theirdomain.com
Subject: Undeliverable: test
Your message did not reach some or all of the intended recipients.

Subject:  test
Sent:     5/25/2004 12:02 PM

The following recipient(s) could not be reached:


      alexis@theirdomain.com on 5/25/2004 12:02 PM


            You do not have permission to send to this recipient.  For assistance, contact your system administrator.


            <pro-01.mydomain.com #5.7.1>

Microsoft Mail Internet Headers Version 2.0


From: postmaster@mydomain.com


To: Mark@mydomain.com


Date: Tue, 25 May 2004 12:01:58 -0500

MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;


            boundary="9B095B5ADSN=_01C432A0E278480A0000120Fpro?01.mydomain"

Message-ID: <lZjNgd314000003e4@pro-01.mydomain.com>
Subject: Delivery Status Notification (Failure)


 --9B095B5ADSN=_01C432A0E278480A0000120Fpro?01.mydomain


Content-Type: text/plain; charset=unicode-1-1-utf-7

--9B095B5ADSN=_01C432A0E278480A0000120Fpro?01.proreport

Content-Type: message/delivery-status

--9B095B5ADSN=_01C432A0E278480A0000120Fpro?01.proreport
Content-Type: message/rfc822
content-class: urn:content-classes:message

Subject: test

MIME-Version: 1.0

Content-Type: multipart/related;


            boundary="----_=_NextPart_001_01C44279.FBC41828";


            type="multipart/alternative"


Date: Tue, 25 May 2004 12:01:55 -0500

X-MimeOLE: Produced By Microsoft Exchange V6.0.4712.0

Message-ID: <D815AB4F7A8A7E45949FE65E55A56CBA0D10FF@pro-01.mydomain.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: test
Thread-Index: AcRCefsYBilGlvFRTq6p8puGlVjlfg==
From: "Mark P. Donnelson" <Mark@mydomain.com>
To: <alexis@theirdomain.com>

------_=_NextPart_001_01C44279.FBC41828


Content-Type: multipart/alternative;


            boundary="----_=_NextPart_002_01C44279.FBC41828"
------_=_NextPart_002_01C44279.FBC41828


Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable------_=_NextPart_002_01C44279.FBC41828
Content-Type: text/html;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

------_=_NextPart_002_01C44279.FBC41828--

------_=_NextPart_001_01C44279.FBC41828


Content-Type: image/gif;


            name="image001.gif"
Content-Transfer-Encoding: base64
Content-ID: <image001.gif@01C44250.12405780>
Content-Description: image001.gif
Content-Location: image001.gif


 


 


 

 

[AdmanOK]

Have you had theshop.net remove your domain information from their DNS servers? Is the person that you are trying to email a theshop.net customer? If they are and theshop.net has your old DNS information then if they do a DNS lookup on your mail server it is going to give the old address and not the new one, which will not match the information in the headers of the email and could then be blocked... I know it's a long shot but it's the only thing I could think of.

 

[MarkyDPR]

No, I have not had them remove my domain info from their DNS. The person I am trying to reach is not on the same ISP...
I'm just afraid if I have theshop.net remove it, I won't be able to get E-Mail to these people at all. This problem just makes no sense...

 

[JimPletcher]

MarkyDPR,

I assume (from the Broadband forum) that you got this resolved.

What was the resolution?

 

[lhuegele]

Make sure that your new ISP has set-up a reverse DNS record for the new IP address of your Exchange server. This could be a reason why you're email is being blocked at the receiving domain. Many administrators are doing reverse DNS lookups now to help stem the flow of spam and whatnot.

Good luck,
Larry

 

[idarwin]

I am having the exact same problem. The company that I am working for just swtiched to SBC DSL from a differnt DSL providor. At first everything was ok but recently, everyone is getting returned mail from some domains but not others.

I am getting the same error codes on the return email from exchange as well.

I have all external DNS being handled by dyndns.org, and I don't think that SBC will allow me to change my reverse dns look up, does anyone have any other sugestions?

 

[JimPletcher]

Here's what MarkyDPR had to say on another forum:

http://www.dslreports.com/forum/remark,10326205~mode=flat

Basically, I think it was the reverse DNS that was causing his problem.

 

[MarkyDPR]

Sorry guys, I have been super busy. Anyway, here's a follow up.

I set up rDNS with SBC. However, in doing an rDNS lookup, it's still not resolving correctly. No one seems to know why. I'm still working on this...
It's just really odd.