Not receiving all email from Microsoft Exchange 2007. please help

[bevan1]

Hi there.

Can someone please explain to me why this happens and how to recify it? I have checked with the mail tracking tool and i dont see the email ever being delivered onto our exchange.


How can i recitfy this?

Im totally dumb struck now. Could it be a problem from the senders side? Some emails do come through from them but not all.

Thanks in advance.

 

[hungrybeaver]

Enter your domain name in here: http://www.mxtoolbox.com/ and see what it brings up.

Some emails do come through from them but not all.

From who - one domain or many? Are you experiencing this problem with just one external domain only?

 

[Asha'man X]

Try using Microsoft's Exchange Connectivity tester tool, found here: https://www.testexchangeconnectivity.com/ It should help you test mail flow into your Exchange Server

 

[bevan1]

Enter your domain name in here: http://www.mxtoolbox.com/ and see what it brings up.



From who - one domain or many? Are you experiencing this problem with just one external domain only?

It is just from one place. There IT department says there's nothing wrong on there side. But we dont even get the mail to our exchange.

 

[Tinuva]

Ask for logs, it always helps A LOT to have the logs. I work at an ISP and even when I need to troubleshoot mail problems not getting to us, getting my hands on the logs always help. Sometime other mailservers just have a bad IP, listed on UCEprotect or some stupid RBL that I just need to turn a notch down or so. In fact we removed most RBL checks on MTA level apart from one, we even don't enforce reverse dns and helo checks anymore, all of that is handled inside spamassassin with scores instead, so that we have more control on the flow of mails.

 

[bevan1]

Ok thanks. So tell me where would I get the logs from?

 

[Tinuva]

According to you its only from one place you not receiving these mails, starting point is to ask this "one place"'s IT department to send you the logs that tells them it is your fault. Once you have that you should be able to figure it out from there.

 

[bevan1]

thanks man. you a great help. Do you mind me asking for you number just incase i get stuck?

 

[Tinuva]

Sorry would like to not do that. You can however send a private message to me here on the forums or even paste the logs here just masking the email address from the logs.

 

[The_Unbeliever]

Ja, ask for the logs.

I would ask the other place whether they get bounced emails, and what the bouce message says. If it is due to your server rejecting their emails due to their IP address being blacklisted, you can either add them to a whitelist, or they must sort the blacklisting issue out themselves (depending on your mood).

It is preferable that they sort their blacklisted status out as this will cause more grief to them in the long run.

 

[bevan1]

Thanks Guys.

I have contacted their IT department and these guys do not want to release the logs to me because we not part of their group. This is a big Medical company btw. i have checked if any ip's are blacklisted and im A OK. Don't know what to do next.

Any other suggestions?

 

[Tinuva]

Try to ask them not for complete logs, but just the lines that pertain to your mail server, I mean if the mails went through you would have the same logs, nothing that they need to hide there.

If they don't even want to do partial logs, ask them to at least give the specific error message, and the "to email address" on your server, which will give you some info on what to look for in your own logs.

Also ask if you can have the IPs of their servers trying to send mail to you, search for that then in your own logs.

If they don't want to give any info, tell them the problem is not on your side because you receive mail just fine, the problem is on their side and they need to fix it.

Obviously they must be hiding something if they don't want to give you any info, and what they are hiding might just show the problem really is on their side and they are too lazy to fix it.

 

[Grep]

1. ask them to send a test mail to your gmail account
2. IF the mail arrives, check their sending IP address
3. check to see if the IP address is blacklisted
4. if not, ask them to send a test mail to your gmail and exchange account
5. check YOUR logs

one way or another you will find the problem

 

[ivusi]

I have a sneaky feeling I know what your problem is, however you need to do the following :-
Open a command prompt and type in the following
nslookup -type=TXT company.com
(The company.com is the company you are not receiving e-mail from)

If you get a line something like:- ;; ANSWER SECTION: company.com. 21600 IN TXT "v=spf1 a mx ip4:<ip address> ip4:<ip address>/27 ip4:<ip address> ~all"

Look out for the word "spf" This is called "Sender Policy Framework" which is used by corporations to combat spam. In essence if you see this, it means that the company is saying to all other companies in the world who might be receiving e-mail from them stipulates that "they only send mail from these configured IP addresses you see in the output. If you receive mail that is saying is coming from company.com but NOT from my IP addresses I said - then they have spoofed my email address and hence this mail is spam - please reject it ( as indicated by the ~(tilde)all command)
[A side comment - The ~all prefix at the end is an invalid referrer as it doesn't identify specific hosts; it pretty much says "reject all others" but is considered invalid in its implementation and many platforms will 'soft fail' these entries anyway.]

Now that there is the "spf" line, this only works IF YOU have spf enabled either on your Security Gateway (if you have one that filters your incoming e-mail etc) or r if you do don't have SPF enabled, your ISP might have it enabled on their edge mail servers. If this is the case then you have a couple of options
1:- Disable SPF on your kit ( its more hassle that its worth IMO)
2:- Check that a mail sent from them to your gmail account etc is coming from one of the IP addresses in their mx records (Sometimes they might route their mail through one of their other offices thus they end up using a different IP address that is what is allowed) - it happened to one of our European clients!
3:- Phone them and ask them to fix their mx records and tell them whats is happening (They should in any case have NDR records when they try and send mail to you anyway - ask them to send those NDR's to your gmail account and that should tell you something along the lines of "e-mail is being returned either as “rejected” or “policy not satisfied”.

Any questions give us a shout!