external email delayed (Status 4.4.7)

[johndoe]

(We're running Exchange2000. Internal IP is NAT-ed to static external IP.)

We're trying to send to a recipient (over in Germany) and the messages are
not getting through.

First we get the following type of notification

Action: delayed
Status: 4.4.7

And then another "Undeliverable" notification indicating a timeout:

"Could not deliver the message in the time limit specified. Please retry or
contact your administrator."


What's different about our setup is that we're using a third-party spam
filtering company, which may be creating some issues with Reverse DNS
queries. Could this be the reason we've been having these problems? It would
also seem to indicate a problem with settings on the destination email
server, since it may be filtering out email coming from our domain.

Also, we were not able to telnet into their email servers (on port 25). The
connection was rejected or it timed out. The same thing happens when we try
telneting through our separate (entirely different IP address) DSL line.

Emails sent from AOL, Yahoo, etc to the same recipient got through, however.


Any idea on how to best deal with this problem?

Thanks in advance.

 

[Ace Fekay [MVP]]

(We're running Exchange2000. Internal IP is NAT-ed to static external IP.)

We're trying to send to a recipient (over in Germany) and the messages are
not getting through.

First we get the following type of notification

Action: delayed
Status: 4.4.7

And then another "Undeliverable" notification indicating a timeout:

"Could not deliver the message in the time limit specified. Please retry or
contact your administrator."


What's different about our setup is that we're using a third-party spam
filtering company, which may be creating some issues with Reverse DNS
queries. Could this be the reason we've been having these problems? It would
also seem to indicate a problem with settings on the destination email
server, since it may be filtering out email coming from our domain.

Also, we were not able to telnet into their email servers (on port 25). The
connection was rejected or it timed out. The same thing happens when we try
telneting through our separate (entirely different IP address) DSL line.

Emails sent from AOL, Yahoo, etc to the same recipient got through, however.


Any idea on how to best deal with this problem?

Thanks in advance.

Couple things can be going on. One is that they may be now usin SPF. The
other thing, is your reverse DNS maybe pointed to your SPAM filtering
company. If you are sending out directly from your machine, but the reverse
entry is pointing to the company, then it will get rejected.

Can y ou send to an AOL account? They use both reverse and SPF. If you
cannot, then that explains it. Since you didn't post your domain name, it's
difficult to say. You can use nslookup to test it:

set type=txt
aol.com

Server: london.nwtraders.msft
Address: 192.168.5.200

Non-authoritative answer:
aol.com text =

"v=spf1 ip4:152.163.225.0/24 ip4:205.188.139.0/24
ip4:205.188.144.0/24 i
p4:205.188.156.0/23 ip4:205.188.159.0/24 ip4:64.12.136.0/23
ip4:64.12.138.0/24 p
tr:mx.aol.com ?all"

<snipped>

If you get the above "v=spf1...."etc then they are using SPF.


Of course to test reverse DNS, use nslookup and enter your IP address. If it
comes up as can't be found, then that's the answer.


--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services

Security Is Like An Onion, It Has Layers
HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.

 

[Jonathan de Boyne Pollard]

j> [...] which may be creating some issues with Reverse DNS queries.
j> Could this be the reason we've been having these problems?

The text accompanying the 4.4.7 error message will explain what the
problem is in detail. Read it. (And if you want someone else, like us,
to explain it to you, *show them what it is*.) Don't guess at what the
problem may be. Go with what the error message *says* the problem is.

j> Also, we were not able to telnet into their email servers (on port 25).
j> The connection was rejected or it timed out.

The next step is for you to check IP, TCP/IP, and SMTP/TCP/IP
connectivity between you and the SMTP Relay server. (Note: You still
haven't reached a stage where you have determined this to be a
DNS-related issue.)

 

[ErikS]

(We're running Exchange2000. Internal IP is NAT-ed to stati
external IP.)

We're trying to send to a recipient (over in Germany) and th
messages are
not getting through.

First we get the following type of notification

Action: delayed
Status: 4.4.7

And then another "Undeliverable" notification indicating a timeout:

"Could not deliver the message in the time limit specified. Pleas
retry or
contact your administrator."


We just installed a Small Business Server 2003 with Exchange. E-mai
sent to many domains works just fine..aol, yahoo, microsoft, del
etc... But there are certain domains, not just one, which respon
with the same message the previous member was getting:

"delivery to the following recipients was delayed"

Notepad reports:

"Reporting-MTA: dns;"(my domain)"
Final-Recipient: rfc822;(destination e-mail)
Action: delayed
Status: 4.4.7
Will-Retry-Until: Sun, 8 Aug 2004 12:24:37 -0500"

On SUnday I will get notification that the action failed.

We ARE able to telnet their server on port 25.

Any suggestions would be greatly appreciated

-
Erik

 

[Ace Fekay [MVP]]

In

(We're running Exchange2000. Internal IP is NAT-ed to static
external IP.)

We're trying to send to a recipient (over in Germany) and the
messages are
not getting through.

First we get the following type of notification

Action: delayed
Status: 4.4.7

And then another "Undeliverable" notification indicating a timeout:

"Could not deliver the message in the time limit specified. Please
retry or
contact your administrator."


We just installed a Small Business Server 2003 with Exchange. E-mail
sent to many domains works just fine..aol, yahoo, microsoft, dell
etc... But there are certain domains, not just one, which respond
with the same message the previous member was getting:

"delivery to the following recipients was delayed"

Notepad reports:

"Reporting-MTA: dns;"(my domain)"
Final-Recipient: rfc822;(destination e-mail)
Action: delayed
Status: 4.4.7
Will-Retry-Until: Sun, 8 Aug 2004 12:24:37 -0500"

On SUnday I will get notification that the action failed.

We ARE able to telnet their server on port 25.

Any suggestions would be greatly appreciated.

Eric, your post is difficult to read since the way it's displayed makes it
appear to be the part of the original post quoted, but for some reason your
comments appear to be part of the original quote.

Maybe the issue with what's going on is SPF. Does your Exchange server
public IP have a reverse entry?

--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services

Security Is Like An Onion, It Has Layers
HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.

 

[idallas]

Hi Guys

I have exactly the same issue being discussed. The only thing I ca
add is that for us it only happens when there is a file attachment.
The file attachment can be a small as a few bytes and can be of an
file extension type.

Regards

Iai


-
idalla

 

[Ace Fekay [MVP]]

In

Hi Guys

I have exactly the same issue being discussed. The only thing I can
add is that for us it only happens when there is a file attachment.
The file attachment can be a small as a few bytes and can be of any
file extension type.

Regards

Iain

If it's happening based only on an attachment, then we need to get more info
about your machine, since DNS wouldn't have anything to do with
'attachments'. Are there any errors in the Event logs?

--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services

Security Is Like An Onion, It Has Layers
HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.

 

[idallas]

*In idallas <[email protected]> made a post then
commented
below

If it's happening based only on an attachment, then we need to ge
more info
about your machine, since DNS wouldn't have anything to do with
'attachments'. Are there any errors in the Event logs?

--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services

Security Is Like An Onion, It Has Layers
HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.

There do not appear to be any errors in the Event logs. DNS is stabl
and the application log is showing no errors.

Interestingly all the problem emails are going to .com. All email
going to .co.uk seem to be OK.

Any ideas where to look next?

Cheers

Iai


-
idalla

 

[Ace Fekay [MVP]]

In

There do not appear to be any errors in the Event logs. DNS is stable
and the application log is showing no errors.

Interestingly all the problem emails are going to .com. All emails
going to .co.uk seem to be OK.

Any ideas where to look next?

Cheers

Iain

Ok, how large is the queue? Are there numerous entries in it that you do not
recognize?

Ace