Incoming emails not arriving from one SMTP server

Discussion in 'Microsoft Exchange' started by Lectrician, Mar 6, 2014.

  1. Lectrician

    Lectrician New Email

    Joined:
    Mar 6, 2014
    Messages:
    3
    Likes Received:
    0
    I have had my Exchange SBS 2003 server doing my mail for a few years, with my domains MX record pointing to the server.

    I receive and send emails just fine, and have done for years.

    I host my domains with 1and1, and although the MX records point to my own server, I make use of one mailbox at 1and1 to use the auth.smtp.1and1.co.uk outgoing mail server to be able to send email from dumb items like my UPS, Printer, CCTV, Door Entry etc. This has worked fine for years.

    I upgraded from 1and1 home to 1and1 unlimited, and think this may just be a coincidence, but since doing so, one my domains no longer receives any emails if sent via the 1and1 auth.smtp server.

    I have other people who have completely seperate 1and1 accounts, and use the auth.smtp server for their outgoing mail, and I now no longer get their emails either.

    It only affects one domain/one exchange server. (this server only has one domain pointing at it).

    If I log the incoming SMTP connection, I can see the below:

    Email via auth.smtp.1and1.co.uk (emails never arrive)
    22:24:33 212.227.17.10 EHLO - 250
    22:24:33 212.227.17.10 STARTTLS - 220
    22:24:33 212.227.17.10 STARTTLS - 220
    22:24:33 212.227.17.10 EHLO - 250
    22:24:33 212.227.17.10 MAIL - 250
    22:24:33 212.227.17.10 RCPT - 250
    22:24:33 212.227.17.10 QUIT - 240

    Email from someone else (this worked and arrived)
    22:26:04 xxx.xxx.xxx.xxx EHLO - 250
    22:26:04 xxx.xxx.xxx.xxx STARTTLS - 220
    22:26:04 xxx.xxx.xxx.xxx STARTTLS - 220
    22:26:04 xxx.xxx.xxx.xxx EHLO - 250
    22:26:04 xxx.xxx.xxx.xxx MAIL - 250
    22:26:04 xxx.xxx.xxx.xxx RCPT - 250
    22:26:05 xxx.xxx.xxx.xxx DATA - 250 <<<<<notice data here
    22:26:05 xxx.xxx.xxx.xxx QUIT – 240

    Notice the DATA connection is missing from the 1and1 auth.smtp connection??

    As some others have confirmed they can not send me emails, I am concerned I am missing others.

    1and1 are unhelpful, and simply tell me to use their mailservers.

    NO bounce back emails are generated or received.

    Any ideas guys?

    It's driving me mad!

    Thanks :)
     


  2. seedy

    seedy Valued Member

    Joined:
    Jul 4, 2012
    Messages:
    51
    Likes Received:
    0

  3. Lectrician

    Lectrician New Email

    Joined:
    Mar 6, 2014
    Messages:
    3
    Likes Received:
    0
    Thanks. The exchange server is not a hosted 1and1 one, it is part of SBS2003 running on my office server.

    My server receives email via my domain, the domains MX record pointing to it. The server happily sends out emails using my ISPs SMTP server.

    I wouldn't have access to that SMTP server you link to, as its for hosted exchange customers.
     
  4. Mallers

    Mallers New Email

    Joined:
    Apr 13, 2014
    Messages:
    4
    Likes Received:
    0
    At last I have found someone with excatly the same problem as me.

    I also see the same problem whereby the 1&1 server starts an SMTP connection and goes through all of the commands except the DATA command.
    I have spent quite some time on the phone to 1&1 support but all they tell me is that it is not their SMTP server at the receiving end so they cannot support me.

    Same symptoms:
    I use an email address on my 1&1 account to make use of the outgoing server for iphones (AUTH.SMTP.1AND1.CO.UK ) but all incoming email should follow DNS and MX records.
    NON 1&1 customers can send to the Exchange server (2003) no problem.
    Outgoing mail from my server uses DNS (no relay host).

    I know I am not giving you any solutions here but maybe this might create some momentum for others to help.
    Thanks for listening.
     
  5. Lectrician

    Lectrician New Email

    Joined:
    Mar 6, 2014
    Messages:
    3
    Likes Received:
    0
    Hi.

    1and1 did escalate in the end, and said there was an issue with TLS on my SBS exchange server, and that their server would not be able to send email to it. A known SBS bug apparently.

    They told me to upgrade my server, or disable TLS. I disabled TLS (it wasn't meant to be on anyway), and all started to work fine.

    TLS had remained on from a previous cert installed on the server which was no longer used, so deleted the cert, and weeks of emails flooded in!
     
  6. popowich

    popowich EQ Forum Admin Staff Member

    Joined:
    Aug 12, 2008
    Messages:
    8,994
    Likes Received:
    120
    Can both of you compare the anti-spam, virus, and reputation services you are using on your exchange servers?

    The sender score for that 1&1 outgoing relay isn't the greatest, but not absolutely terrible either:

    https://senderscore.org/lookup.php?lookup=212.227.17.10&ipLookup.x=3&ipLookup.y=11

    That's based on the past 4 weeks of public history.

    Anyone operating a mail server should want to stay above 80.

    Anything under 60 and the real problems sending start to kick in.

    It looks like the reputation on that IP does drift lower often enough.

    Does your receiving from 1&1 never work or it's an intermittent problem?

    Can you try escalating at 1&1 and asking if their outgoing mail logs show any errors?

    If you have any of the Microsoft reputation checking services on your exchange servers can you try whitelisting some of the 1&1 outgoing IP addresses?

    The root of the problem might be the 1&1 reputation, but you might have to whitelist since there is nothing you can do to fix that expect use a different mail service, and it's costly and some effort for them to try and fix the root of the problem with shared relays on their end too.

    :welcome: to Email Questions!
     
  7. popowich

    popowich EQ Forum Admin Staff Member

    Joined:
    Aug 12, 2008
    Messages:
    8,994
    Likes Received:
    120
    Whoops, you replied with the fix while I was typing up my response.

    Thank you for sharing the fix!
     
  8. Mallers

    Mallers New Email

    Joined:
    Apr 13, 2014
    Messages:
    4
    Likes Received:
    0
    I tried switching off TLS and restarting the SMTP Virtual Server but that did not fix the problem.

    I'll try and answer all these questions:

    Can both of you compare the anti-spam, virus, and reputation services you are using on your exchange servers?
    >> Unless this is a MS feature, it is not running any 3rd party features.

    Does your receiving from 1&1 never work or it's an intermittent problem?
    >> Never works (although it used to always work up until 3-4 weeks ago)

    Can you try escalating at 1&1 and asking if their outgoing mail logs show any errors?
    >> Beleive me I have tried. They will not forward ANY logs to me.

    If you have any of the Microsoft reputation checking services on your exchange servers can you try whitelisting some of the 1&1 outgoing IP addresses?
    >> Would the reputation checking block the SMTP connection at first contact? I have the same problem as Lectrician where the SMTP converstion seems to go through the normal routine except that my server never receives the DATA command. Example below:

    2014-04-15 10:02:31 212.227.126.130 moutng.kundenserver.de SMTPSVC1 SERVER1 10.0.0.40 0 EHLO - +moutng.kundenserver.de 250 0 296 27 0 SMTP - - - -
    2014-04-15 10:02:31 212.227.126.130 moutng.kundenserver.de SMTPSVC1 SERVER1 10.0.0.40 0 STARTTLS - - 220 0 0 8 0 SMTP - - - -
    2014-04-15 10:02:31 212.227.126.130 moutng.kundenserver.de SMTPSVC1 SERVER1 10.0.0.40 0 STARTTLS - - 220 0 29 8 0 SMTP - - - -
    2014-04-15 10:02:31 212.227.126.130 moutng.kundenserver.de SMTPSVC1 SERVER1 10.0.0.40 0 EHLO - +moutng.kundenserver.de 250 0 306 27 0 SMTP - - - -
    2014-04-15 10:02:31 212.227.126.130 moutng.kundenserver.de SMTPSVC1 SERVER1 10.0.0.40 0 MAIL - +FROM:<ian@my1&1domain.co.uk> 250 0 76 30 0 SMTP - - - -
    2014-04-15 10:02:31 212.227.126.130 moutng.kundenserver.de SMTPSVC1 SERVER1 10.0.0.40 0 RCPT - +TO:<ian@custdomain.co.uk> 250 0 65 29 0 SMTP - - - -
    2014-04-15 10:02:31 212.227.126.130 moutng.kundenserver.de SMTPSVC1 SERVER1 10.0.0.40 0 QUIT - moutng.kundenserver.de 240 250 79 4 0 SMTP - - - -

    My customer is a 1&1 customer but they do not use the 1&1 mailservers.
    Any clues?
    Thanks
     
  9. popowich

    popowich EQ Forum Admin Staff Member

    Joined:
    Aug 12, 2008
    Messages:
    8,994
    Likes Received:
    120
    Not necessarily.

    I'm using a more modern phrase reputation checking for what was really called connection filtering in Exchange 2003.

    Those checks work more like 1999 email filtering than 2014.

    My best guess right now is that even though the 1&1 server reputation score is OK, it's on a blacklist that your server is configured to check:

    Blacklist check for 212.227.126.130

    Can you check your Block List Service Configuration?

    Message Delivery Properties.JPG

    Do you have any of the listed RBL's such as SORBS, Backscatter, or Lashback configured?

    Try disabling the RBL checks and see if that fixes the problem with 1&1

    If that's the problem I recommend leaving those disabled and start using the Spamhaus RBL since it has a low false positive rate.
     
  10. Mallers

    Mallers New Email

    Joined:
    Apr 13, 2014
    Messages:
    4
    Likes Received:
    0
    There is no Connection Filtering set in the Message Delivery properties.
    The Block List Service Configuration list is empty.
    Also the Exception list is empty as are the Global Accept and Deny lists.
     
  11. popowich

    popowich EQ Forum Admin Staff Member

    Joined:
    Aug 12, 2008
    Messages:
    8,994
    Likes Received:
    120
    Did you restart the mail services after disabling TLS and starting the testing above?

    It doesn't sound like the messages from 1&1 are too big since every message is stalling?

    Try these commands if you have GFI handling some of these functions:

    To disable and test: \GFI\MailEssentials\stop_snks.cmd

    To enable after testing: \GFI\MailEssentials\start_snks.cmd
     
  12. Mallers

    Mallers New Email

    Joined:
    Apr 13, 2014
    Messages:
    4
    Likes Received:
    0
    Server has been rebooted a couple of times.
    Messages are very small, like just "test" in the subject.

    Not sure what or where GFI is, sorry.
     

Want to reply or ask your own question?

It only takes a minute to sign up (and it's free!). Click the orange sign up button to choose a username and then you can ask your own questions on the forum.
Loading...