Incoming emails not arriving from one SMTP server

Lectrician

New Email
I have had my Exchange SBS 2003 server doing my mail for a few years, with my domains MX record pointing to the server.

I receive and send emails just fine, and have done for years.

I host my domains with 1and1, and although the MX records point to my own server, I make use of one mailbox at 1and1 to use the auth.smtp.1and1.co.uk outgoing mail server to be able to send email from dumb items like my UPS, Printer, CCTV, Door Entry etc. This has worked fine for years.

I upgraded from 1and1 home to 1and1 unlimited, and think this may just be a coincidence, but since doing so, one my domains no longer receives any emails if sent via the 1and1 auth.smtp server.

I have other people who have completely seperate 1and1 accounts, and use the auth.smtp server for their outgoing mail, and I now no longer get their emails either.

It only affects one domain/one exchange server. (this server only has one domain pointing at it).

If I log the incoming SMTP connection, I can see the below:

Email via auth.smtp.1and1.co.uk (emails never arrive)
22:24:33 212.227.17.10 EHLO - 250
22:24:33 212.227.17.10 STARTTLS - 220
22:24:33 212.227.17.10 STARTTLS - 220
22:24:33 212.227.17.10 EHLO - 250
22:24:33 212.227.17.10 MAIL - 250
22:24:33 212.227.17.10 RCPT - 250
22:24:33 212.227.17.10 QUIT - 240

Email from someone else (this worked and arrived)
22:26:04 xxx.xxx.xxx.xxx EHLO - 250
22:26:04 xxx.xxx.xxx.xxx STARTTLS - 220
22:26:04 xxx.xxx.xxx.xxx STARTTLS - 220
22:26:04 xxx.xxx.xxx.xxx EHLO - 250
22:26:04 xxx.xxx.xxx.xxx MAIL - 250
22:26:04 xxx.xxx.xxx.xxx RCPT - 250
22:26:05 xxx.xxx.xxx.xxx DATA - 250 <<<<<notice data here
22:26:05 xxx.xxx.xxx.xxx QUIT – 240

Notice the DATA connection is missing from the 1and1 auth.smtp connection??

As some others have confirmed they can not send me emails, I am concerned I am missing others.

1and1 are unhelpful, and simply tell me to use their mailservers.

NO bounce back emails are generated or received.

Any ideas guys?

It's driving me mad!

Thanks :)
 

Lectrician

New Email
Thanks. The exchange server is not a hosted 1and1 one, it is part of SBS2003 running on my office server.

My server receives email via my domain, the domains MX record pointing to it. The server happily sends out emails using my ISPs SMTP server.

I wouldn't have access to that SMTP server you link to, as its for hosted exchange customers.
 

Mallers

New Email
At last I have found someone with excatly the same problem as me.

I also see the same problem whereby the 1&1 server starts an SMTP connection and goes through all of the commands except the DATA command.
I have spent quite some time on the phone to 1&1 support but all they tell me is that it is not their SMTP server at the receiving end so they cannot support me.

Same symptoms:
I use an email address on my 1&1 account to make use of the outgoing server for iphones (AUTH.SMTP.1AND1.CO.UK ) but all incoming email should follow DNS and MX records.
NON 1&1 customers can send to the Exchange server (2003) no problem.
Outgoing mail from my server uses DNS (no relay host).

I know I am not giving you any solutions here but maybe this might create some momentum for others to help.
Thanks for listening.
 

Lectrician

New Email
Hi.

1and1 did escalate in the end, and said there was an issue with TLS on my SBS exchange server, and that their server would not be able to send email to it. A known SBS bug apparently.

They told me to upgrade my server, or disable TLS. I disabled TLS (it wasn't meant to be on anyway), and all started to work fine.

TLS had remained on from a previous cert installed on the server which was no longer used, so deleted the cert, and weeks of emails flooded in!
 

popowich

EQ Forum Admin
Staff member
Can both of you compare the anti-spam, virus, and reputation services you are using on your exchange servers?

The sender score for that 1&1 outgoing relay isn't the greatest, but not absolutely terrible either:

https://senderscore.org/lookup.php?lookup=212.227.17.10&ipLookup.x=3&ipLookup.y=11

That's based on the past 4 weeks of public history.

Anyone operating a mail server should want to stay above 80.

Anything under 60 and the real problems sending start to kick in.

It looks like the reputation on that IP does drift lower often enough.

Does your receiving from 1&1 never work or it's an intermittent problem?

Can you try escalating at 1&1 and asking if their outgoing mail logs show any errors?

If you have any of the Microsoft reputation checking services on your exchange servers can you try whitelisting some of the 1&1 outgoing IP addresses?

The root of the problem might be the 1&1 reputation, but you might have to whitelist since there is nothing you can do to fix that expect use a different mail service, and it's costly and some effort for them to try and fix the root of the problem with shared relays on their end too.

:welcome: to Email Questions!
 

popowich

EQ Forum Admin
Staff member
Whoops, you replied with the fix while I was typing up my response.

Thank you for sharing the fix!
 

Mallers

New Email
I tried switching off TLS and restarting the SMTP Virtual Server but that did not fix the problem.

I'll try and answer all these questions:

Can both of you compare the anti-spam, virus, and reputation services you are using on your exchange servers?
>> Unless this is a MS feature, it is not running any 3rd party features.

Does your receiving from 1&1 never work or it's an intermittent problem?
>> Never works (although it used to always work up until 3-4 weeks ago)

Can you try escalating at 1&1 and asking if their outgoing mail logs show any errors?
>> Beleive me I have tried. They will not forward ANY logs to me.

If you have any of the Microsoft reputation checking services on your exchange servers can you try whitelisting some of the 1&1 outgoing IP addresses?
>> Would the reputation checking block the SMTP connection at first contact? I have the same problem as Lectrician where the SMTP converstion seems to go through the normal routine except that my server never receives the DATA command. Example below:

2014-04-15 10:02:31 212.227.126.130 moutng.kundenserver.de SMTPSVC1 SERVER1 10.0.0.40 0 EHLO - +moutng.kundenserver.de 250 0 296 27 0 SMTP - - - -
2014-04-15 10:02:31 212.227.126.130 moutng.kundenserver.de SMTPSVC1 SERVER1 10.0.0.40 0 STARTTLS - - 220 0 0 8 0 SMTP - - - -
2014-04-15 10:02:31 212.227.126.130 moutng.kundenserver.de SMTPSVC1 SERVER1 10.0.0.40 0 STARTTLS - - 220 0 29 8 0 SMTP - - - -
2014-04-15 10:02:31 212.227.126.130 moutng.kundenserver.de SMTPSVC1 SERVER1 10.0.0.40 0 EHLO - +moutng.kundenserver.de 250 0 306 27 0 SMTP - - - -
2014-04-15 10:02:31 212.227.126.130 moutng.kundenserver.de SMTPSVC1 SERVER1 10.0.0.40 0 MAIL - +FROM:<ian@my1&1domain.co.uk> 250 0 76 30 0 SMTP - - - -
2014-04-15 10:02:31 212.227.126.130 moutng.kundenserver.de SMTPSVC1 SERVER1 10.0.0.40 0 RCPT - +TO:<ian@custdomain.co.uk> 250 0 65 29 0 SMTP - - - -
2014-04-15 10:02:31 212.227.126.130 moutng.kundenserver.de SMTPSVC1 SERVER1 10.0.0.40 0 QUIT - moutng.kundenserver.de 240 250 79 4 0 SMTP - - - -

My customer is a 1&1 customer but they do not use the 1&1 mailservers.
Any clues?
Thanks
 

popowich

EQ Forum Admin
Staff member
Would the reputation checking block the SMTP connection at first contact?
Not necessarily.

I'm using a more modern phrase reputation checking for what was really called connection filtering in Exchange 2003.

Those checks work more like 1999 email filtering than 2014.

My best guess right now is that even though the 1&1 server reputation score is OK, it's on a blacklist that your server is configured to check:

Blacklist check for 212.227.126.130

Can you check your Block List Service Configuration?

Message Delivery Properties.JPG

Do you have any of the listed RBL's such as SORBS, Backscatter, or Lashback configured?

Try disabling the RBL checks and see if that fixes the problem with 1&1

If that's the problem I recommend leaving those disabled and start using the Spamhaus RBL since it has a low false positive rate.
 

Mallers

New Email
There is no Connection Filtering set in the Message Delivery properties.
The Block List Service Configuration list is empty.
Also the Exception list is empty as are the Global Accept and Deny lists.
 

popowich

EQ Forum Admin
Staff member
Did you restart the mail services after disabling TLS and starting the testing above?

It doesn't sound like the messages from 1&1 are too big since every message is stalling?

Can both of you compare the anti-spam, virus, and reputation services you are using on your exchange servers?

>> Unless this is a MS feature, it is not running any 3rd party features.

Try these commands if you have GFI handling some of these functions:

To disable and test: \GFI\MailEssentials\stop_snks.cmd

To enable after testing: \GFI\MailEssentials\start_snks.cmd
 

Mallers

New Email
Did you restart the mail services after disabling TLS and starting the testing above?

It doesn't sound like the messages from 1&1 are too big since every message is stalling?



Try these commands if you have GFI handling some of these functions:

To disable and test: \GFI\MailEssentials\stop_snks.cmd

To enable after testing: \GFI\MailEssentials\start_snks.cmd

Server has been rebooted a couple of times.
Messages are very small, like just "test" in the subject.

Not sure what or where GFI is, sorry.
 
Top