+ Post New Thread
Results 1 to 14 of 14
Enterprise Software Thread, NDR errors on email, but only with some senders in Technical; We have had an issue with email for a while. We have exchange 2010 behind an isa 2006 firewall. This ...
  1. #1

    Join Date
    Jan 2013
    Location
    N E Lincs
    Posts
    9
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    NDR errors on email, but only with some senders

    We have had an issue with email for a while. We have exchange 2010 behind an isa 2006 firewall. This is then on a virgin media big red connection. Also connected into this connection is our frog vle.

    Some of our senders can send email to us with no problems. But we have some senders who can't and they get a ndr return of 554 5.7.1 relay not allowed. The thing is this ndr is not being returned by our exchange server, it is being returned by the ip address from our frog vle. All our mx records on the Internet are correct and external pings, nslookups and trace routes back correct.

    We use the frog vle for our website which is using the same domain as our exchange email but not using the email on the frog vle with the same domain.

    Has anyone any suggestions or ideas of what this may be? I have paid for engineering time for this issue and it has still not been solved.

    Any help would be fantastic.

  2. #2

    twin--turbo's Avatar
    Join Date
    Jun 2012
    Location
    Carlisle
    Posts
    2,334
    Thank Post
    1
    Thanked 381 Times in 340 Posts
    Rep Power
    150
    Quote Originally Posted by Webgeek View Post
    We have had an issue with email for a while. We have exchange 2010 behind an isa 2006 firewall. This is then on a virgin media big red connection. Also connected into this connection is our frog vle.

    Some of our senders can send email to us with no problems. But we have some senders who can't and they get a ndr return of 554 5.7.1 relay not allowed. The thing is this ndr is not being returned by our exchange server, it is being returned by the ip address from our frog vle. All our mx records on the Internet are correct and external pings, nslookups and trace routes back correct.

    We use the frog vle for our website which is using the same domain as our exchange email but not using the email on the frog vle with the same domain.

    Has anyone any suggestions or ideas of what this may be? I have paid for engineering time for this issue and it has still not been solved.

    Any help would be fantastic.
    How long has it been going on?
    has the MX ever pointed at the Frog IP?
    Is it senders from the same domains each time?

    Rob

  3. #3

    Join Date
    Jan 2013
    Location
    N E Lincs
    Posts
    9
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Quote Originally Posted by twin--turbo View Post
    How long has it been going on?
    has the MX ever pointed at the Frog IP?
    Is it senders from the same domains each time?

    Rob
    Thank you for the reply Rob

    It has been going on for about 6 months.

    I have never pointed my mx record at my frog ip.

    It happens with a select few domains, mainly LEA's and a few others.

    Ant

  4. #4

    twin--turbo's Avatar
    Join Date
    Jun 2012
    Location
    Carlisle
    Posts
    2,334
    Thank Post
    1
    Thanked 381 Times in 340 Posts
    Rep Power
    150
    You could do with asking one of them what their DNS is and then running an MX query for your domain against it.

    I use MX Lookup Tool - Check your DNS MX Records online - MxToolbox most of the time for testing.

    Rob

  5. #5

    Join Date
    Jan 2013
    Location
    N E Lincs
    Posts
    9
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Rob

    I have got a few of them to check and they come back with the correct ip for the exchange server.

    I have also used the various tools on mxtoolbox to check things and it comes back ok.

    Ant

  6. #6

    glennda's Avatar
    Join Date
    Jun 2009
    Location
    Sussex
    Posts
    7,821
    Thank Post
    272
    Thanked 1,140 Times in 1,036 Posts
    Rep Power
    351
    Where the domains ever in the control of the LEA (inc DNS) - could it be they still have legacy DNS records on their system?

  7. #7

    Join Date
    Jan 2013
    Location
    N E Lincs
    Posts
    9
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Quote Originally Posted by glennda View Post
    Where the domains ever in the control of the LEA (inc DNS) - could it be they still have legacy DNS records on their system?
    Glenda

    No the LEA have never had control of any of our domains and especially not this one.

    Ant

  8. #8

    glennda's Avatar
    Join Date
    Jun 2009
    Location
    Sussex
    Posts
    7,821
    Thank Post
    272
    Thanked 1,140 Times in 1,036 Posts
    Rep Power
    351
    Quote Originally Posted by Webgeek View Post
    Glenda

    No the LEA have never had control of any of our domains and especially not this one.

    Ant
    maybe you could ask to see what DNS forwarders they use - then do nslookups against these?

    I presume your mail comes direct rather than through an external content filter?

  9. #9

    Join Date
    Oct 2010
    Location
    Norfolk
    Posts
    120
    Thank Post
    1
    Thanked 20 Times in 19 Posts
    Rep Power
    12
    Hi, I would ask the ISP to setup a reverse dns to your mail server. Use all of the tools on MX toolbox to instruct you. I use to have loads of problems sending and receiving to certain companies and LEA's due to this. It sounds like a very similar problem and error message that I had. Also maybe worth checking if the IP address has been black listed etc.

  10. #10

    Join Date
    Jan 2008
    Location
    Cheshire, UK
    Posts
    340
    Thank Post
    68
    Thanked 60 Times in 42 Posts
    Rep Power
    48
    We had a similar problem when we switched ISP's. Our email used to come in via the LEA mail relay / filter. After we moved the LEA mail still came via the old broadband link, this was because they had configured their mail relay to send the messages to a specific IP rather than looking up the MX record. A quick change at the LEA and all was working again. So I would look to see if you can get full headers from these problem domains and see if there is anything common between them. It could be they are all using the same relay and that relay is configured to a specific IP rather than lookup to MX.

  11. #11

    Join Date
    Jan 2013
    Location
    N E Lincs
    Posts
    9
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Quote Originally Posted by glennda View Post
    maybe you could ask to see what DNS forwarders they use - then do nslookups against these?

    I presume your mail comes direct rather than through an external content filter?
    I will get some of them to give me their dns forwarders and yes all our emails come direct rather then through an external content filter.

  12. #12

    Join Date
    Jan 2013
    Location
    N E Lincs
    Posts
    9
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Quote Originally Posted by teklogic View Post
    Hi, I would ask the ISP to setup a reverse dns to your mail server. Use all of the tools on MX toolbox to instruct you. I use to have loads of problems sending and receiving to certain companies and LEA's due to this. It sounds like a very similar problem and error message that I had. Also maybe worth checking if the IP address has been black listed etc.
    The ISP have setup a reverse dns for the mail server already as we were blacklisted before because we did not have a reverse dns that matched our IP address. I have used most tools on mxtoolbox but I will have another look and see if I have missed something. I will also check the various black list sites to double check our IP address.

  13. #13

    Join Date
    Jan 2013
    Location
    N E Lincs
    Posts
    9
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Quote Originally Posted by sjatkn View Post
    We had a similar problem when we switched ISP's. Our email used to come in via the LEA mail relay / filter. After we moved the LEA mail still came via the old broadband link, this was because they had configured their mail relay to send the messages to a specific IP rather than looking up the MX record. A quick change at the LEA and all was working again. So I would look to see if you can get full headers from these problem domains and see if there is anything common between them. It could be they are all using the same relay and that relay is configured to a specific IP rather than lookup to MX.
    We did have our Internet link changed but that was over 2 years ago. I will have a chat with the lea and the other companies to get them to check their relays.

  14. #14

    Join Date
    Jan 2013
    Location
    N E Lincs
    Posts
    9
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    I think we have solved the problem now! We seemed to have had an issue with our external DNS. There were two conflicting DNS records set.

    Thank you to everyone who helped!

    Ant



SHARE:
+ Post New Thread

Similar Threads

  1. Done but with error on the page
    By bodminman in forum Internet Related/Filtering/Firewall
    Replies: 5
    Last Post: 27th September 2011, 08:29 PM
  2. Exchange 2010 ECP 'GetList' error on some functions
    By mb2k01 in forum Windows Server 2008 R2
    Replies: 4
    Last Post: 15th January 2010, 10:43 AM
  3. Wierd Error with some scripts.
    By Disease in forum Wireless Networks
    Replies: 0
    Last Post: 10th November 2009, 12:31 PM
  4. Help with some windows errors (please!!)
    By maniac in forum Windows
    Replies: 5
    Last Post: 12th April 2007, 04:31 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •