Frustrating Inbound mail issue

Discussion in 'Windows Server Systems' started by fitz, Jul 2, 2007.

  1. fitz

    fitz Just Floating Along Staff Member Political User Folding Team

    Messages:
    4,076
    Location:
    Chicagoland
    So I have some external people that are unable to send mail to us. They get a bounce message back saying the messages timed out.

    In my logs, I can see the connection coming in:

    I see their EHLO with a 250 success message back
    I see their MAIL FROM command with a 250 success
    I see their RCPT TO: command with a 250 sucess message back

    Then...

    nothing.. the DATA command never comes through.. wondering if anyone has seen this or know why this might occur.

    Running Exchange 2003 SP2, IMF installed sitting behind an ISA 2000 server w/Server Publishing rules.

    This does not occur with everyone, just certain senders domains.
     
  2. Mastershakes

    Mastershakes Moderator

    Messages:
    1,721
    Location:
    Montreal
    Are they sending mail from their corporate accounts? (non-corporate being Hotmail, gmail, yahoo...)

    Do you use any sort of filtering software? Is there a whitelist / blacklist you can access?

    When did this start happening? Are you aware of any recent changes to the infrastructure executed by Network Operations by chance? Any modifications recently to your mail servers / proxy servers ?
     
  3. LeeJend

    LeeJend Moderator

    Messages:
    5,291
    Location:
    Fort Worth, TX
    Continued...

    Are they or their ISP using any kind of certificates or mail authentication to verify the mail is not being intercepted? Government and some corporations are under a big push to use secure email now.
     
  4. fitz

    fitz Just Floating Along Staff Member Political User Folding Team

    Messages:
    4,076
    Location:
    Chicagoland
    corporate accounts.. most domains work just fine, just certain companies seem to be having problems.

    our whitelists/blacklists are empty right now, we do use a couple RBL lists, but I checked that they are not on those

    Started happening roughly a week or two ago (at least, so say our wonderfully reliable users). No recent changes to our mail environment or the ISA server..

    Nope.. talked with the IT admins at a couple of the companies having problems sending us mail.

    Some more info, I worked with one of the companies yesterday and she was able to get on their mail server, open a telnet connection over port 25 to our mail server and send mail manually sending the commands (HELO/MAIL FROM:/RCPT TO:/DATA) without any problems.. but still having problems going through their mail servers. That info normally would tell me that they have something wrong if their mail server can telnet to port 25 and send a message sucessfully.. but the fact that it is happening with multiple senders domains from different compaines using different mail software and different ISP's in different parts of the country tell me it might be something more.
     
  5. fitz

    fitz Just Floating Along Staff Member Political User Folding Team

    Messages:
    4,076
    Location:
    Chicagoland
    *sigh*

    Problem is "solved". I installed Windows 2003 SP1 on the ISA box a couple months ago. Apparently, the problem has been occurring since then.. but my users didn't complain until a couple weeks ago.

    The problem is, now I have a box that is near the edge that isn't fully patched.

    Damn Microsoft!
     
  6. madmatt

    madmatt Bow Down to the King Political User

    Messages:
    13,312
    Location:
    New York
    Try SP2.
     
  7. fitz

    fitz Just Floating Along Staff Member Political User Folding Team

    Messages:
    4,076
    Location:
    Chicagoland
    yeah.. going to shortly. But since service packs are cumulative, i'm guessing we'll have the same problem.

    edit:
    working with some of the groups that we were having problems with to arrange a time that I can test the SP2 install to see if teh problem reappears
     
    Last edited: Jul 11, 2007
  8. madmatt

    madmatt Bow Down to the King Political User

    Messages:
    13,312
    Location:
    New York
    Is ISA 2000 compatible (or supposed to be) with SP1/SP2?
     
  9. fitz

    fitz Just Floating Along Staff Member Political User Folding Team

    Messages:
    4,076
    Location:
    Chicagoland
    it probably was never tested since isa2000 is End of Life.

    Time to hit the boss up for some money for an upgrade.
     
  10. LordOfLA

    LordOfLA Godlike!

    Messages:
    7,027
    Location:
    Maidenhead, Berkshire, UK
    put a openbsd box in there instead of ISA.

    PF is awesome for packetfiltering and traffic routing to internal networks :)
     
  11. fitz

    fitz Just Floating Along Staff Member Political User Folding Team

    Messages:
    4,076
    Location:
    Chicagoland
    I would love an openBSD/freeBSD box.. or even a linux box.. we'll have to see how well I can sell it though ;)
     
  12. LordOfLA

    LordOfLA Godlike!

    Messages:
    7,027
    Location:
    Maidenhead, Berkshire, UK
    Well it's $0 on existing hardware. Can't get much easier...