It seems we are the only company that can't send emails to this specific client. The emails we get back seem to indicate it is on their end. But after investigating further I am not so certain. (Exchange 2007 SP3.) Rejection email below: Then below that a copy of SMTPDiag. It passed the same person! But failed via email. We are using MS Forefront's cloud service. It seem the emails are going a different path. I ran SMTPDiag on our Exchange server. ------------------------------------------------------------------------------------------------ From: postmaster@travismedical.com [mailto:postmaster@travismedical.com] Sent: Monday, May 07, 2012 10:57 AM To: Steven Bauer Subject: Undeliverable: Estimate 70711 from Stealth Products, Inc. Delivery has failed to these recipients or distribution lists: wayne.cruz@travismedical.com The recipient's e-mail address was not found in the recipient's e-mail system. Microsoft Exchange will not try to redeliver this message for you. Please check the e-mail address and try resending this message, or provide the following diagnostic text to your system administrator. Diagnostic information for administrators: Generating server: mail.travismedical.com wayne.cruz@travismedical.com #< #5.1.1> #SMTP# Original message headers: Received: from mail198-ch1-R.bigfish.com ([216.32.181.171]) by mail.travismedical.com over TLS secured channel with Microsoft SMTPSVC(6.0.3790.4675); Mon, 7 May 2012 10:56:37 -0500 Received: from mail198-ch1 (localhost [127.0.0.1]) by mail198-ch1-R.bigfish.com (Postfix) with ESMTP id 3858930054F for <wayne.cruz@travismedical.com>; Mon, 7 May 2012 15:56:24 +0000 (UTC) X-SpamScore: 0 X-BigFish: VvPps0(zzc85fh1454Izz1202hz31izz2dh793h2a8h668h839hd25hd2bh34h) X-Forefront-Antispam-Report: CIP:63.97.171.28;KIP:(null);UIP:(null);IPV:NLI;H:STEALTHMSX.StealthProducts.local;RD:stealthmsx.stealthproducts.com;EFVD:NLI Received: from mail198-ch1 (localhost.localdomain [127.0.0.1]) by mail198-ch1 (MessageSwitch) id 1336406181156374_24006; Mon, 7 May 2012 15:56:21 +0000 (UTC) Received: from CH1EHSMHS001.bigfish.com (snatpool1.int.messaging.microsoft.com [10.43.68.253]) by mail198-ch1.bigfish.com (Postfix) with ESMTP id 1F01B60249; Mon, 7 May 2012 15:56:21 +0000 (UTC) Received: from STEALTHMSX.StealthProducts.local (63.97.171.28) by CH1EHSMHS001.bigfish.com (10.43.70.1) with Microsoft SMTP Server (TLS) id 14.1.225.23; Mon, 7 May 2012 15:56:16 +0000 Received: from STEALTHMSX.StealthProducts.local ([192.168.0.101]) by stealthmsx ([192.168.0.101]) with mapi; Mon, 7 May 2012 10:56:28 -0500 From: Steven Bauer <Steven@stealthproducts.com> To: "'wayne.cruz@travismedical.com'" <wayne.cruz@travismedical.com> CC: "'pcssales@swbell.net'" <pcssales@swbell.net> Date: Mon, 7 May 2012 10:56:27 -0500 Subject: Estimate 70711 from Stealth Products, Inc. Thread-Topic: Estimate 70711 from Stealth Products, Inc. Thread-Index: Ac0safWAZppQ95z3QlCP/A+yGGL+5g== Message-ID: <97921B5DFDF63C42948810A34B93A21C37195AF977@stealthmsx> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: yes X-MS-TNEF-Correlator: acceptlanguage: en-US Content-Type: multipart/mixed; boundary="_002_97921B5DFDF63C42948810A34B93A21C37195AF977stealthmsx_" MIME-Version: 1.0dLd/? X-OriginatorOrg: stealthproducts.com Return-Path: Steven@stealthproducts.com X-OriginalArrivalTime: 07 May 2012 15:56:39.0349 (UTC) FILETIME=[FD1F5650:01CD2C69] ------------------------------------------ D:\SMTPDiag>smtpdiag steve@stealthproducts.com wayne.cruz@travismedical.com /v Searching for Exchange external DNS settings. Computer name is STEALTHMSX. VSI 1 has the following external DNS servers: There are no external DNS servers configured. Checking SOA for travismedical.com. Checking external DNS servers. Checking internal DNS servers. Checking TCP/UDP SOA serial number using DNS server [192.168.0.102]. TCP test succeeded. UDP test succeeded. Serial number: 1334077735 Checking TCP/UDP SOA serial number using DNS server [192.168.0.100]. Failed: DNS server [192.168.0.100] may be down. DNS server [192.168.0.100] did not return a valid SOA record. SOA serial number match: Failed with one or more failures. Checking local domain records. Starting TCP and UDP DNS queries for the local domain. This test will try to validate that DNS is set up correctly for inbound mail. This test can fail for 3 reasons. 1) Local domain is not set up in DNS. Inbound mail cannot be routed to local mailboxes. 2) Firewall blocks TCP/UDP DNS queries. This will not affect inbound mail, but will affect outbound mail. 3) Internal DNS is unaware of external DNS settings. This is a valid configuration for certain topologies. Checking MX records using TCP: stealthproducts.com. MX: mail.global.frontbridge.com (10) A: mail.global.frontbridge.com [216.32.180.22] A: mail.global.frontbridge.com [213.199.180.150] Checking MX records using UDP: stealthproducts.com. MX: mail.global.frontbridge.com (10) A: mail.global.frontbridge.com [213.199.180.150] A: mail.global.frontbridge.com [216.32.180.22] Both TCP and UDP queries succeeded. Local DNS test passed. Checking remote domain records. Starting TCP and UDP DNS queries for the remote domain. This test will try to validate that DNS is set up correctly for outbound mail. This test can fail for 3 reasons. 1) Firewall blocks TCP/UDP queries which will block outbound mail. Windows 2000/NT Server requires TCP DNS queries. Windows Server 2003 will use UDP queries first, then fall back to TCP queries. 2) Internal DNS does not know how to query external domains. You must either use an external DNS server or configure DNS server to query external domains. 3) Remote domain does not exist. Failure is expected. Checking MX records using TCP: travismedical.com. MX: mx1.emailsrvr.com (10) MX: mx2.emailsrvr.com (20) A: mx2.emailsrvr.com [173.203.2.32] A: mx1.emailsrvr.com [98.129.184.3] Checking MX records using UDP: travismedical.com. MX: mx1.emailsrvr.com (10) MX: mx2.emailsrvr.com (20) Both TCP and UDP queries succeeded. Remote DNS test passed. Checking MX servers listed for wayne.cruz@travismedical.com. Connecting to mx1.emailsrvr.com [98.129.184.3] on port 25. Received: 220 mx1.emailsrvr.com ESMTP - VA Code Section 18.2-152.3:1 forbids sending spam through this system Sent: ehlo stealthproducts.com Received: 250-smtp61.gate.dfw1a.rsapps.net says EHLO to 63.97.171.28:57359 250-STARTTLS 250-8BITMIME 250-SIZE 75000000 250-ENHANCEDSTATUSCODES 250 PIPELINING Sent: mail from: <steve@stealthproducts.com> Received: 250 2.1.0 Ok Sent: rcpt to: <wayne.cruz@travismedical.com> Received: 250 2.1.5 Ok Sent: quit Received: 221 smtp61.gate.dfw1a.rsapps.net closing connection Successfully connected to mx1.emailsrvr.com. Connecting to mx2.emailsrvr.com [173.203.2.32] on port 25. Received: 220 mx2.emailsrvr.com ESMTP - VA Code Section 18.2-152.3:1 forbids sending spam through this system Sent: ehlo stealthproducts.com Received: 250-smtp29.gate.ord1a.rsapps.net says EHLO to 63.97.171.28:57360 250-ENHANCEDSTATUSCODES 250-PIPELINING 250-8BITMIME 250-STARTTLS 250 SIZE 75000000 Sent: mail from: <steve@stealthproducts.com> Received: 250 2.1.0 Ok Sent: rcpt to: <wayne.cruz@travismedical.com> Received: 250 2.1.5 Ok Sent: quit Received: 221 smtp29.gate.ord1a.rsapps.net closing connection Successfully connected to mx2.emailsrvr.com. D:\SMTPDiag>

I would open a ticket with Microsoft. They may have stale records or at one time handled the mail for this domain.

Thanks, I have opened a case. But I am not sure it is FOPE. I did a Message Trace on FOPE and the "To IP Address" is the mail server it should be. 67.78.68.42

It looks like the problem is with the recipient. The email has gone through the FOPE system correctly and has been delivered to their server then rejected. The last line is this: Received: from mail198-ch1-R.bigfish.com ([216.32.181.171]) by mail.travismedical.com over TLS secured channel with Microsoft SMTPSVC(6.0.3790.4675); Mon, 7 May 2012 10:56:37 -0500 That is a successful delivery to the recipient's server. Simon.Simon Butler, Exchange MVP Blog | Exchange Resources | In the UK? Hire Me.

Thanks, I have opened a case. But I am not sure it is FOPE. I did a Message Trace on FOPE and the "To IP Address" is the mail server it should be. 67.78.68.42 They will be able to tell you this for sure. I have seen this issue before.

It looks like the problem is with the recipient. The email has gone through the FOPE system correctly and has been delivered to their server then rejected. The last line is this: Received: from mail198-ch1-R.bigfish.com ([216.32.181.171]) by mail.travismedical.com over TLS secured channel with Microsoft SMTPSVC(6.0.3790.4675); Mon, 7 May 2012 10:56:37 -0500 That is a successful delivery to the recipient's server. Simon. Simon Butler, Exchange MVP Blog | Exchange Resources | In the UK? Hire Me. I agree there. They arent doing any recipient filtering, so they accept and then return. But I have seen instances similar to this when FOPE is sending to the wrong mail server unfortuantely :(

Hi, How is the issue now? Any update?Xiu Zhang TechNet Community Support

Apologize for taking so long to get back. FOPE assured me it wasn't them. I told the IT people at the domain. They in turn talked to Rackspace who said it wasn't them. And pointed them back to me. I did more research and found out they recently did a hosting change. Moving to Rackspace and moving their email. However, they did not change an A record that was pointing to mail.travismedical.com. This machine is not at Rackspace - and the one sending kicking back the emails. I called them yesterday and asked them to remove it. They said they needed because they still had people access web services this point to. In looking at this issue apparently Exchange if it can't find an MX record for the specific domain, checks an A record next, correct? Their new MX records are: ---------------------------------------- C:\Users\administrator.STEALTHPRODUCTS>nslookup -q=mx travismedical.com Server: stealthdc.stealthproducts.local Address: 192.168.0.102 Non-authoritative answer: travismedical.com MX preference = 20, mail exchanger = mx2.emailsrvr.com travismedical.com MX preference = 10, mail exchanger = mx1.emailsrvr.com mx2.emailsrvr.com internet address = 173.203.2.32 mx1.emailsrvr.com internet address = 98.129.184.3 ---------------------------- But notice the domain name is different. "emailsrvr.com" (I have flushed the caches too BTW.) See more below. So ... the question is, how do I make Exchange check the above MX records??? And stop querying the A record? Travismedical says we are the only one with this problem but admitted other "strange events" to this migration. ---------------------------- <<>> DiG 9.6-ESV-R4 <<>> -t ANY mail.travismedical.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35008 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0 ;; QUESTION SECTION: ;mail.travismedical.com. IN ANY ;; ANSWER SECTION: mail.travismedical.com. 3600 IN A 67.78.68.42 <----------machine my Exchange talks to. ;; AUTHORITY SECTION: travismedical.com. 3600 IN NS dns1.stabletransit.com. travismedical.com. 3600 IN NS dns2.stabletransit.com. ;; Query time: 102 msec ;; SERVER: 69.56.222.10#53(69.56.222.10) ;; WHEN: Mon May 14 11:39:28 2012 ;; MSG SIZE rcvd: 108

Smarthost for that domain to the good FQDN.

All my email goes to FOPE via a Smarthost. mail.global.frontbridge.com. I need to make an exception for just this domain? In the Network Tab "Route mail through the following smart hosts..." is checked.