Emails with attachment from some domains not getting through

Unanswered Question

We have problems in receiving emails with attachments from several domains.

We are using Cisco PIX515E with OS ver 7.2. We have three public MX records and configure the firewall to forward emails to three anti-spam box running GFI as SMTP smarthost and the final destination is our Exchange 2003 server.

When I look at the queue from all three smarthosts, I can see the email sitting in the queue and when I tried to open the attachment, it is incomplete. What happened next is that this email will sit there until the SMTP timeout and the sender will receive a bounce back saying message timeout and will try to deliver again. It will keep going on and on until the server on the other end gave up.

I have contact GFI and verified that their product only work after entire message has been received. Therefore, it is not the antispam. I also tried to disable the "inspect smtp" on the firewall and upgraded it from 7.0 to 7.2.

All three smarthosts will have the same result after they receive emails from these domains, i.e. emails with incomplete attachments.

I am running out of ideas now and hope there is a suggestion here.

Thanks.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
sachinga.hcl Tue, 09/23/2008 - 08:52

HI ,

Here the problem is seeming tp be of reverse DNS.

There is a SMTP communication problem with the recipient's email server.

Inbound mail is routed through some IP That has a dns and rdns entry that match. Outbound mail is routed through the external IP of the PIX. That does not have an RDNS (reverse DNS)entry and your ISP doesn't match the DNS entry.

Based on my research, if the Telnet to the destination domain works, but

cannot send email to the certain problematic domain names, it is most likely a DNS issue. Since this issue only occurs with certain domain names, so the reason maybe is: some of mail servers in the Internet will perform a reverse lookup when a SMTP connection is established. If the mail server does not get the correct info from the reverse lookup, it will drop the

connection. So please contact your ISP to check the DNS records for your domain to make sure that your Exchange server has a correct reverse DNS record (PTR record).

but if the issue is that you can't send email to some domains Check if it's actually the remote mail server denies the queuing request? If so, one should get a Smart Host or get the remote Mail server exclude their IP from the black list.

also you can do one thing,

create a testing SMTP connector to by Bypass DNS Name Resolution to Test SMTP Mail Flow to Remote Domains.

a. Open Exchange System Manager (ESM).

b. Expand to Administrative Groups->first administrative group->Routing Groups->first routing group->Connectors->SMTP Connector.

c. Right-click SMTP Connector and then click Properties.

d. Click Advanced.

e. Click to select Send "HELO instead of EHLO" and then click OK.

f. Restart all Exchange related services and test this issue again.

Please enable SMTP logging and gather SMTP log to troubleshoot the issue.

A. Open Exchange System Manager, expand Servers -> ->

Protocols -> SMTP, right-click "Default SMTP Virtual Server" and click Properties.

B. Under the General tab, check the option "Enable Logging".

C. With "W3C Extended Log File Format", click "Properties".

D. Under "General Properties", make sure "Use local time for file naming and rollover" is CHECKED.

E. Switch to the "Extended Properties", and then select to enable All the logging Options.

F. Click OK to apply the modification.

G. Right-click Default SMTP Virtual Server and click Stop.

H. Right-click Default SMTP Virtual Server and click Start to restart the

SMTP server.

I. Reproduce the issue, repeat step G to stop Default SMTP Virtual Server,

copy out or zip the SMTP log files in the

"%systemroot%\system32\logfiles\SmtpSvc1" folder, and then restart the

"Default SMTP Virtual Server".

Please enable message tracking, send an testing email to the certain

problematic domain names and then check the email message under Tools->Message Tracking Center.

I am appreciated your time and cooperation. If anything is unclear, please feel free to let me know. I am looking forward to hearing from you.

Best regards,

Sachin Garg

Senior Specialist Security

HCL Comnet Ltd.

A-10, Sector 3, Noida- 201301

Actions

This Discussion