Emails with attachment from some domains not getting through
We have problems in receiving emails with attachments from several domains.
We are using Cisco PIX515E with OS ver 7.2. We have three public MX records and configure the firewall to forward emails to three anti-spam box running GFI as SMTP smarthost and the final destination is our Exchange 2003 server.
When I look at the queue from all three smarthosts, I can see the email sitting in the queue and when I tried to open the attachment, it is incomplete. What happened next is that this email will sit there until the SMTP timeout and the sender will receive a bounce back saying message timeout and will try to deliver again. It will keep going on and on until the server on the other end gave up.
I have contact GFI and verified that their product only work after entire message has been received. Therefore, it is not the antispam. I also tried to disable the "inspect smtp" on the firewall and upgraded it from 7.0 to 7.2.
All three smarthosts will have the same result after they receive emails from these domains, i.e. emails with incomplete attachments.
I am running out of ideas now and hope there is a suggestion here.
Re: Emails with attachment from some domains not getting through
Here the problem is seeming tp be of reverse DNS.
There is a SMTP communication problem with the recipient's email server.
Inbound mail is routed through some IP That has a dns and rdns entry that match. Outbound mail is routed through the external IP of the PIX. That does not have an RDNS (reverse DNS)entry and your ISP doesn't match the DNS entry.
Based on my research, if the Telnet to the destination domain works, but
cannot send email to the certain problematic domain names, it is most likely a DNS issue. Since this issue only occurs with certain domain names, so the reason maybe is: some of mail servers in the Internet will perform a reverse lookup when a SMTP connection is established. If the mail server does not get the correct info from the reverse lookup, it will drop the
connection. So please contact your ISP to check the DNS records for your domain to make sure that your Exchange server has a correct reverse DNS record (PTR record).
but if the issue is that you can't send email to some domains Check if it's actually the remote mail server denies the queuing request? If so, one should get a Smart Host or get the remote Mail server exclude their IP from the black list.
also you can do one thing,
create a testing SMTP connector to by Bypass DNS Name Resolution to Test SMTP Mail Flow to Remote Domains.
a. Open Exchange System Manager (ESM).
b. Expand to Administrative Groups->first administrative group->Routing Groups->first routing group->Connectors->SMTP Connector.
c. Right-click SMTP Connector and then click Properties.
d. Click Advanced.
e. Click to select Send "HELO instead of EHLO" and then click OK.
f. Restart all Exchange related services and test this issue again.
Please enable SMTP logging and gather SMTP log to troubleshoot the issue.
A. Open Exchange System Manager, expand Servers -> ->
Introduction This article will help you understand the steps on how to
download the UCS licenses from the Cisco Systems website and then
installing it on the UCS. The redacted (blue lines) just covers up
certain numbers for privacy please do not take them...
Introduction This article will help you understand and educate the
customer on how to clear their "expired licenses"
(license-graceperiod-expired) from their UCS-M. If a customer just
purchased a license and needs a step by step guide on how to download
Introduction Prepositioning is a powerful tools on the WAAS platform but
it is not always easy to figure out why your jobs are failing when
trying to retrieve the files.Here is a method that should help you to
figure out the reason why they are not succes...