Friday, January 14, 2011

SBS 2003 suddenly not delivering emails to outside domains

This afternoon our server in the office suddenly started refusing to deliver mail to outside domains - email for our domain is still delivered. I've tried Googling around and I can't find anything quite like this. It's Small Business Server 2003 SP2 and has been running fine for two years. There are only about 10 accounts on it (6 in use).

As soon as I send an email from Outlook or OWA or even via SMTP (from a machine that sends out periodic emails from a cron job) a NDR is generated:

Your message did not reach some or all of the intended recipients.

  Subject:    test from owa
  Sent:   17/07/2009 10:08 PM

The following recipient(s) could not be reached:

  xxx@xxx.xxx on 17/07/2009 10:08 PM
        You do not have permission to send to this recipient.  For

assistance, contact your system administrator. xxx@xxx.xxx... Relaying denied. Proper authentication required.

(I've changed the domain to example.com and masked out the destination address: it doesn't matter what destination email address (other than local accounts) is used the result is the same)

There were no software installed or configurations changed. I've checked the authentication settings and they still allow SMTP from the LAN but the same happens from all user accounts through OWA and Outlook I've checked. I've checked for extra connections in netstat and there aren't suspicious looking emails in the Message Tracking Center, in case it was hacked. I've checked a blacklist checking site and our IP address isn't listed. I've tried disabling and changing the "smart host" and that results in the exact same problem. I've even tried rebooting the server!

It's 11pm Friday night here and the the boss doesn't want to be without email over the weekend...

Where are some places I can look to fix this problem? We are planning a migration to SBS 2008 in the coming weeks, but it would be handy if the current box worked until then!

Thanks in advance.

From serverfault $pageUsers[$entry.posts[0].author].name

  • I bet whatever server your SBS box is using as its outbound smarthost (your ISP's mail server?) has had SMTP authentication turned on.

    Find the smarthost in the SBS settings (Exchange System Manager from memory), contact whoever is responsible for running that server, and talk to them about authentication.

    You might also like to try doing a Wireshark trace on your SBS box' internet-facing network card - watch for any outbound SMTP connection, and look at what's actually happening on the wire. This might well give you more clues.

    Good luck, I don't envy you. My experience with SBS is, shall we say, not so good. Moving to Server 2008 Standard was a great move for me.

    From tomfanning

  • Hi Ben. Enable logging on the SMTP server and tick all the logging fields. That way you'll be able to see exactly what exchange is trying to do. To enable logging open the Exchange System Manager, expand Servers then your server name then Protocols then SMTP, right click the Default SMTP server and click Properties. On the "General" tab enable logging, click the Properties button and on the Advanced tab click all the options. Restart the Simple Mail Transport Service to make sure the changes happen immediately.

    To debug the message sending process see http://ratsauce.sourceforge.net/index.html#smtputil. You can use this to send a test message from the command prompt and it will show you all the protocol messages.

    Some ISPs do not allow you to send SMTP mail at all unless you comply with various requirements like using their server, using authentication or whatever. ISPs sometimes also block SMTP mail if they think you're abusing it. If SMTPUtil reports errors sending mail out you might try asking your ISP.

    JR

    From John Rennie

  • Call you ISP, ask them how you can send mail from your location, its not uncommon for they to just change stuff and not tell customers.

    If you don't have a smart host, try using your ISP's (call and ask if its the right one to use)

    If you do have a smart host, try sending direct instead

    From SpaceManSpiff

  • Try sending a message directly by talking directly to the SMTP server via telnet:

    telnet mailserver.com 25
ehlo mydomain.com
mail from:youremail@yourdomain.com
rcpt to:outsideemail@google.com
data
testing
.(then hit enter 2x)

    Does it accept your message? If it does, then you should look into your smart host. If it doesn't, then you should look into something like this:

    http://helpdeskgeek.com/networking/you-do-not-have-permission-to-send-to-this-recipient/

    The bounce back should also have given you an SMTP code, such as 5.7.1 - Those are helpful for troubleshooting as well.

    From Will
Posted by Mu Cat at 12:46 AM

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)