Very weird email bounce problem

Haggisman

Haggisman

Haggisman

Soldato
Joined
6 Oct 2004
Posts
18,809
Location
Birmingham
I've had a couple of calls today about some email problems from one of our customers, which have me completely stumped.

When they try to email someone in our domain, they get an NDR:

Error transferring to CLUSTER3OUT.EU.MESSAGELABS.COM ; SMTP Protocol Returned a Permanent Error 550 (#5.1.1)

Now, a 5.1.1 error means unresolved recipient, which should in theory be an obvious one, except for the following facts.

Other external customers can send emails to the same internal address with no problems. This would point to an issue with the customer's systems.

But, the same customer can still send emails to other external addresses (I got them to test sending to a gmail address which went through fine).

So this has got me puzzled!!

If anyone has any suggestions on things to check, I would be very grateful!

Thanks :)
 
Yeah they do (this was how the problem was originally discovered).

I've checked in both Forefront and Exchange - nothing in either filter, I've also added both their domain, and the individual senders as trusted senders so they should bypass the spam filters completely, and they still get the same error.
 
They're not blacklisted according to network-tools.com.

I can't get onto their server to do anything unfortunately, but it looks like the NDR is from their server which is using messagelabs. I've just realised this is Symantec, so what tonym is saying may be something to do with it.

Just a bit strange that they can still email out to other domains and we can still receive from other domains!
 
Nope, the domain is due to expire in December, but still current so far.

I managed to telnet into their exchange.

helo got no response

ehlo gives a response with a list of extensions

mail from: <sender address> gives a "sender ok" confirmation

rcpt to: <my address> gives error 550 5.7.1 unable to relay for <my address>
 
So an update:

It appears we do have an account with Symantec - probably something my predecessor should have told me - but they can't see anything on their end, I forwarded them the NDR and apparently it's from our customer's mail server, so I guess that's a relief it's not our fault as I've been getting lots of grief about it :p

Just raised a call with customer's IT team who are going to look into it.

Thanks for all the suggestions - will update again as and when I hear anything :)
 
You must log in or register to reply here.
Back
Top Bottom