Jump to content

Change Mode

Exchange Guru Needed - Cannot send mail suddenly

Recommended Posts

Afternoon, all.

I am not too sharp on Exchange.. That said, I have a friend who's exchange server is suddenly not allowing anyone on the network to send email. They can receive just fine. The error message they are getting is pictured below. I have checked their mail server against global blacklists, and they are not blacklisted. This message appears to be coming directly from the exchange server before it ever hits the receiving server anyway, and it happens no matter who they try to send an email to:


Posted Image







Link to post
Share on other sites

I am no guru, but the message is very definite as to why, the network has blocked out going mail due to the amount of previous mail it has sent, it's as though there is an infection auto sending email to all recipients in the address book(s), the issue is specifically aimed at outgoing mail, so first thing I would do is check for infection(s), and while those are scanning, double check the SMTP settings, and more so if secure mail and specific ports are required, as many do these days, but ultimately you will probably need to contact the admin of that server to see whats going on, as it is not uncommon for them to block you if they receive enough complaints (or attention drawn to) suspicious mail sending, eg high volume bursts, hope something here helps.

Link to post
Share on other sites

If it matters, they are running AVG Business Edition. I spoke with them to see if the AVG may have any influence in triggering this message. They said it shouldn't but advised me how to turn off features that "protect" Exchange, like message and spam filtering. But as you said, there may be an infection that is hammering the SMTP server from the inside and it may be crossing some threshold of send attempts per hours or something like that in Exchange. Guess I need to just dig in and find where these settings may exist.

Link to post
Share on other sites

Numeric Code: 5.5.0


First Available: Exchange 2000 Service Pack 1


Possible Cause: Generic protocol error (SMTP error). The remote SMTP responds to our EHLO by generating a 500 level error, and the sending system ends the connection and reports this NDR error. This indicates that the remote SMTP server cannot handle the protocol. (For example, if a Hotmail account is no longer active, a 550 SMTP error occurs.)


Troubleshooting: Run an SMTP log or a Network Monitor trace to deteremine why the remote SMTP server rejected the protocol request.



Tips for troubleshooting Exchange NDRs


The key to any troubleshooting is to isolate the problem. In the case of an NDR, discover if the fault lies with the sender, the recipient or the Exchange 2003 server. To gather more clues, send more emails to the same recipient but from different accounts. In addition, send emails to different accounts from the original sender.

Expand the search area by sending email to different sites, or to internet users. Does this tactic narrow the problem to a particular Server, Mailstore or Routing Group Connector?

If it's just one email address that produces the Non-Delivery report, do you type in the SMTP address manually, or do you click the user account in the GAL?

One ISP will only troubleshoot NDRs if you use Outlook Express, which alerted me to the fact that you get different responses from different email clients. So try a different version of Outlook.

I always mean to do this first when I troubleshoot - look in the Application log for errors. A variation of this tip is to increase the Diagnostic Logging see here.

You could also gather more clues with Regtrace, which you find on the Exchange 2003 CD in the supportutilsi386 folder. Regtrace gives you detailed information e.g. homeMDB =

CN=Mailbox Store (GuyMail-Managers),CN=First Storage Group,CN=InformationStore,CN=GuyMail-Managers,CN=Servers,CN=First Administrative Group,CN=Administrative Groups,CN=First Organization,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=GuyMail,DC=com




keep getting whimed from people asking how i resolved this issue and sorry i should of posted a follow up earlier.


i fixed this issue by doing the following


going to

www.dnsstuff.comPosted Image

and checking if i wasnt black listed on any servers.


then i went to this site

2. www.openspf.orgPosted Image

put in my domain name clicked "Go" and followed the prompts and added a record into my dns servers (they have a step by step guide with pics)


if that still doesn't work you may want to try step 3.

try contacting hotmail directly and ask to be taken off their blacklist

if someone can post the url id be grateful ive just been looking for the past 15minutes and cant find it.


hotmail uses an external company to filter their mail, this is the company you want... mind you their site isnt that helpful !


hope this helps


make sure you check your email header this often will show you a more in depth cause.


i believe hotmail may have increased their spam protection in early march which is why for a lot of people this has become more of an issue.


make sure your dns is setup correctly or expect issues.


dnsstuff.comPosted Image or dnsreport.comPosted Image are THE sites to go to!


and remember when in doubt throw your server through a 7 storied window, this way you know its stuffed and you dont have to spend countless hours trying to do guess work.



i think you might have to get in touch with maxxguard.



Edited by terry1966
Link to post
Share on other sites

Sorry, Its Windows SBS2003 with the included Exchange 2003. Unsure of the service pack, I have not been onsite yet. I wanted to do as much homework asI could before coming by. I can tell you this, though, Looking at the MX records, the first four on the list are their ISP's Postini servers. Is it possible that

the ISP is rejecting the outbound mail, and causing the error in Exchange because it can't get out using the SMTP protocol? I have been advised by some others to check for an SMTP relay point to the ISP instead of the server sending directly. I know that Postini will exhibit this behavior if it gets a surge of 900 outbounds within a certain time period. Also odd that it effects every single user, which makes me wonder again about Postini spam filtering.


your thoughts?

Link to post
Share on other sites

She told me she has rebooted the server completely, she was advised to do this by AVG after they changed some Exchange settings with AVG. She also rebooted her own computer, which now will not come back up :) That stuff, I know how to fix well, though...

Link to post
Share on other sites

who is the maxxguard fqdn on the ndr from?


the bottom line is that maxxguard-sbs.maxxguard.local is blocking the messages. if that is your server, then that is the problem. check the connector logs and queues to find out what's causing it.


what happens when you ping the smtp port?


also, check this kb...might be the fix.



Link to post
Share on other sites

Got it resolved, removed the smart host which was relaying through their ISP. Probably accidentally fixed a few other things while messing around, quite honestly I don't really understand all of it.. But its working now. Gotta learn more about fixing these.. I can set them up from scratch, but i don't know much about fixing a jacked up one.. Mine usually stay running :)

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...