Aug
10
Filed Under (Geekspeak, Work) by Justin on 2007-08-10

I just need to give a quick Tip of the Hat to Danny Ybarra at Perimeter Church for posting a link to Microsoft’s SmtpDiag tool on the IT Discuss list a couple days ago.

One of our branch offices has been having trouble emailing a new client for a few weeks now, and after a quick peek at the returned mail she was getting, I knew the problem wasn’t on my end. At that point, I instructed her to talk with her client and have them check with their IT folks to see if if/why we were being blocked. She responded yesterday according to their outsourced IT guy, that we weren’t blocked anywhere.Time to do some more digging I guess…
A quick dig shows that their MX records are pointing to some sort of outsourced email solution (smtp.secureserver.net and mailstore1.secureserver.net). Not really sure where to go from there, since I figured it was some big hosting company with impossible to find contact info, I happened to remember seeing that post on IT Discuss about SmtpDiag. Microsoft has it labeled as an Exchange tool, but I extracted it on to my Vista desktop machine and ran this command, and it worked like a charm:

C:\Users\jmoore\Desktop\SmtpDiag>SmtpDiag.EXE jmoore@ourdomain.com jdoe@clientdomain.com /v
Note: Substitute real email addresses when using SmtpDiag

Part of the output was this, which I hadn’t seen in the previous returned mails:

Checking MX servers listed for jdoe@clientdomain.com.
Connecting to smtp.where.secureserver.net [208.109.80.149] on port 25.
Received:
220 rblsmtpd.local

Sent:
ehlo ourdomain.com

Received:
250 rblsmtpd.local

Sent:
mail from: <jmoore@ourdomain.com>

Received:
250 rblsmtpd.local

Sent:
rcpt to: <jdoe@clientdomain.com>

Received:
553 Bogus helo mailstore1.secureserver.net. <http ://unblock.secureserver.net/?ip
=66.20.xx.xxx>

A quick visit to that link gave me a short and simple form to fill out. A few minutes later, I ran the same SmtpDiag command again and it went through without a hitch.

My office is now exchanging mails with the client. Of course, I also felt the need to send this note:

Using a SMTP trace tool, I’ve just confirmed that we were indeed being
blocked by the company hosting [ourclient]’s email. It won’t give me a reason
why, but I have submitted a request to their system to be removed from
the blacklist and it appears to have been processed already.

I’m copying their IT guy so that he will know what was going on with it,
as well as your contact at [ourclient] to confirm that they are now able to
receive mail from us. Please reply and let me know you have received this.

All in a day’s work.

(4) Comments    Read More   

Comments

Danny Ybarra on 10 August, 2007 at 4:36 pm #

I’m glad that this worked for you. I used to connect to mail servers the “old fashion” way with telnet for testing smtp.
I like how SmtpDiag will test each step of the way to let you know what is going on.


Brandon Jaynes on 11 August, 2007 at 7:29 am #

I have had specific email problems at companies before who host their own email, and a bookmarked site that should be checked during troubleshooting at some point is http://www.mxtoolbox.com/blacklists.aspx. It checks the mail server against blacklists (usually because of open relays). Some remote mail servers check blacklists and automatically reject email from that domain.

If there ever were to be an open relay, or a compromised username-password combination that resulted essentially in an open relay, it wouldn’t be long before the IP address of the email server (or the entire domain) was blacklisted.


Justin on 11 August, 2007 at 8:22 am #

@Brandon

Yeah – I’ve had that happen before too, most recently when I agreed to look at a co-worker’s friend’s PC that was having some issues. Little did I know it had a nasty piece of SMTP malware installed and was sending out a couple hundred junk mails every minute.

Didn’t take long to get it resolved after that, and I also began blocking all outbound SMTP traffic at the firewall level except from the mail server’s IP.

I knew it wasn’t related to being on a RBL this time though because that almost always affects more than just client.


Chris on 17 October, 2011 at 5:16 pm #

An old post, but thanks it solved my problem.


Post a Comment
Name:
Email:
Website:
Comments: