We have an onsite Exchange 2010 server on our domain and are experiencing a strange issue. About 90% of our incoming email from outside clients is coming in perfectly fine. Sending is 100% fine. But we have a small number of people at certain organisations who cannot email us or have issues doing so.
We also have anyone on an Outlook.com or Live.com or hotmail.com address also having issues sending mail to us. When they send to us they get an immediate bounceback error with the following in the headers:
Final-Recipient: rfc822;[email protected]
Action: failed
Status: 5.5.0
Diagnostic-Code: smtp;550-bay004-omc4s18.hotmail.com [65.54.190.220] is currently not permitted to
550-relay through this server. Perhaps you have not logged into the pop/imap
550-server in the last 30 minutes or do not have SMTP Authentication turned on
550 in your email client.
The strange thing is is that if the sender sends again two or three times it will go through and get to our server fine. Messages to that recipient and replies go through as per normal with no issues.
3 of our outside clients who mail us regularly experience similar issues. They are all State Government departments and when they send emails to our staff they are often delayed and can arrive anywhere from 30 minutes to almost 24 hours after being sent, but what is frustrating is that 50% of the time those emails get to us straight away as per normal?!?!
There seems to be no rhyme nor reason for the delay. At those times when we know mail should be getting to us our network is experiencing no issues at all, nor is our bandwith being hammered. Times are also totally random, so its not at a particular time of day. I have spoken, eventually, with their IT people and they just reply with a 'not a problem on our end, the emails get to other organisations straight away, its your problem' which is extremely helpful to me .....
An added wrinkle is that we use a 3rd party mail filtering service. So our MX records point to them. Mail is delivered there, cleaned and filtered, and then clean mail sent on to our Exchange 2010 Server. Our Exchange Server is set to ONLY accept incoming connections from their range of IP's. We've had absolutely no issues with this setup over the past 5 years until the last 6 months.
The only change we have made in the last year is moving hosting of our domains from one provider to our own VPS setup with cpanel/WHM - and I am kinda wondering if its a DNS issue, or a time out responding scenario trying to lookup our MX records... the provider of the VPS say its not their problem and have been less than helpful as well. Our 3rd Party mail service have been outstanding in their support, as usual, but cannot see any issues from their end down to us.
With the delayed email from certain government organisations I have trawled through the mail headers and can see where the sender sends the email at, lets say, 10.00am. It gets to their edge server at 10.01am. The next entry is the delivery to our 3rd party mail providers server at 2.23pm and then handed down to our Exchange server at 2.26pm for delivery at 2.27pm into the recipients mailbox. So its sitting on their Edge Server for hours before delivery, but their IT staff couldn't be bothered finding out why.
Normally I'd wash my hands of it but some of the emails that get to us require urgent action as they can be time sensitive. Any delays in response means that certain work being offered gets accepted by other organisations before we can respond.
I've just been forwarded another bounceback from an external sender :
Diagnostic information for administrators:
Generating server: server-15.bemta-7.messagelabs.com
[email protected]
domain.com
Remote Server returned '<domain.com #5.0.0 smtp; 550-mail1.bemta7.messagelabs.com [216.82.254.111] is currently not permitted to>'