Liste de diffusion Message #15398
De: Bill Cole <>
Sujet: Re: DNS issues with sending server or what?
Date: Wed, 10 Jan 2007 23:19:32 -0500
A: SIMS Discussions <>
At 12:59 PM -0800 1/10/07, Paul Didzerekis  imposed structure on a stream of electrons, yielding:
Can anyone here see what is causing the following problem and suggest a solution?

The problem is that someone tries to send email from to one of our client domains and our server instantly bounces back the message to the sending server with an error that the user is unknown.  I think it is bouncing all messages they try to send to us at any of the domains we host.  The server at (Web*V) performs spam content and RBL filtering and such and is setup to forward messages for that domain on to another server (SIMS) that handles the POP accounts for that domain.  We don't have this problem with any other domains we host or emails coming from any other place.

There's a contradiction there. Is it all of your domains or just one?

I suspect that the sending server/domain may have a DNS issue or something and that is confusing our receiving server and causing it to bounce the message back to them.  Our server that is bouncing the messages does not show any kind of error in the log just that the message is received and then instantly returned.

That is very broken. A mail server that does not log what it does with every message should be dumped.

Here is the info I got back when I asked the sending people to forward me the bounced message with header (sent to my .mac account).

Thanks in advance,
Paul Didzerekis

Here is the header info
Bounced notification
And the original message is attached

The message looks wrong. Incomplete. Full Internet headers(not the Microsoftian reductions)  for the bounce itself would help, and it looks like something has removed and 'simplified' the actual SMTP response. That's a known Exchange behavior.

With that in mind, I will make a couple of notes:

-----Original Message-----
From: Mattson, Lori []
Sent: Monday, January 08, 2007 3:26 PM
To: Stone, Renee K
Subject: FW: Returned mail: Message Undeliverable

Microsoft Mail Internet Headers Version 2.0
Received: from ([]) by with Microsoft SMTPSVC(6.0.3790.1830);
Mon, 8 Jan 2007 14:50:11 -0800
Date: Mon, 08 Jan 2007 22:50:10 GMT
From: Mail Delivery Subsystem
Subject: Returned mail: Message Undeliverable
To: <>
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;
Return-Path: <>
Message-ID: <>
X-OriginalArrivalTime: 08 Jan 2007 22:50:12.0045 (UTC)

Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 7bit

Content-Type: message/rfc822
Content-Transfer-Encoding: 7bit

Received: from
( []) BY
 WITH ESMTP (4D WebSTAR V Mail (5.4.0)); Mon, 08 Jan 2007 14:50:10 -0800

A machine at IP address claimed in it's EHLO to be named "" but in fact that name resolves to

That is not supposed to be grounds for rejecting mail, but some people ignore the admonition against that practice in RFC2821, because such a verification can be useful: many spammers use fake HELO/EHLO names.

The resolvable name for is one that looks very generic, as if the owner of the IP address doesn't care what its name is except to assure that he can resolve it in his head without DNS. That also "looks spammy" to many spam control systems.

Combine a fraudulent EHLO with a generic real name, and there are a lot of spam filters that won't even look any further.

However, this does indicate that (the Web* server) accepted the message. Unfortunately, it looks like Web* is too stupid to create SMTP transaction ID's for Received headers and log tracking or Message-ID's for its bounces. It sure makes tracking hard...

X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: multipart/alternative;
Subject: test 100
Date: Mon, 8 Jan 2007 14:50:05 -0800
Message-ID: <BF2AF0B9A2A0574EBCFEC37A7F3104F40CA934@TCRCC01.tcrcc.local>
Thread-Topic: test 100
Thread-Index: Acczd1SIyFvR5YEZRjm2CQs1HSzijw==
From: "Mattson, Lori" <>
To: <>,

Content-Type: text/plain;
Content-Transfer-Encoding: quoted-printable

Content-Type: text/html;
Content-Transfer-Encoding: quoted-printable



I'm not sure I'm getting this right. This is looking like the bounce of a bounce???

-----Original Message-----
From: Mail Delivery Subsystem [mailto:Mail Delivery Subsystem]
Sent: Monday, January 08, 2007 2:50 PM
To: Mattson, Lori
Subject: Returned mail: Message Undeliverable

This message could not be delivered to the following recipients:

<>: Unable to reach destination or recipient is

That looks like the Exchange bounce re-writing stupidity. Somewhere there once was a set of real headers for that, a domain for the sender, and a clear specification of what was said last in the SMTP conversation by what machine and to what machine. Without those, diagnosis is impossible. As long as the bounces are going back in to a default-configured Exchange, you won't get them.

Based on what you DO have, I'd suggest two possibilities:

1. The spam filtering in Web* is causing the problem. If it is an asynchronous filtering system that accepts mail, filters it, then bounces what it dislikes, that's a possibility.

2. SIMS might be rejecting this for some reason.

Diagnosis is made immensely more difficult by the interaction of two junkware mail servers: WebStar and Exchange. If you canfix one or both to provide more information, you have a far better shot of figuring this out.

Bill Cole                        

S'abonner aux messages S'abonner aux sommaires S'abonner aux indexes Se désabonner Ecrire un email au responsable de la liste