Posts Tagged ‘SMTP’

SMTP Problem solving

posted by Sam Ravenscroft
Jun 2

About 2 weeks ago I was assisting a friend of mine to upgrade her server hardware. They had also moved to a new ISP for hosting et al.

We had some problems with the outgoing mail queues in Exchange 2003. Exchange was setup to deliver mail directly (via DNS). Not all of the mail could be delivered.

The tools used to debug these kind of problems are nslookup and telnet. (There are many other tools available, but these 2 tools can be used on any out-of-the-box Windows / Server installation.)

Let’s say for example that you cannot send mail to user@microsoft.com…

Open up a command prompt (start, run, cmd)

Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\>nslookup
Default Server: UnKnown
Address: 192.*.*.*

> set type=mx
> microsoft.com
Server: UnKnown
Address: 192.*.*.*

Non-authoritative answer:
microsoft.com MX preference = 10, mail exchanger = maila.microsoft.com
microsoft.com MX preference = 10, mail exchanger = mailb.microsoft.com
microsoft.com MX preference = 10, mail exchanger = mailc.microsoft.com

microsoft.com nameserver = ns5.msft.net
microsoft.com nameserver = ns1.msft.net
microsoft.com nameserver = ns2.msft.net
microsoft.com nameserver = ns3.msft.net
microsoft.com nameserver = ns4.msft.net
maila.microsoft.com internet address = 205.248.106.64
maila.microsoft.com internet address = 131.107.115.212
mailb.microsoft.com internet address = 131.107.115.215
mailb.microsoft.com internet address = 205.248.106.30
mailc.microsoft.com internet address = 131.107.115.214
mailc.microsoft.com internet address = 205.248.106.32
ns1.msft.net internet address = 207.68.160.190
ns2.msft.net internet address = 65.54.240.126
ns3.msft.net internet address = 213.199.161.77
ns4.msft.net internet address = 207.46.66.126
ns5.msft.net internet address = 65.55.238.126
> exit

C:\>

Here’s the breakdown:

nslookup // this is a command line tool to perform DNS lookups
set type = mx // this tells nslookup that we are interested in MX record (Mail eXchanger)
microsoft.com // this is the domain for which we want to do the lookup
exit // self explanatory

The results we are interested in are:

Non-authoritative answer:
microsoft.com MX preference = 10, mail exchanger = maila.microsoft.com
microsoft.com MX preference = 10, mail exchanger = mailb.microsoft.com
microsoft.com MX preference = 10, mail exchanger = mailc.microsoft.com

Basically this means that the domain Microsoft.com has 3 mail servers (or mail exchangers) and that each server has a preference of 10 (lower preference means more preferred, i.e. your backup MX server should have a higher preference that your primary MX server). When the MX records for a domain have the same preference it is used for load balancing as neither is more preferred than the other.

Ok, let’s proceed to telnet. From the list above we will use maila.microsoft.com as it is the first in the list (in a different scenario you would choose the primary MX server, i.e. the one of the lowest preference).

(once again from a command prompt)

C:\>telnet maila.microsoft.com 25

220 mail04.microsoft.com Microsoft ESMTP MAIL Service ready at Sat, 2 Jun 2007 1
0:24:12 -0700
ehlo localhost.localdomain
250-mail04.microsoft.com Hello [41.*.*.*]
250-SIZE 10485760
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-STARTTLS
250-AUTH
250-8BITMIME
250-BINARYMIME
250 CHUNKING
mail from: user@localdomain.com
250 2.1.0 Sender OK
rcpt to: bill@microsoft.com
550 5.7.1 Email rejected because 41.*.*.* is listed by zen.spamhaus.org. Please see http://www.spamhaus.org/query/bl?ip=41.*.*.* for more information.
quit
221 2.0.0 Service closing transmission channel

connection to host lost.

C:\>
(note: some of the IP's etc. above were masked in the interest of privacy)

Here’s the breakdown

telnet maila.microsoft.com 25 // connect to remote server on port 25 (SMTP)
ehlo localhost.localdomain // ehlo command
mail from: user@localdomain.com // who the mail is from
rcpt to: bill@microsoft.com // who the mail is for
quit // close the connection

The response:

550 5.7.1 Email rejected because 41.*.*.* is listed by zen.spamhaus.org. Please see http://www.spamhaus.org/query/bl?ip=41.*.*.* for more information

And that is how it’s done. Obviously the response code will differ according to what the problem is.

Under normal circumstances one would simply use nslookup and telnet to debug the problem, but I found this great tool called bmail from Beyond Logic it can be downloaded from http://www.beyondlogic.org/solutions/cmdlinemail/cmdlinemail.htm

Bmail is a command line mailer, you will still need to obtain the MX record using nslookup, but thereafter it is much easier to use bmail.

Example:

(from the command line)

C:\>bmail

Command Line SMTP Emailer V1.07
Copyright(C) 2002-2004 Craig.Peacock@beyondlogic.org
Date: Sat, 02 Jun 2007 21:00:47 +0200
Usage: bmail [options]
-s SMTP Server Name
-p SMTP Port Number (optional, defaults to 25)
-t To: Address
-f From: Address
-b Text Body of Message (optional)
-h Generate Headers
-a Subject (optional)
-m Filename (optional) Use file as Body of Message
-c Prefix above file with CR/LF to separate body from header
-d Debug (Show all mail server communications)

C:\>bmail -s maila.microsoft.com -t bill@microsoft.com -f user@localdomain.com -h -a "Test message" -d

Command Line SMTP Emailer V1.07
Copyright(C) 2002-2004 Craig.Peacock@beyondlogic.org
Opening connection to maila.microsoft.com [205.248.106.64] on port 25
220 mail04.microsoft.com Microsoft ESMTP MAIL Service ready at Sat, 2 Jun 2007 1
2:42:11 -0700
HELO localhost
250 mail04.microsoft.com Hello [41.*.*.*]
MAIL FROM:<user@localdomain.com>
250 2.1.0 Sender OK
RCPT TO:<bill@microsoft.com>
550 5.7.1 Email rejected because 41.*.*.* is listed by zen.spamhaus.org. Please see http://www.spamhaus.org/query/bl?ip=41.*.*.* for more information.
550 5.7.1 Email rejected because 41.*.*.* is listed by zen.spamhaus.org. Please see http://www.spamhaus.org/query/bl?ip=41.*.*.* for more information.

C:\>

The -d (debug switch) is obviously very important here as it shows you the full SMTP conversation.