General troubleshooting steps for inbound/outbound mail flow issues

  • Article

Mail flow can be stopped for various reasons in an organization. Also, it depends entirely on the environment design as there are various factors involved in affecting the mail flow like network, ports, firewall, antivirus, anti-spam, transport agents, directory services, connectors misconfiguration, exchange server services not running up and the list goes on.

It's always better to design the mail flow architecture in an easily understandable way and also we need to ensure that the SMTP security inbound\outbound is tightened in the perimeter level to make sure no spam emails are circulated.

In this article, we have mentioned few basic troubleshooting steps that can be followed during mail flow issues in an environment.

This applies to both inbound/outbound mail flow issues.

Following things can be done:

1) First, run EXBPA to check if we get any misconfig errors (applies only for Exchange 2007/2010). You can skip this step if you are running Exchange 2013 and upcoming versions.

2) Go through your event logs on hub transport if it's 2010, Mailbox Server if it's 2013, to see if we get any clue (at times it may be a back pressure as well so it's better to check logs). It's better to check all the Exchange services at this time and ensure they are running.

3) Do a telnet from internal to an external network and see if everything is fine and also perform telnet test from external domain to your domain. This test will usually help you to identify if there is any SMTP traffic block in your firewall.

Below is the example of performing a telnet test:

Type Telnet domainname or IP 25

 

https://exchangequery.files.wordpress.com/2015/04/telnet2.png

Above is an example of successful delivery to the target domain.

4)  Check whether the MX record is valid for the affected domain.

Below is an example of performing MX validation for google.com domain.

https://exchangequery.files.wordpress.com/2015/04/nslookup.jpg
5) Enable protocol logging both send and receive connectors and see if you are able to track anything.

6) Check if  the connecting IP is on blacklist

We need to obtain the following tool to do the check:

http://mxtoolbox.com/

 

If there is a blacklisting, please contact the providers of Blacklist. They will take a look at the reason behind blacklisting and remove the domain from the blacklist for you.

 

7) Check for NDR message. Enable message tracking for those non-delivery mails and see if you get where the message gets dropped. This will help you a lot to identify the problem.

 

8) Analyze  Message header of the NDR to see in which hop the email was dropped.

 

9) Check the send connector and receive connector config and make sure the settings are correct according to your environment setup.

 

10) Check your firewall config and make sure port 25 inbound/outbound are open. Also, check if there is any  SMTP filtering in your firewall which will be the culprit in most of the cases.

 

Hope this article is helpful for troubleshooting mail flow issues.