Oh where, oh where have my emails gone?
January 24, 2011 1:54 PM   Subscribe

Why are emails sent from Exchange 2003 intermittently failing to be received at their destination with no error message? Could this have something to do with signatures added in Outlook?

I run the computer systems for a small non-profit and ever since New Years I've been having hair pulling problems with some emails not being delivered to their recipients. I'm pretty sure that things are good on my side of the equation. Message tracking in Exchange tells me that emails have been relayed to the mail server I use as a smarthost.

The wrinkle in the problem is that it seems to be related to the signature that Outlook adds to the end of the message. Often emails sent to the same address without any sig. will make it through just fine even though they simply disappeared before.

The issue is not consistent. Emails from my account will go through just fine while similar messages sent from another account will vanish.

Any tips on how to definitively determine what is causing the problem and how to guarantee that emails are not being filtered out somewhere along the way?
posted by talkingmuffin to Computers & Internet (13 answers total) 1 user marked this as a favorite
You need to look at the traffic between your smarthost and the destination server. You can do this with Wireshark or netmon or some sort of sniffer. The SMTP convo will have status codes, and other troubleshooting help. Who owns the smarthost, can you work with that support team?
posted by kellyblah at 2:01 PM on January 24, 2011 [1 favorite]

If you're confident they're being delivered, perhaps you need to speak to intended recipients? Maybe something in your signature is raising a flag in their spam filters? Are you having problems with a domain in particular or are you seeing this across the board to web and corporate accounts?
posted by Burhanistan at 2:01 PM on January 24, 2011

Exchange tells me that emails have been relayed to the mail server I use as a smarthost.

2nd kellyblah - you have the server completing one hop, now you need to check the smarthost logs to see what the issue is with the next hop.
posted by anti social order at 2:08 PM on January 24, 2011

Well, I've taken the step of cutting out the smarthost and delivering messages directly with Exchange. I've also enabled longing on the SMTP Virtual Server so that I can see exactly what's going on between my server and the remote destination. Any other tips?
posted by talkingmuffin at 2:13 PM on January 24, 2011

Are you using a third party product to automatically add the signatures for everyone - like a disclaimer or something - or are the signatures set in the outlook clients?
posted by 8dot3 at 2:18 PM on January 24, 2011

After cutting out the smarthost the problem still occurs? If so, then your messages are being trapped in the destination spam filter. Your Exchange would give you a bounce message if it couldn't deliver. Is this affecting multiple destination domains? If so then there's probably a trigger in your signature. I once got a call from a company called something like John Dyke Industries whose mail my spam server was filtering as offensive speech.
posted by IanMorr at 2:20 PM on January 24, 2011

Signatures are set in the Outlook client by the users themselves. To increase the chances of messages going through I've had everyone turn off their sigs.
posted by talkingmuffin at 2:20 PM on January 24, 2011

From experience, yes a signature or even a phone number can cause a message to be tagged as spam. It does sound like it is happening on the destination side, if you run a network sniffer on your Exchange server, and allow it to send to the "bad" destination, it should give you a response code (50x will usually be errors, where X is a number to tell you more specifically what the error is).If you can post the SMTP convo here, I am sure someone can help you out with deciphering it.
posted by kellyblah at 2:29 PM on January 24, 2011

Well, it seems that things might be a bit better behaved now that I've cut out my smarthost. Thanks for the help.
posted by talkingmuffin at 3:12 PM on January 24, 2011

I have to agree that this sounds a lot like something in the sigs is tripping a spam trap. Is this happening to all outbound hosts, or just to a specific recipient or organization?

If the latter, I'd also see if you can talk to whomever managers their email. Particularly if they're using an anti spam appliance or service that might be putting a false positive on because of heuristic scanning. (If they've turned on an anti-spam filter that's looking for SSNs, for example, phone numbers could potentially mess with it...)
posted by BZArcher at 5:32 PM on January 24, 2011

First, look for some commonality: if the recipients are all similar, in that you can see that a group of messages don't get delivered to @aol.com or @timewarner.com email addresses, it's possible that you are on their spam list/blacklist. Next, once you know that, go to their support site and check to see if they have a blacklisting page where you can check to see if you're blacklisted by them.

Second, get rid of the smart host. It's an extra moving part that you just don't need in the equation and makes troubleshooting one step more difficult. Get yourself a static IP and point the MX records to your static for email. Use DNS to route back out.

Finally, check your ISP to ensure there's a proper reverse DNS lookup. This helps ensure you stay off of black lists. You may also want to make sure you have relaying turned off on Exchange and to ensure that you limit the maximum number of recipients. Both of these steps cut down on/eliminate someone spamming off of your servers.

Also - if you send bulk email you are setting yourself up to be placed on spam blacklists.
posted by tgrundke at 7:08 PM on January 24, 2011

Check your smarthost with MX Toolbox's Blacklist Check

You'll need to get the IP address of the smarthost if you don't already have it. You can get this by running nslookup yoursmarthostname.com from a command line.

If they're listed in any blacklist you'll have delivery problems, but these problems need to be resolved by the owner or administrator of the smarthost, not you.
posted by odinsdream at 5:00 AM on January 25, 2011

The problem ended up being that our domain name had been flagged as spam by a company called Cloudmark whom our ISP used for their spam filtering. Placing our website address in an email signature caused it to get dropped by the smarthost. Even after removing the smarthost from the equation we still couldn't send to email addresses hosted by our ISP. A call to their tech support line got things back to normal.
posted by talkingmuffin at 2:36 PM on February 15, 2011

« Older How do I get started making a custom map for a...   |   Leveraging Leftovers Newer »
This thread is closed to new comments.