Posts Tagged email
Email Error: Invalid EHLO/HELO domain
Posted by Bloggylife in troubleshooting on May 27, 2009
Sending from my company email to another company email I got this error (link)
smtp; 550 5.5.0 Invalid EHLO/HELO domain
It’s because the other end mail server complies with SMTP standard (RCF 5321)
For our external email transfers, our spam filter handles it, that is Mail Transfer Agent (MTA). The problem was the FQDN configured didn’t publically resolve. Our MTA public IP didn’t have a Host A record on public DNS. It’s just natted to a public IP through our firewall.
You might wonder how this is possible?
See we receive through one SMTP connector (SMPTin.company.com) and send throughout another (SMTPout.company.com). So our DNS records, MX records, A records, are pointing to our (SMTPin.company.com)
So the HELO/EHLO value our mail server provided in the mail session when connected to the other end was not a publically resolvable FQDN. The value SMTPout.company.com, didn’t have an A record associated with it.
Updated the DNS records with the SMTPout.company.com A record.
I’m not sure how many mail servers out there comply with RFC5321 standard, but if you have this misconfiguration, you’ll face a problem when sending to such mail servers.
Thanks Nick for all the help you provided 
Email Problem: Fatal Error
Posted by Bloggylife in troubleshooting on May 12, 2009
Catchy title ;P A company contacted me regarding receiving a fatal error their email encounters when sending to our domain.
I saw the error message they are receiving, their email server, trying to resolve our domain using a local DNS in their premises and failing to do so.
This is how I troubleshooted:
- Checked our flow of emails, we are receiving and sending emails
- We have received emails from that company in the morning
- I nslookup-ed our email entries against our domain
- I used an external DNS and all our entries we resolving just fine
- I used external email account to send and receive emails with/without attachment (that took quite a while to reach its destination)
So I told them it’s a DNS problem, you’re having problem looking up our MX records in order to send us emails, check your DNS server.
Actually I was glad everything was fine from our end and left it at that and didn’t investigate thoroughly. The next day their IT person sends a report stating one of our DNS is giving them problems, so a temporarily solution, all DNS queries are forwarded to the functioning one!
WTF, I forgot to check the secondary DNS and what do you know, it’s not loading any records in any of the zones configured!!
So you see, they were having a problem, because their email server was querying our MX records against our secondary DNS server which had a problem. It wasn’t down or else it would’ve gone to the primary one, it was up and running with empty zones ;P
CONCLUSION, it was a DNS problem, but it was OURS not theirs ;P
Our secondary DNS is of course located in the DMZ, it’s running two services, DNS and FTP, each having their own IP. The issue was for security reasons, you configure your primary zone to allow zone transfers to listed IPs, I listed the seconday DNS IP but just to make sure you have configured the correct IP.
In DNS management console, right click the DNS server and select nslookup, the DNS IP should appear, that IP should be configured on the primary DNS.
Our problem, it was receiving DNS queries with one IP and loading zone information from primary DNS with the IP assigned for the FTP services!
I’m not quite sure why it’s doing that … I just included both IPs as trusted in the primary DNS configuration and voila it worked 
Sat down and wrote an apology email to the company and believe it or not when sending to their other company handling their IT services I got another error:
smtp; 550 5.5.0 Invalid EHLO/HELO domain.
What I did to solve this problem ;P used my gmail account to send the apology email to the IT person ;P I’ll just leave that to another day or as we all know tomorrow ;P
Send To Mail Recipient Error
Posted by Bloggylife in troubleshooting, windows on May 10, 2009
I get this error when trying to Send To Mail from within any application or using right click -> Send To -> Mail Recipient option for a file on the desktop for example.
mapi32.dll is an invalid Extended MAPI Library
To solve this problem. Since I still have my old machine running – it’s still doing me good – with the same office version 2007. I copies the dll file, mapi32.dll from (C:\WINDOWS\system32) and placed it the exact location of the new machine, closed outlook and opened it again and problem solved.
Image Spam
Posted by Bloggylife in technology on May 5, 2009
Of all the emails we receive within 24 hours, around 95 % is spam! Of course we deploy a mail filter to go through all these emails and pass the legitimate ones only.
Now we are introduced to some emails that are clearly spam but get through, you’ll see the email with an image attachment of Viagra products for example.
If your filter box is text based, it won’t detect this kind of spam, the image spam. A brief overall description, of how a message is considered valid or spam, is it goes through several tests, based on the overall score, the verdict is issued.
The email can be blocked based on a number of things other than the email content, you can block all emails with images except coming from your whitelist for example, but this is not acceptable, especially if you have what I like to call the “Friends Spam”, employees using their work account as personal mailing account.
Your filter needs to include a special image filtering feature, that goes, even if not quite efficiently, through the image and detects text. I don’t think it understands the image itself, because we are still advancing in that arena.
What you can do, is add the sender’s address or domain to your blocked list.
On a lighter note, if there is a small little tiny chance that a spam message passes through, your main mail filter appliance and the end user’s email scanner, which employee’s inbox will it end up in ?????
Read More on Email Spam: Link
Gmail and Blog
Posted by Bloggylife in technology, troubleshooting on February 6, 2009
After going through Bashar’s post about Gmail, I went through my gmail features and found that I can configure my domain email account (@bloggylife.com) ;P (well upto 5 accounts), kind of centralizing everything into one place ;D
Settings -> Accounts -> Add a mail account you own
It is straight forward, but if you’re not sure, usually you can get the mail setting configuration from your domain help page. The thing I liked, there is an option to automatically label your emails that are retrieved from your domain account to single them out.
In hotmail, which I use for personal and business, because these accounts go way back and all my contacts know them. Though I don’t frequently use messenger, but it’s a tool to stay in touch. I have rules set to sort out my incoming mails into folders based on sender, domain, etc. I haven’t used labels/folders in gmail yet, because there isn’t much to go through. My gmail is just used to stay in touch with the blogsphere .. for now ;D
One question is roaming through my mind and not quite sure of it, is there a possibility that this way, my blog emails are also filtered through gmail spam filters ;D The obvious answer should be no, the emails are just retrieved and whatever filtering that is supposed to happen, should be done at the original account servers. I’ll have to search for a definite answer.
Email Troubleshooting
Posted by Bloggylife in troubleshooting on December 24, 2007
It is very interesting handling the email server. Depending on your organizations setup of the email system as a whole, servers for sending emails, servers from storing, servers for filtering, etc. You’ll have many failure point scenarios when troubleshooting a problem. The more complicated the setup, the more intriguing the troubleshooting process.
One of the things that email systems do upon failure to perform their tasks is to send the end user a Non-Delivery Report (NDR), that pretty much helps you pinpoint the problem.
If a user calls in a problem whether from your organization or another attempting to send to your organization, ask them to send the NDR received.
Lately a user attempting to send to a group in our company received the below:
(554 5.5.2 Invalid data in message)
- Made sure that they and we can send and receive between each other with relatively small sized attachments, in other words we didn’t blacklist each other and we have no attachment size problem.
- Asked to be provided the details of the email, attachment size and name. The attachment’s name was over 150 characters long! The email filter/firewall can be configured to enlarge the message size.
- Asked the user to resend the email after renaming the attachment with fewer characters
- Received email
Email servers have many features and configurations. Problems help you understand them more. Still I’m in the beginning of the road
Recent Comments