www.anthonygarmont.com
  • Instagram
  • LinkedIn

Troubleshooting Mail Flow - NDRs and Bounce Messages

6/18/2013

0 Comments

 
As the guy responsible for the email server at my company, I usually get tasked with troubleshooting all the Non-Delivery Reports (NDRs) for our end users. We call them "bounce messages" in our office because it appears that when you send the message - it bounces back.

What many users don't understand is that the reason the email bounced is usually right in the bounce message itself. 

I always look for certain text in the bounce message:

Diagnostic information for administrators:

Generating server: servername.appriver.com

username@receivingdomain.com
receivingdomain.com #<receivingdomain.com #5.0.0 smtp;message text rejected by receivingdomain.com.s8a1.psmtp.com: 

552 5.3.4 Message size exceeds fixed maximum message size> #SMTP#


You want to look for the response of the server - that is your biggest clue. in the case above it's: "Message size exceeds fixed maximum message size" or in plain english - "I rejected your email because it's too big."

Here are more popular ones:

550 - The requested command failed because the user's mailbox was unavailable (for example because it was not found,or because the command was rejected for policy reasons).
551 - The recipient is not local to the server. The server then gives a forward address to try.
552 - The action was aborted due to exceeded storage allocation. 
553 - The command was aborted because the mailbox name is invalid. 

I'm not going to go onto all the different errors because there is plenty of that info here on the web. The purpose of this post is to just show my train of thought when trying to figure out what's going on with a bounce. So here is my workflow.

  1. See above, what are the error messages? Is it that easy? Mailbox Full? Attachment too big? Etc.
  2. If the server responds with the address does not exist or something along those lines we start on this road:

  • a. Is the domain name valid? Did the user mispell the domain?
  • b. If you strip the "name@" from the domain, can you get to the website? It that website the company they are sending to? If not, the user typed it wrong or were given the wrong info.
  • c. If no website comes up, check to see if the domain is for sale. Hit Godaddy.com and see. If it IS for sale - your user typed it wrong because nobody even owns the domain so there fore could not host email.
  • d. Ok, if it's NOT for sale. Does it have an MX record? Check http://www.mxtoolbox.com to see.
  • e. No MX record on the domain? The domain is not even setup to receive email in that case - so thats a problem on the recipient's side or your user typed it wrong.
  • f. The domain has an MX record. But the error says recipient does not exist. There is a good chance the user typed it wrong, or they were given the wrong info.
  • g. Are you getting bounces from other domains? More than usual? Check your queues.

Do we start to see the theme? My unscientific opinion is that around 90% of all NDRs are one of three things:

  1. The user has typed the wrong address somehow - or the wrong address was supplied to the user.
  2. The recipient's server has some sort of issue.
  3. SPAM Filtering is sending a false "bounce" message, or bouncing it outright.

If mail is flowing to all other domains without an issue, but just one domain is bouncing or one email address in a domain - then it's NOT you. It's them.

0 Comments

AppAssure - VSS Troubleshooting Guide – Failed VSS Writers

6/17/2013

0 Comments

 
We were having backup issues on a server running AppAssure. It would not complete snapshots and error. It would throw the error:

 "Timeout getting the VSS writers from [SERVERNAME]"

I restarted all the services. Even re-booted the server without success. Running the commands below got it going again. When I ran vssadmin some of the writers were showing errors. nothing worked until I ran the vShadow commands below. That ended up fixing it and now backups are working once again.

eboot your server).

  1. Reboot your agent server. Servers that have not been rebooted in a while may cause VSS to malfunction. You should reboot your server regularly as a preventive and cleanup measure for your system.
  2. Reset the writers to a stable state.
    1. Open vssadmin from the command line (run cmd prompt as administrator). Run the following command:
      1. vssadmin list writers
    2. If any writer is noted as failed or has an error, or any writers’ states are not listed as stable, run the following:
      1. For Replay4: C:\Program Files (x86)\AppAssure Software\Replay Agent\Utils64 > vshadow <The Drive Letter>
      2. For AppAssure 5, open a command prompt from the following location: C:\programfiles\apprecovery\agent
        1. Run vShadow <THE DRIVE LETTER>
    3. List the writers again to check their stability: vssadmin list writers
0 Comments

How to re-allocate licenses in the Kaspersky Console

6/15/2013

0 Comments

 
In order for a computer being re-allocated (wiped) to "surrender" it's license to the Kaspersky server, the Kaspersky software (Client and Agent) should be un-installed. However, if the machine was wiped or died before this process could happen, the following process can be followed to re-gain your unused licenses.

You must first remove the computer that does not need a license anymore.

1. Open the management console (Kaspersky Administration Kit), and browse to "Managed Computers" --> "Client Computers" on the right side where it shows the list of computers, find the computer you want to remove. Right-click and select "delete".

HINT: If you sort by the "Connecting to Server" field, you can see all the machines that have not connected in a long time and it can help show which ones can be deleted.

2. Browse to "Unassigned Computers" --> "IP Subnets" --> "(your subnet)" and locate the computer you just deleted from step one. Right-click on it and select "delete".

3. In the upper left, select the "File" menu, then select "Options..." The "Disk Cleanup" interface appears. Click on the "Delete Files" button. Then click "Yes". Then click "OK".

4. Flush the DNS Cache. From a command prompt type IPCONFIG /FLUSHDNS [enter] then type IPCONFIG /REGISTERDNS [enter]

5. Open the console back up. Browse to "Reports and Notifications" and right-click on the "License Usage Report" and select "Refresh". Then run the report.

The licenses should reflect the new total - removing the machines that were just deleted. 
0 Comments
<<Previous
    View my profile on LinkedIn

    Archives

    February 2021
    November 2020
    August 2019
    November 2018
    June 2015
    March 2015
    December 2014
    June 2013
    July 2012
    May 2012

    Categories

    All
    Active Directory
    ADCS
    Cloud Computing
    Microsoft Excel
    Microsoft Exchange
    Microsoft Hyper V
    Microsoft Hyper-V
    Microsoft VDI
    PKI
    Powershell
    Technical

    RSS Feed

    What I believe...
Powered by Create your own unique website with customizable templates.
  • Instagram
  • LinkedIn