October 27th, 2011, 07:28 PM
You can view the raw exchange logs, usually located in C:\Program Files\Exchsrvr I believe. If the logs don't reveal anything I would call Comcast. You can also try running wireshark on the network interface your Exchange server uses when you send a test email to see if traffic is hitting the server.
Comments on this post
November 1st, 2011, 10:39 AM
Alright, thanks for all the info guys. Guess I'll have to just break down and call Comcast. I'm sure that'll be fun!
November 2nd, 2011, 06:59 PM
Well let us know what you find out, I'm interseted to hear the resolution.
November 3rd, 2011, 08:40 AM
Will do. If we get any resolution I'll be sure to share the results.
March 14th, 2012, 02:16 PM
Picking this back up... haven't called Comcast because we've been quite busy with other things and we just used an external email account as a temporary workaround.
Now, I finally have a little more time, and I just received a bounceback that had some more information on it. I'm not sure at this point if the user is using Comcast or not:
The ip address listed in the email is the WAN interface of our firewall, the interface that's hooked to our router. I ramped up the firewall logs to see if there's anything noteworthy there, but I suspect it'll take some time to sift through. Our firewall does have a Content Filtering system, but I checked and the only forbidden attachments are batch files, executables and other potentially malicious extensions. The emails that are bouncing typically have either .rtf, Word docs, or PDF files (none of which we have problems receiving on a regular basis). If anyone has any ideas, please let me know. I'll post back once I can monitor the firewall logs for a while.
March 14th, 2012, 04:59 PM
Unfortunately there's not a lot of information out there that I could find about this error. A few forums suggested validating that your MX record is setup correctly, and the corresponding A record is correct. I'm pretty sure in a previous post you said this was ok though right? If you could double check that would be helpful. I don't thin it's a content filtering issue. In my experience the mail comes through, it's just routed to a spam/quarentine location so you can retrieve it if you need to (either that or the message is just stripped of the attachment).
Is it still only an issue with Comcast users? What did Comcast ever say in response?
I ended up dealing with the IT Manager at the other company, as well as my own ISP. After going back and forth and our ISP troubleshooting, the last response I received from our ISP's engineers (end of last week) was "Solution: Mail server B is blocking Mail server A somehow, or denying the emails. Should be in mail server B log files." We are of course, mail server B.
Originally Posted by seack79
So as you can see, no real help. My thought as soon as I read that was "duh". If I was seeing a problem in the log files, I wouldn't be contacting them.
I'm still not seeing anything in our logs to indicate a problem. Its just as if these messages never show up. I guess I'll dig back into the logs and see if I can find anything with a fresh set of eyes, and try following up with their IT Manager again. In the meantime, any other suggestions are welcome.
I have no clue if it's at all applicable to this problem, but this technet article on exchange server mail routing loops turned up when I was looking around google for smtp 601 errors.
I've never been able to appreciate the sublime arrogance of folks who feel they were put on earth just to save other folks from themselves .." - Donald Hamilton
Thanks for the info Doug. I read through the article but it (unfortunately) doesn't look like it'll help us. We're a small outfit and only have one internal Exchange server, and none of the attributes they specified as causing the problem have been set on our server. Thanks again though.
Wouldn't be a bad idea to have both you and the other IT manager check the message tracking log (should be in the Exchange Management Console). Not sure how much detail it will give you, but it should at least tell you if the mail is actually leaving your server; possibly coming into your server as well....sorry it's been a while since I've used it.
If you load Wireshark on the Exchange server, does it see any SMTP traffic coming in from the other server?