Problems sending e-mail to one particular company

Several days ago, my company started having problems sending e-mail to just one particular company. We are getting either NDR (Non Delivery notices) or a message indicating that the message has been delayed in delivery. I have been talking with the e-mail admin at the other company and they are getting all the messages we send. They aren’t seeing any of the errors that we are. So far it is just the one company but I am concerned that this could grow into problems with more companies. Any idea of how to figure out the cause of the problem?

Several days ago, my company started having problems sending e-mail to just one particular company. We are getting either NDR (Non Delivery notices) or a message indicating that the message has been delayed in delivery. I have been talking with the e-mail admin at the other company and they are getting all the messages we send. They aren’t seeing any of the errors that we are. So far it is just the one company but I am concerned that this could grow into problems with more companies. Any idea of how to figure out the cause of the problem?

— Via the Internet

Since the problem seems to be isolated to just one company, that makes the answer a little easier to find. I would start out by putting some type of protocol analyzer between your firewall and the router connecting you to the Internet. Setup a capture filter that watches the e-mail server at the other end and the DNS servers that the other company is using. You may need to expand this capture filter depending on what you find but this will get you started. Let the protocol analyzer run for several hours depending on the amount of e-mail traffic going between the two companies.

Look at the exchange of traffic between you and the other company to see if anything looks strange. If nothing shows up, compare this capture with a capture of a similar type with another company to see if you find any differences.

The next thing to look at is your DNS servers. If you aren’t running your own external DNS servers, look at the DNS servers that hold the authoritative information for your company’s Internet domain name. There are two tools that I use when looking into this kind of problem – nslookup and dig.

Nslookup gives me quick feedback with minimal command line options. The tradeoff is that where there are problems in resolution, the only error you may get is DNS Server Timeout. This is where Dig gives you a little more to work with. In the command line versions I have worked with, the error reporting when there is a problem is a little more descriptive in most cases. If you aren’t running linux at your location, you can find both gui and command line versions of Dig that should help you. I prefer the command line option as those seem to give overall better information from the various implementations I have worked with as compared to gui versions of the tool.

In looking at the results of nslookup and dig, try running these from your local network as well as other Internet connections from providers other than the one your company is using. It is possible that your DNS servers might not be giving out the same information to external requests as they do to internal requests from your network.

The problem could also be a routing problem between the other company’s ISP and yours. Find out from your users as well as the other company if they are seeing problems at a particular time of the day. Finding a pattern to the problem or a particular time of the day when the problem occurs can also be helpful in finding a cure to the problem.