PROBLEM: When a user tries to send my organization an email, they will get an error message stating the the email has been delayed. The exact message: “This message hasn’t been delivered yet. Delivery will continue to be attempted.”
After a few days, the user would get an error that the message has failed stating that the “Delivery has failed to these recipients or groups”
The frustrating part of this issue is that it doesn’t happen consistently. The emails will successfully be delivered for days or even weeks and then the errors will rear their ugly heads once again.
Observations and what I have done to troubleshoot the issue:
- In all of the failed emails, the generating server was from the domain bigfish.com. After a couple of google searches, I found out that this is part of the Office365 services. In particular, the Forefront portion of the service.
- I whitelisted the email of the sender in our spam filter to make sure it wasn’t getting blocked on accident. This did not fix our issue. (our spam filter is a Mail Foundry appliance).
- I removed some outdated blacklist sites on the spam filter to improve SMTP response time. Did not fix
- I put our spam filter in a DMZ to rule out our firewall. Did not fix
- Per a suggestion from a fellow admin, I checked our DNS and made sure that our SPF record was setup setup properly. Did not fix
- Worked with Mail Foundry tech support and confirmed with them that the email wasn’t even getting to the appliance, let alone rejecting the message.
- Changed ISPs. We switched out ISP’s not because of this issue but just to change service and this didn’t fix the issue as well.
I have tried everything that I could think of so now I turn to anyone who might stumble on this post. Hopefully, someone might be able to give me a suggest that I haven’t thought of yet. So if you have a suggestion, please leave a comment.
UPDATE 4.13.14: After working with another engineer who was working with Microsoft Forefront’s tech support, we found out that my firewall was blocking some of the originating servers. This would explain why some mails would go through and some wouldn’t. We had some Geographic/country related rules to block unwanted traffic. Problem is that MS has servers all over the world. So I created a white list for all the IP’s that Forefront uses(see below). Once we did that, email seems to be passing much better.
Forefront IP ranges to white list:
Technet article regarding this fix…