locked
Exchange 2016 and GSuite mail flow issue RRS feed

  • Question

  • Hello,

    I am having issues with a specific email address suddenly no longer able to send us emails.  Let me give you a clear picture.  

    I have a subscription to GSuite and my MX record is pointed to Google.  We use GSuite Exclusively for email archiving and email filtering.  We do NOT use GSuite for anything else.  The filtered email is then forwarded onto my on premise Exchange 2016 CU12 server.  Clients are using Outlook 2016 Pro.  

    Until last week, an email address was able to send an automated email to 3 of my users without any issue.  The automated email comes from an app.  The user on the app completes a form and a copy of the form is emailed to these users as a PDF attachment.  

    When I log into my Google Admin console and search for the emails under the Email Log Search option, I can find where Google is attempting to send them onto my Exchange server, but it fails.  When I pull up the message, I can see in the logs it states, "The recipient server did not accept our requests to connect."  Further, "The receiving host refused the connection from our servers."  

    When I search on my exchange server using an Exchange Message Tracking GUI powershell script (https://gallery.technet.microsoft.com/office/Exchange-message-tracking-73a2604c), I cannot find any mention of the failing emails, just the ones that were coming thru last week.  

    In summary, I have Google/Gsuite stating that these emails are being rejected.  However, there is no log of the failure on the Exchange server.  Again, this has been working for months now and then suddenly on Wednesday last week, it quit working.  Thank you for any input or suggestions you may offer.  

    Wednesday, September 9, 2020 2:37 PM

Answers

  • RESOLUTION.  

    Below is a summary of the resolution to this post in case anyone comes across it in the future.  Again, Google GSuite Cloud customer with On Premise Exchange 2016 server.  

    Last Thursday afternoon we received a report that emails were not being delivered. 

    In summary the issue was certain emails were being delivered to our Google/GSuite account, being forwarded to us and then were bouncing back. I would estimate that this affected 20% of our overall email flow. Many other emails from outside sources were continuing to work. We could see the bounce backs happening in the Google Admin Dashboard, but no real errors were shown. In other words, emails were not flowing and no specific error as to why. This made the troubleshooting extremely difficult. Further, when we would look on the exchange server, there was no record of a FAIL at all.   

    After many hours/days of troubleshooting, we found that Google had started using a new IP address to deliver emails to us. Using a filtering feature on the Firewall, we found an IP address attempting to email us hundreds of times and receiving denies. We only allow specific IP addresses to send us emails, those belonging to Google. This is a static list, meaning it doesn’t change unless we change it manually and that is what we did. We changed the Firewall rule to allow that IP address to send us email. Specifically, it was a zone; 108.177.16.0/24

    Now that the emails were being allowed through the firewall, they still weren’t being received and were still bouncing. However, they were now bouncing with an bounce back error code. Something we hadn’t had before. Now that we had the code, which was NDR 421 4.3.2, we could troubleshooting the email server more effectively. 

    Similar to our firewall, our Email server here at the office will only accept emails from specific IP addresses, those belonging to Google. I had to configure our email server with this new IP address zone. Once I made the change, emails that were queued up started flowing. 
    • Marked as answer by SatcomXT Friday, September 11, 2020 7:52 PM
    Friday, September 11, 2020 7:52 PM

All replies

  • Hi.

    1. Please check or recreate your receive connector and allow receive messages from as smart host GSuite.

    2. Please open ticket on GSuite and review headers.

    Maybe GSuite modify headers and your Exchange can't identify correct your recipient. 


    MCITP, MCSE, M365. Regards, Oleg

    Wednesday, September 9, 2020 3:50 PM
  • Hello Oleg,

    Thanks for your reply.  All other email is working fine, its just this one email account that cannot send to us.  Also, I opened a ticket with Google and they basically told me it was not their problem because it was bouncing back from the exchange server.  

    My goal with this post is to see if there are some other places I can look or config changes I can make on my exchange server for details as to why this is happening.  

    Wednesday, September 9, 2020 3:54 PM
  • RESOLUTION.  

    Below is a summary of the resolution to this post in case anyone comes across it in the future.  Again, Google GSuite Cloud customer with On Premise Exchange 2016 server.  

    Last Thursday afternoon we received a report that emails were not being delivered. 

    In summary the issue was certain emails were being delivered to our Google/GSuite account, being forwarded to us and then were bouncing back. I would estimate that this affected 20% of our overall email flow. Many other emails from outside sources were continuing to work. We could see the bounce backs happening in the Google Admin Dashboard, but no real errors were shown. In other words, emails were not flowing and no specific error as to why. This made the troubleshooting extremely difficult. Further, when we would look on the exchange server, there was no record of a FAIL at all.   

    After many hours/days of troubleshooting, we found that Google had started using a new IP address to deliver emails to us. Using a filtering feature on the Firewall, we found an IP address attempting to email us hundreds of times and receiving denies. We only allow specific IP addresses to send us emails, those belonging to Google. This is a static list, meaning it doesn’t change unless we change it manually and that is what we did. We changed the Firewall rule to allow that IP address to send us email. Specifically, it was a zone; 108.177.16.0/24

    Now that the emails were being allowed through the firewall, they still weren’t being received and were still bouncing. However, they were now bouncing with an bounce back error code. Something we hadn’t had before. Now that we had the code, which was NDR 421 4.3.2, we could troubleshooting the email server more effectively. 

    Similar to our firewall, our Email server here at the office will only accept emails from specific IP addresses, those belonging to Google. I had to configure our email server with this new IP address zone. Once I made the change, emails that were queued up started flowing. 
    • Marked as answer by SatcomXT Friday, September 11, 2020 7:52 PM
    Friday, September 11, 2020 7:52 PM