Share via

Troubleshoot delayed messages to protection.outlook.com recipent domains

IPG87 0 Reputation points
2023-03-06T17:39:43.9033333+00:00

Hello, hoping I can get some guidance here. Please note that his is an intermittent issue that does eventually clear.

We have near the same problem as this post https://learn.microsoft.com/en-us/answers/questions/713045/certain-mail-protection-outlook-com-mail-servers-w

When sending email from our on-prem Exchange server 2010 (soon to migrated to 2019), suddenly all domains using protection.outlook.com MX servers will get Connection Reset errors and all my users will get 400 4.4.7 Message Delayed NDR's. I get a flood of helpdesk request...

In all cases Primary target IP responds with 421 4.4.2 Connection Resets. I'm thinking we are probably on the M$ sh* (spam) list. But all my tests suggest we are clean according to spam lookups for dougallmedia.com

The emails eventually clear. In the post above referenced that solution was to create a hub transport rules for each domain, but that's not going to be a workable solution in my case as it seems to be A. Intermittent (hitting a certain MX farm?) and B. at that point in time, it effect all domains we hit that are using 365 MX servers it seems.

We currently only use SPF records as I was waiting to migrate before getting into DMARC and DKIM.

Any ideas to find out why we are being nuked by 365, and how I might find more logging to lead to any answer?

EDIT: some hours later after trying to suspend and resume messages they are still stuck with the same 421 4.4.2 errors..

How does one 'ask' M$ to send or show why it's not happy with us. And I did add a DMARC record to make sure it wasn't simply that it was hanging up on.

Exchange Server
Exchange Server
A family of Microsoft client/server messaging and collaboration software.
1,277 questions
Exchange Server Management
Exchange Server Management
Exchange Server: A family of Microsoft client/server messaging and collaboration software.Management: The act or process of organizing, handling, directing or controlling something.
7,610 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Jame Xu-MSFT 4,176 Reputation points
    2023-03-07T08:04:34.91+00:00

    Hi @IPG87 ,

    Based on my searching, there are exist two setting which could cause this issue:

    1. You firewall blocked Exchange online/Hotmail related IP. You could disable firewall temporarily to check whether is this issue related with firewall. If this phenomenon gone, you will need check the configuration on your firewall.
    2. There may be configured DNS lookup on your Exchange server
      If you configured the DNS lookup, you need to make sure the DNS could be resolved to Microsoft related mail server.

    You could refer to:

    421 4.4.2 Connection dropped due to SocketError

    Server returned '400 4.4.7 message delayed' when send to office 365

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment". 

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.