Thursday, 18 July 2019

550 5.4.316 Message expired, connection refused (Socket error code 10061)

In a recent engagement of Exchange migration to O365 the client started experiencing random inbound delivery failures. The error in the NDR was that in the title:

Research pointed to a couple of articles that all suggest checking the firewall:

  • O365 sources blacklisted/quarantined by an over-zealous Fortigate IPS rule -
  • Microsoft's own experience and recommendation -
It turned out to be not a firewall, but a case of asymmetric routing. Close enough. A new device has been introduced into the customer's environment to set up a VPN with a sister company at around the same time when the first delivery error reports started to came in. Setting up the VPN affected routing, resulting in egress/ingress SMTP traffic to/from the same source took very different paths.

Once routing has been corrected, email started to flow normally again.

Till next time.