Outside world cannot connect to my Mail Server

Long story short, my system was compromised the other day and Exchange went crazy. I posted for some help on what was happening and spent a lot of time cleaning things up and changing settings on my Win2k server, my Exchange2k server and my router.

Now, everything looks great EXCEPT I have no incoming e-mail.

I have no idea what I should look at to see where the hold up is.

Can someone give me some steps to take so I can get my mail back up and running?

Thanks DL
DLockwoodAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

David WilhoitSenior Consultant, ExchangeCommented:
ok, do the basics first...
Is SMTP service running, and SMTP VS on?
Internal DNS squared away, with EXchange using the internal DNS server as primary?
Can you telnet to port 25? from inside? if yes, from outside?
Is the RUS and default recipient policy in good order?

D
DLockwoodAuthor Commented:
I am a web programmer, and while I have a familiarity with all of these things, I am not actually sure how to do them......

1.) When I go to Services, all of the Exchange services are running except for the exchange event and exchange site replication service.

2.) I think the internal DNS is squared away but don't know how to check. I didn't make changes to it and it worked before. How do I check to see if Exchange is using the Internal DNSD server as primary? Again, it used to work and I don't believe I changed any setting like that.

3.) How do I telnet?

4.) What is RUS and hopw do I tell if this and the default recipient poilicy are in good order?

Again, I made very few changes to Exchange and they were mostly in the SMTP Virtual Server settings so I can't imagine that there is a problem with Exchange. It seems more likely that I have done something to block out mail at the router level or at the server 2000 level, but I don't really know.

All help is appreciated........DL
DLockwoodAuthor Commented:
I also found this http://www.uksecurityonline.com/husdg/windowsxp/dos.htm link and have implemented the settings on both my Server and the XP mahine that seems to have created all of the problems.

I don't know if this someone "shut down" the ability for my server to recieve messages.

DL
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

VahikCommented:
Lockwood where is ur server located?is it behind a firewall or completely expossed .If it is behind a good firewall then go and undo everything that u did in that artical(IT is completely up to u) and see if ur problem is solved.MS would like u to think that u can turn a server in to a firewall but even the best firewalls can be compromoised.
DLockwoodAuthor Commented:
It is behind a router which has firewall settings in it and is setup, supposedly, to be my protection. I will undo those setting now and see if that helps.

DL
DLockwoodAuthor Commented:
Doesn't help.

I wonder.......... after the attack, I had so many items in my queue and in my badmail folder, that I couldn't handle them the nowmal way. I read somewhere to just go into them through DOS and delete the contents.

Could that have anything to do with it?

BTW - When I test now, the outside world does see my mailserver, but my server will not go and get any mail - there is still nothing coming in.

DL
DLockwoodAuthor Commented:
Found the answer on my own and problem is solved.

Thanks anyway. ABove comments played no role in the problem.

Please delete question.

DL
gatchaboyCommented:
Care to share your solution? I'm running into a very similar problem and trying to figure it out.
DLockwoodAuthor Commented:
Sure. I had one of my settings wrong. I read somewhere that only my router's IP should be able to connect to my SMTP server. So I went to:

System Manager >> SMTP Virtual Server >> Properties >> Access >> Connections
and selected the radio button "Only the List below" and added the IP address of my router.

Well, I didn't realize that this should be set to "All except the list below". Then I can add domains or IPs that I want to exclude.

Anyway, in the end it was that simple.

DL
GhostModCommented:
PAQed, with points refunded (250)

GhostMod
Community Support Moderator

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.