• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 290
  • Last Modified:

Outside world cannot connect to my Mail Server

Long story short, my system was compromised the other day and Exchange went crazy. I posted for some help on what was happening and spent a lot of time cleaning things up and changing settings on my Win2k server, my Exchange2k server and my router.

Now, everything looks great EXCEPT I have no incoming e-mail.

I have no idea what I should look at to see where the hold up is.

Can someone give me some steps to take so I can get my mail back up and running?

Thanks DL
1 Solution
David WilhoitSenior Consultant, ExchangeCommented:
ok, do the basics first...
Is SMTP service running, and SMTP VS on?
Internal DNS squared away, with EXchange using the internal DNS server as primary?
Can you telnet to port 25? from inside? if yes, from outside?
Is the RUS and default recipient policy in good order?

DLockwoodAuthor Commented:
I am a web programmer, and while I have a familiarity with all of these things, I am not actually sure how to do them......

1.) When I go to Services, all of the Exchange services are running except for the exchange event and exchange site replication service.

2.) I think the internal DNS is squared away but don't know how to check. I didn't make changes to it and it worked before. How do I check to see if Exchange is using the Internal DNSD server as primary? Again, it used to work and I don't believe I changed any setting like that.

3.) How do I telnet?

4.) What is RUS and hopw do I tell if this and the default recipient poilicy are in good order?

Again, I made very few changes to Exchange and they were mostly in the SMTP Virtual Server settings so I can't imagine that there is a problem with Exchange. It seems more likely that I have done something to block out mail at the router level or at the server 2000 level, but I don't really know.

All help is appreciated........DL
DLockwoodAuthor Commented:
I also found this http://www.uksecurityonline.com/husdg/windowsxp/dos.htm link and have implemented the settings on both my Server and the XP mahine that seems to have created all of the problems.

I don't know if this someone "shut down" the ability for my server to recieve messages.

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

Lockwood where is ur server located?is it behind a firewall or completely expossed .If it is behind a good firewall then go and undo everything that u did in that artical(IT is completely up to u) and see if ur problem is solved.MS would like u to think that u can turn a server in to a firewall but even the best firewalls can be compromoised.
DLockwoodAuthor Commented:
It is behind a router which has firewall settings in it and is setup, supposedly, to be my protection. I will undo those setting now and see if that helps.

DLockwoodAuthor Commented:
Doesn't help.

I wonder.......... after the attack, I had so many items in my queue and in my badmail folder, that I couldn't handle them the nowmal way. I read somewhere to just go into them through DOS and delete the contents.

Could that have anything to do with it?

BTW - When I test now, the outside world does see my mailserver, but my server will not go and get any mail - there is still nothing coming in.

DLockwoodAuthor Commented:
Found the answer on my own and problem is solved.

Thanks anyway. ABove comments played no role in the problem.

Please delete question.

Care to share your solution? I'm running into a very similar problem and trying to figure it out.
DLockwoodAuthor Commented:
Sure. I had one of my settings wrong. I read somewhere that only my router's IP should be able to connect to my SMTP server. So I went to:

System Manager >> SMTP Virtual Server >> Properties >> Access >> Connections
and selected the radio button "Only the List below" and added the IP address of my router.

Well, I didn't realize that this should be set to "All except the list below". Then I can add domains or IPs that I want to exclude.

Anyway, in the end it was that simple.

PAQed, with points refunded (250)

Community Support Moderator
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now