Exchange 2000 - outgoing and incoming mail not working


I am trying to get Exchange 2000 to send and receive external email on a Win2K Server machine. The domain is "" and it seems to respond from a telnet port 25 ping. The IP is, as you'll see on

The info on says that the mx record/IP is pointed to However, nowhere on my Exchange server do i have any record setup in DNS to point to this.

Another company handles our website and we now handle the Exchange mail. What can I check in my servers DNS or Exchange settings to make sure it can send mail out successfully and retreive it?

Currently in DNS settings, I just have the standard stuff in there. I have a Forward Lookup Zone called "". In that I have three types of entries - Start of Authority for, - Name Server for - and a Host type with a data value of and a name of server1. This was auto populated when we installed W2K Server and setup DNS. There are no entries mentioning "" or anything.

I tried sending a test message from an internal user to an external address. Those messages are sitting in the queue in a "retry" connection state - and have been for hours. The error it says is: "An internal DNS error caused a failure to find the remote server." So they are clearly not moving. I sent a message from an internal user back to that same user - so the internal seems to be working ok.

Again, I don't want to screw up any website dns stuff that our provider is handling, but I need to get external mail figured out. This is clearly a DNS problem.

Any suggestions on the correct configuration? Please be as specific as possible.

Who is Participating?

Improve company productivity with a Business Account.Sign Up

marc_nivensConnect With a Mentor Commented:
Your outbound and inbound issues are actually 2 different problems, but both are DNS related.

Inbound Mail:

Your MX record already points to your Exchange server so the DNS config for inbound mail is already taken care of.
When you send mail to your domain, does it get there?  If not, what does the NDR say?
One common issue is not having your email domain listed in any recipient policy.  You can simply change the address
on the default policy to to fix this.

Outbound Mail:

It sounds like you're pointing to your own internal AD server for DNS (as you should be).  It sounds like you don't have any forwarders set up.  In you DNS server console, go to properties and then to the forwarders tab.  If this is greyed out, cancel out of here and delete the zone called ".".  Restart the DNS console and it should no longer be greyed out.  In here you can define external DNS servers to forward unresolved requests to.  Just add your ISP's DNS servers in here and outbound mail should start working.
CyberianPrimeAuthor Commented:
Well I think things are working now - just got an outside email and was able to send outside. Still checking things out but things do look good. And, oh yeah, my DNS provider screwed up our IP when the modified their MX records to point to this server. That's prob why this all took so long to workout.
CyberianPrimeAuthor Commented:
Can you get a bit more specific regarding the outbound mail external DNS servers? How exactly do I enter those and in what format. Thanks.
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

CyberianPrimeAuthor Commented:
Nevermind - i found the area for DNS forwarding. Thanks. So I don't need to add anything to my forward lookup zone?
CyberianPrimeAuthor Commented:
Also, how do I secure this so spam doesn't take over my outgoing queue (which I keep hearing about). Is there an easy way to do this?

Sorry for the question piggyback, but I figure I allocated enough points for it. :)
You shouldn't have to make any changes to your zone. As far as spam, unauthenticated relay should be disabled out of the box.  Just make sure your guest account is disabled and you have a strong admin password to avoid some common exploits.
CyberianPrimeAuthor Commented:
Thanks Marc. Where do I check to see if unauthenticated relay is disabled? Guest account is disabled and the admin password is strong (alphanumeric).
Open properties of the SMTP virtual server for your machine in ESM.  Go to the 2nd tab, click on Relay.  It should say only the list below, with the list being blank.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.