• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 751
  • Last Modified:

SonicWall or Exchange issue- no outbound mail

We swapped out a low budget firewall and installed a new SonicWall today and mail does not seem to be flowing.  As fate would have it, our ISP accidentally changed our MX yesterday so I understand why inbound mail doesn't reach us yet.  However, I can not send mail outbound either.  

From the Exchange 2000 server I can telnet at port 25 to a remote Exchange server ad get SMTP prompt.  Likewise, RDP to the remote server, I can telnet back to our internal Exchange and get SMTP.  If I look in the queues on Exchange, all mail is getting dumped to the "Messages with unreachable destination" queue.  I enabled SMTP logging and enabled diagnostic logging on SMTP, but can't seem to get any more info.

Any suggestions for things to try.  Would DNS present a problem for outbound mail?  I do have SonicWall IPS and email filtering, but they don't show anything SMTP related in the logs.

Thanks for anything,

Steve      
0
smeek
Asked:
smeek
  • 4
  • 3
1 Solution
 
marc_nivensCommented:
Usually when messages go in the unreachable destination queue its because of stale link state data.  Run winroute (from the Exchange CD) and connect to your server.  Look for anything that says object not found in ds.  If you have these, its likely your problem.  Cleaning it up depends on how many servers you have.  If you just have one, reboot it.  If you have many, and you are seeing these symptoms let me know and I'll tell you how to clean it up on multiple servers.

0
 
ThaxCommented:
Quote: "Would DNS present a problem for outbound mail? "

Yes, Exchange 2000 / 2003 use DNS by default to send outbound. The remote Exchange server you Telnet'ed onto: Did you use its IP or its FQDN? Try and telnet to mail.hotmail.com 25 or similar. If that doesn't work but telnetting onto an IP address does, then i'd bet thats your problem.

Does normal internet access work on the new server?

Stephan
0
 
smeekAuthor Commented:
Marc- I will try and get a server restart in at the end of the day.  I thought we did a server restart, but turned out the person only restarted services on our single Exchange box.

Thax- I did telnet to the FQDN of one of the remote servers for testing.  I may not have explained well enough, there is not an issue with DNS resolution but rather rather our DNS records presented to external users.  I was just trying to make sure that those records would/would not impact outbound.

Thanks,

Steve
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
marc_nivensCommented:
Before you reboot, be sure and run winroute to check for anything that says object not found in ds.
0
 
smeekAuthor Commented:
I downloaded and ran.

Under the connector, it shows a red X and I see link state down.  See excerpt below.

( 39ea6dbe3336844f8cf583f9d3db84a7 ( CONFIG {4}SMTP {23}_39ea6dbe3336844f8cf583f9d3db84a7_S {b}[10.0.1.20] {57}/o=NAME/ou=First Administrative Group/cn=Configuration/cn=Connections/cn=NAME_SMTP 0 0 0 0 ffffffff ffffffff 0 1 0 () 0 () 0 () 0 ()  ARROWS ( {4}SMTP {1}* 1 ) BH ( 49cf8f9285cd564d8e707326dbbcac93 CONN_NOT_AVAIL {18}NAME.domain.com ) TARGBH () STATE DOWN)))  )

I don't see anything about an object not found.

Can I restart SMTP VS or the SMTP service?

Steve

 
0
 
marc_nivensCommented:
Ok, this is definitely your problem.  Your only route to the internet is this connector.  Since its in a down state, anything outside your org would go directly to messages with an unreachable destination.  Now what causes an SMTP connector to the internet to enter a down state?  If its using DNS its never supposed to go down.  However, if you are smarthosting (which it sounds like you are) the connector can go down if a socket connection to the smarthost fails.  I would start by changing the smarthost entry to reflect the IP address of the smarthost instead of the FQDN.  Once you make this change it could take a couple of minutes to take effect.  You will know its working when the red x goes away in winroute.
0
 
smeekAuthor Commented:
Hmm.

I stopped and restart the VS and Service.  The link state showed as up after a few refreshes.  The queues were still backed up.  The state changed to down after a few minutes.

I am actually not using a Smart Host though the WinRoute called it a connector.  I will hold off any more until I can restart box.

Steve
0
 
marc_nivensCommented:
But you actually are using a smarthost, the winroute data above says that you are (the entry for 10.0.1.20 is the IP you are smarthosting to, I'm assuming that's the sonicwall machine).  Since you restarted SMTP and the link showed down again within a few minutes, I doubt rebooting would do anything.  Try telnetting to 10.0.1.20 on port 25.  If you cannot get there, thats your problem.  Once that is fixed the connector will come back online.
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now