Link to home
Start Free TrialLog in
Avatar of smeek
smeekFlag for United States of America

asked on

SonicWall or Exchange issue- no outbound mail

We swapped out a low budget firewall and installed a new SonicWall today and mail does not seem to be flowing.  As fate would have it, our ISP accidentally changed our MX yesterday so I understand why inbound mail doesn't reach us yet.  However, I can not send mail outbound either.  

From the Exchange 2000 server I can telnet at port 25 to a remote Exchange server ad get SMTP prompt.  Likewise, RDP to the remote server, I can telnet back to our internal Exchange and get SMTP.  If I look in the queues on Exchange, all mail is getting dumped to the "Messages with unreachable destination" queue.  I enabled SMTP logging and enabled diagnostic logging on SMTP, but can't seem to get any more info.

Any suggestions for things to try.  Would DNS present a problem for outbound mail?  I do have SonicWall IPS and email filtering, but they don't show anything SMTP related in the logs.

Thanks for anything,

Steve      
ASKER CERTIFIED SOLUTION
Avatar of marc_nivens
marc_nivens

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Thax
Thax

Quote: "Would DNS present a problem for outbound mail? "

Yes, Exchange 2000 / 2003 use DNS by default to send outbound. The remote Exchange server you Telnet'ed onto: Did you use its IP or its FQDN? Try and telnet to mail.hotmail.com 25 or similar. If that doesn't work but telnetting onto an IP address does, then i'd bet thats your problem.

Does normal internet access work on the new server?

Stephan
Avatar of smeek

ASKER

Marc- I will try and get a server restart in at the end of the day.  I thought we did a server restart, but turned out the person only restarted services on our single Exchange box.

Thax- I did telnet to the FQDN of one of the remote servers for testing.  I may not have explained well enough, there is not an issue with DNS resolution but rather rather our DNS records presented to external users.  I was just trying to make sure that those records would/would not impact outbound.

Thanks,

Steve
Before you reboot, be sure and run winroute to check for anything that says object not found in ds.
Avatar of smeek

ASKER

I downloaded and ran.

Under the connector, it shows a red X and I see link state down.  See excerpt below.

( 39ea6dbe3336844f8cf583f9d3db84a7 ( CONFIG {4}SMTP {23}_39ea6dbe3336844f8cf583f9d3db84a7_S {b}[10.0.1.20] {57}/o=NAME/ou=First Administrative Group/cn=Configuration/cn=Connections/cn=NAME_SMTP 0 0 0 0 ffffffff ffffffff 0 1 0 () 0 () 0 () 0 ()  ARROWS ( {4}SMTP {1}* 1 ) BH ( 49cf8f9285cd564d8e707326dbbcac93 CONN_NOT_AVAIL {18}NAME.domain.com ) TARGBH () STATE DOWN)))  )

I don't see anything about an object not found.

Can I restart SMTP VS or the SMTP service?

Steve

 
Ok, this is definitely your problem.  Your only route to the internet is this connector.  Since its in a down state, anything outside your org would go directly to messages with an unreachable destination.  Now what causes an SMTP connector to the internet to enter a down state?  If its using DNS its never supposed to go down.  However, if you are smarthosting (which it sounds like you are) the connector can go down if a socket connection to the smarthost fails.  I would start by changing the smarthost entry to reflect the IP address of the smarthost instead of the FQDN.  Once you make this change it could take a couple of minutes to take effect.  You will know its working when the red x goes away in winroute.
Avatar of smeek

ASKER

Hmm.

I stopped and restart the VS and Service.  The link state showed as up after a few refreshes.  The queues were still backed up.  The state changed to down after a few minutes.

I am actually not using a Smart Host though the WinRoute called it a connector.  I will hold off any more until I can restart box.

Steve
But you actually are using a smarthost, the winroute data above says that you are (the entry for 10.0.1.20 is the IP you are smarthosting to, I'm assuming that's the sonicwall machine).  Since you restarted SMTP and the link showed down again within a few minutes, I doubt rebooting would do anything.  Try telnetting to 10.0.1.20 on port 25.  If you cannot get there, thats your problem.  Once that is fixed the connector will come back online.