Solved

SonicWall or Exchange issue- no outbound mail

Posted on 2004-08-04
8
729 Views
Last Modified: 2008-01-09
We swapped out a low budget firewall and installed a new SonicWall today and mail does not seem to be flowing.  As fate would have it, our ISP accidentally changed our MX yesterday so I understand why inbound mail doesn't reach us yet.  However, I can not send mail outbound either.  

From the Exchange 2000 server I can telnet at port 25 to a remote Exchange server ad get SMTP prompt.  Likewise, RDP to the remote server, I can telnet back to our internal Exchange and get SMTP.  If I look in the queues on Exchange, all mail is getting dumped to the "Messages with unreachable destination" queue.  I enabled SMTP logging and enabled diagnostic logging on SMTP, but can't seem to get any more info.

Any suggestions for things to try.  Would DNS present a problem for outbound mail?  I do have SonicWall IPS and email filtering, but they don't show anything SMTP related in the logs.

Thanks for anything,

Steve      
0
Comment
Question by:smeek
  • 4
  • 3
8 Comments
 
LVL 21

Accepted Solution

by:
marc_nivens earned 500 total points
Comment Utility
Usually when messages go in the unreachable destination queue its because of stale link state data.  Run winroute (from the Exchange CD) and connect to your server.  Look for anything that says object not found in ds.  If you have these, its likely your problem.  Cleaning it up depends on how many servers you have.  If you just have one, reboot it.  If you have many, and you are seeing these symptoms let me know and I'll tell you how to clean it up on multiple servers.

0
 

Expert Comment

by:Thax
Comment Utility
Quote: "Would DNS present a problem for outbound mail? "

Yes, Exchange 2000 / 2003 use DNS by default to send outbound. The remote Exchange server you Telnet'ed onto: Did you use its IP or its FQDN? Try and telnet to mail.hotmail.com 25 or similar. If that doesn't work but telnetting onto an IP address does, then i'd bet thats your problem.

Does normal internet access work on the new server?

Stephan
0
 
LVL 8

Author Comment

by:smeek
Comment Utility
Marc- I will try and get a server restart in at the end of the day.  I thought we did a server restart, but turned out the person only restarted services on our single Exchange box.

Thax- I did telnet to the FQDN of one of the remote servers for testing.  I may not have explained well enough, there is not an issue with DNS resolution but rather rather our DNS records presented to external users.  I was just trying to make sure that those records would/would not impact outbound.

Thanks,

Steve
0
 
LVL 21

Expert Comment

by:marc_nivens
Comment Utility
Before you reboot, be sure and run winroute to check for anything that says object not found in ds.
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 8

Author Comment

by:smeek
Comment Utility
I downloaded and ran.

Under the connector, it shows a red X and I see link state down.  See excerpt below.

( 39ea6dbe3336844f8cf583f9d3db84a7 ( CONFIG {4}SMTP {23}_39ea6dbe3336844f8cf583f9d3db84a7_S {b}[10.0.1.20] {57}/o=NAME/ou=First Administrative Group/cn=Configuration/cn=Connections/cn=NAME_SMTP 0 0 0 0 ffffffff ffffffff 0 1 0 () 0 () 0 () 0 ()  ARROWS ( {4}SMTP {1}* 1 ) BH ( 49cf8f9285cd564d8e707326dbbcac93 CONN_NOT_AVAIL {18}NAME.domain.com ) TARGBH () STATE DOWN)))  )

I don't see anything about an object not found.

Can I restart SMTP VS or the SMTP service?

Steve

 
0
 
LVL 21

Expert Comment

by:marc_nivens
Comment Utility
Ok, this is definitely your problem.  Your only route to the internet is this connector.  Since its in a down state, anything outside your org would go directly to messages with an unreachable destination.  Now what causes an SMTP connector to the internet to enter a down state?  If its using DNS its never supposed to go down.  However, if you are smarthosting (which it sounds like you are) the connector can go down if a socket connection to the smarthost fails.  I would start by changing the smarthost entry to reflect the IP address of the smarthost instead of the FQDN.  Once you make this change it could take a couple of minutes to take effect.  You will know its working when the red x goes away in winroute.
0
 
LVL 8

Author Comment

by:smeek
Comment Utility
Hmm.

I stopped and restart the VS and Service.  The link state showed as up after a few refreshes.  The queues were still backed up.  The state changed to down after a few minutes.

I am actually not using a Smart Host though the WinRoute called it a connector.  I will hold off any more until I can restart box.

Steve
0
 
LVL 21

Expert Comment

by:marc_nivens
Comment Utility
But you actually are using a smarthost, the winroute data above says that you are (the entry for 10.0.1.20 is the IP you are smarthosting to, I'm assuming that's the sonicwall machine).  Since you restarted SMTP and the link showed down again within a few minutes, I doubt rebooting would do anything.  Try telnetting to 10.0.1.20 on port 25.  If you cannot get there, thats your problem.  Once that is fixed the connector will come back online.
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
In this video we show how to create a User Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Mailb…
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now