acesover2000
asked on
Should be easy!! Troubleshoot external access to Exchange Webmail down
I recently performed some maintenance on an Exchange server (moved the log directory to a more ample hard drive) (and replaced our network switch with one with a Gbit port for our server).
Now we can't access our webmail through http://mail.nationaleventsllc.com/exchange
though this used to work before. We have DirecPC satellite internet hookup.
when I went to http://whatismyip.com from a machine on the lan it gave me a diff IP than the one given by mail.nat..... but I don't think that the IP addy changed because that would just be too much coincidence that it happened at the same time as my changes.
The webmail IS available inside the LAN.
I am able to telnet in port 25 to mail.... and also open a connection on port 80 to mail.... but I can't get a browser to pull anything up from that addy
Any Ideas?
Now we can't access our webmail through http://mail.nationaleventsllc.com/exchange
though this used to work before. We have DirecPC satellite internet hookup.
when I went to http://whatismyip.com from a machine on the lan it gave me a diff IP than the one given by mail.nat..... but I don't think that the IP addy changed because that would just be too much coincidence that it happened at the same time as my changes.
The webmail IS available inside the LAN.
I am able to telnet in port 25 to mail.... and also open a connection on port 80 to mail.... but I can't get a browser to pull anything up from that addy
Any Ideas?
ASKER
thanks for the info on the black list that is something I neglected to check.. However I think you got a little side tracked.. My mail server is performing it's SMTP/POP/EXCHANGE duties properly it's just webmail that's down.
BTW for some reason many cheaper ISP's (DSL/Sat/Cable) -- you can't tracert to the IP
BTW for some reason many cheaper ISP's (DSL/Sat/Cable) -- you can't tracert to the IP
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
well marakush I'll give you the points because you were the only one to answer and basically made me feel smart by doing everything (almost) I did to troubleshoot the problem
My final blockade was not being able to recover our router's password, so I eventually just reset the PW and rebuilt the LAN IP setup. Oh well.. it works again (but I have no idea why it failed because I couldn't have changed anything in the router in the first place... Damn Satellite internet was an interesting learning experience)
congrats that's an easy 500.. don't spend them all in one place!
hehe
oh BTW the the external IP differing from the GW addy given by our ISP is common practice with Satellite WHICH as I JUST FOUND OUT causes the extremely unfortunate side affect of becoming blacklisted on certain lists
As far as Reverse DNS goes.. most cheapo providers don't allow reverse DNS which is also (synonym of happy).
Corrections Comments?
My final blockade was not being able to recover our router's password, so I eventually just reset the PW and rebuilt the LAN IP setup. Oh well.. it works again (but I have no idea why it failed because I couldn't have changed anything in the router in the first place... Damn Satellite internet was an interesting learning experience)
congrats that's an easy 500.. don't spend them all in one place!
hehe
oh BTW the the external IP differing from the GW addy given by our ISP is common practice with Satellite WHICH as I JUST FOUND OUT causes the extremely unfortunate side affect of becoming blacklisted on certain lists
As far as Reverse DNS goes.. most cheapo providers don't allow reverse DNS which is also (synonym of happy).
Corrections Comments?
Doing a nslookup on your domain name the mail server's MX record is MAIL.nationaleventsllc.com
> set query=all
> nationaleventsllc.com
Server: xxx.xxx.com
Address: xxx.xxx.xxx.xxx
nationaleventsllc.com internet address = 216.168.224.70
nationaleventsllc.com
primary name server = NS51.WORLDNIC.com
responsible mail addr = namehost.WORLDNIC.com
serial = 2004111600
refresh = 10800 (3 hours)
retry = 3600 (1 hour)
expire = 604800 (7 days)
default TTL = 7200 (2 hours)
nationaleventsllc.com nameserver = NS51.WORLDNIC.com
nationaleventsllc.com nameserver = NS52.WORLDNIC.com
nationaleventsllc.com MX preference = 10, mail exchanger = MAIL.nationalevents
llc.com
MAIL.nationaleventsllc.com
Doing a ping to 69.35.38.18 - dead
Doing a tracert - dead at
14 14 ms 22 ms 22 ms dpc6682016038.direcpc.com [66.82.16.38]
C:\>tracert 69.35.38.18
Tracing route to dpc693538018.direcpc.com [69.35.38.18]
over a maximum of 30 hops:
1 2 ms 1 ms 1 ms xxx.xxx.xxx.xxx
2 4 ms 4 ms 4 ms 454a094d.cst.lightpath.net
3 4 ms 4 ms 4 ms r2-ge13-2-1.cst.bthpny.cv.
4 4 ms 4 ms 4 ms r4-srp11-0.cr.hcvlny.cv.ne
5 4 ms 4 ms 4 ms 65.19.104.2
6 5 ms 5 ms 5 ms r2-srp13-0.in.nycmnyzr.cv.
7 * * * Request timed out.
8 6 ms 5 ms 5 ms ae-1-55.bbr1.newyork1.leve
9 10 ms 10 ms 32 ms ae-0-0.bbr2.washington1.le
]
10 15 ms 14 ms 10 ms ge-7-1.hsa1.washington1.le
11 12 ms 11 ms 12 ms unknown.level3.net [63.215.128.130]
12 150 ms 14 ms 16 ms dpc6682016078.direcpc.com [66.82.16.78]
13 24 ms 29 ms 17 ms gmtc-cr-ti-01-gi7-1.direcp
14 14 ms 22 ms 22 ms dpc6682016038.direcpc.com [66.82.16.38]
15 * * * Request timed out.
16 * * * Request timed out.
17 * * * Request timed out.
18 * * * Request timed out.
19 * * * Request timed out.
20 * * * Request timed out.
21 * * * Request timed out.
This is the responce I get when I try a test from www.dnsstuff.com
Trying to connect to all mailservers:
MAIL.nationaleventsllc.com
You email server is listed on 4 spam databases and blacklists.
FIVETENSRC LISTED (127.0.0.2) Reports CNAME of 69.35.70.43.direcpc.com.mi
TXT= "miscellaneous address blocks that have sent spam here" 86400 seconds 0 ms
DSBLALL LISTED (127.0.0.2) TXT= "http://dsbl.org/listing?69.35.38.18" 2048 seconds 0 ms
DSBL LISTED (127.0.0.2) TXT= "http://dsbl.org/listing?69.35.38.18" 2048 seconds 0 ms
DNSBLNETAUT1 LISTED (127.0.0.2) TXT= "http://dsbl.org/listing?69.35.38.18" 2048 seconds 0 ms
As for a reverse DNS record - which might cause problems because your reverse DNS record is not listed as you.
Location: United States [City: Germantown, Maryland]
Preparation:
The reverse DNS entry for an IP is found by reversing the IP, adding it to "in-addr.arpa", and looking up the PTR record.
So, the reverse DNS entry for 69.35.38.18 is found by looking up the PTR record for
18.38.35.69.in-addr.arpa.
All DNS requests start by asking the root servers, and they let us know what to do next.
See How Reverse DNS Lookups Work for more information.
How I am searching:
Asking e.root-servers.net for 18.38.35.69.in-addr.arpa PTR record:
e.root-servers.net says to go to dill.arin.net. (zone: 69.in-addr.arpa.)
Asking dill.arin.net. for 18.38.35.69.in-addr.arpa PTR record:
dill.arin.net [192.35.51.32] says to go to ns2.direcpc.com. (zone: 35.69.in-addr.arpa.)
Asking ns2.direcpc.com. for 18.38.35.69.in-addr.arpa PTR record: Reports dpc693538018.direcpc.com. [from 66.82.4.12]
Answer:
69.35.38.18 PTR record: dpc693538018.direcpc.com. [TTL 86400s] [A=69.35.38.18]
So okay there are a few problems... But the big thing is I was able to get a reply from postmaster@nationaleventsl
Marakush