We help IT Professionals succeed at work.

External -> Internal mailboxes cease at approx. the same time each day (this weekend though all has stopped)

chromenewt
chromenewt asked
on
877 Views
Last Modified: 2013-11-30
I have a general question which has been plaguing us since we changed ISP and I'm hoping someone knows at least the possible cause so I can sort it/leave stern messages with the right people.

At approximately 11am each day (sometimes earlier/later but mainly at that time) we cannot recieve emails from the outside world. We can send each other internal emails no problems, and when we send emails to outside addresses they arrive straight away (tested by sending to various staff home accounts like gmail and hotmail). When we try to reply/send fresh mails from these account we find that again we cannot recieve them at work.

Suddenly, after about 2 hours, they all come flooding in. The problem dissappears until the following day. The only differences from this pattern is it seems that at the weekends we get intermittant mails trickling in (usually spam though). The problem at the moment we have is that since 8am Saturday it hasn't worked.

Anyone know what could cause this? I'd be very appreciative of any suggestions since I'd like to be able to get the ISP sorted or internal gubbins if it's something here. Set-up wise we have an exchange server that goes through an intY exo-server and then through to the ISP. We've spoken to intY and they've been very helpful although they cannot connect to us for some reason despite their instructions. They could with the previous ISP's service and equipment.

Any ideas? I'm assigning 500 points to this as we have an EV coming in tomorrow and we need service back up asap. Thank you all in advance
Comment
Watch Question

CERTIFIED EXPERT

Commented:
In exchange use the messege tracker to see what is happening to the email you send. This will give you a clue weather it is a problem with your server or not. Also when the problem is happening try two things. First is try to connect to a well known mail server using telnet from your exchange server.

Start -> Run -> telnet maila.microsoft.com 25
then issue a "helo" command
you should receive a hello and/or 250 response.

By doing this you are checking if your mail server can establish a SMTP connection with another server.

Second thing to try is from an outside line, maybe if you have a DSL line for testing or even an available dial up line something not part of your network. Try to establish an smtp connection with your server to see if your server accepts connections. To do this it is pretty much the same process as above.

Start -> Run -> telnet name_of_server 25  (Make sure you use the external address)
then issue a "helo" command
you should receive a hello and/or 250 response.

This should let you know if its a problem with you actual internet connection or a problem with you exchange server. Also if you can please use the message tracking tool and post the log. If you need help using the tracking tool let me know or you can refer to this document (assuming you have Exchange 2003) http://www.msexchange.org/tutorials/Exchange-2003-Message-Tracking-Logging.html

althought the procedure for 2000 is pretty much the same also.
It will also be helpful if you can explain you setup a bit more in detail. ie IP config (NAT?) and DNS config. Is DNS hosted internally or by your ISP. Is your routers external (WAN) IP static.

Who is hosting your DNS, what the domain(if you don't mind), so we can check the TTL of the appropriate DNS MX records.

When you cannot receive email, is any other traffic affected. Does web browsing work. Can you connect to any other office hosted services from outside (home DSL). i.e. like your website or Outlook Web access for instance.

In addition to the above tests, also try telnetting to port 25 with just the IP address, if the connection cannot be established, to rule out any DNS related problems.

Rob

Author

Commented:
Thanks for the prompt answers folks. Since I'm quite new to this company I'll give you as much info as I can but I might need you to tell me where else I can find what you need. :)

gbarrientos,
--------------
I did the telnet thing and got a 250 to microsoft as you said. Problem is that nobody here knows what our mail server is called from the outside world (how can I find this out?).

RobArdill,
-----------
I've heard our DNS is local, and we have a static IP address. I went to www.dnsreport.com last week and did a check both during and after the problem and found something to do with the "DNS glue" being faulty during these times where we weren't getting anything in. Since our ISP wasn't sure what this was all about we didn't know what else to do and left it. Could this be the problem?

After this I think I'll hit the books and try to finally sort myself out for the mcse I've been meaning to study for the past 3-4 years. I'm a bit of a bedroom IT theorist rather than practical knowledge guru (my home network never has these problems) :D
CERTIFIED EXPERT

Commented:
to find the name of mail server go to http://www.dnsstuff.com on the right you will see DNS Look up. Change the menu to MX and type in the  YOUR domain name for example my_domain_name.com
CERTIFIED EXPERT

Commented:
Make sure you type in your external domain name

Author

Commented:
Right, did as you said gbarrientos and got the following at this link (tried to copy/paste but it was unintelligable)

http://www.dnsstuff.com/tools/lookup.ch?name=istraining.co.uk&type=MX

What do I do from here? (Thanks again btw) :)
External mail host name is no-mail-here.istraining.co.uk

But I'm gettign connection refused. In this satteit's not possible to delvier mail obviously
CERTIFIED EXPERT

Commented:
Okay there is a problem, it appears that you dont have a MX record. Contact your dns provider which appears to be skymarket and add a MX record to your domain.
CERTIFIED EXPERT

Commented:
Actually im quite supprise that you get any mail from the outside :(
Sorry the host cannot be resolved. Not conenction refused. Also the TTL is set 1800 which is on the low side. Normally it's higher, but not core issue here.

It seems you are missing an A record for no-mail-here.istraining.co.uk. Why that is the case isn't immidately clear, but your issues are DNS related.
CERTIFIED EXPERT

Commented:
Okay this is what you need to do. From your mail server go to http://www.whatismyip.com Then from computer not on your network (as discussed before) go to start-> run -> telnet IP 25 (where ip is the address from the websited reerenced above) this will tell you if there is a tunnel in your router/firewall for email. Then add an MX record that points to that IP address something like mail.istraining.co.uk with IP that you got from the wbpage above. Then wait a couple of hours so that other DNS servers around the world can update.
CERTIFIED EXPERT

Commented:
Im sorry im missing a step on the above dns update. Set an mX record to mail.istraining.co.uk then set a Host or A record of mail.istraining.co.uk pointing to the ip you got from www.whatismyip.com

Author

Commented:
But why would it happen at various times of the day, normally in the morning? It keeps sorting itself out after a few hours (I'm suprised myself it hasn't come back again yet as it's overdue now according to past records). :(

Apparently as well (after talking to the folks who should know in the company) we haven't had any dealings with Skymarket at all... would the ISP change have triggered this?

(Very sorry, I have no idea how ISPs/domain names/etc are purchased and maintained so I'm very much in the dark about the next step in this, but thank you all so far) :)
CERTIFIED EXPERT

Commented:
Before you can go any futher you need to find out who maintains your external dns. Then once you find that out you need to make the changes mentioned above.
You do have an MX record, just that the hostname it points to is missing.

The reason you are recieving mail is that some mail servers aren't totally RFC compliant and will go the extra mile to deliver the email.

Basically they look for an MX record for your domain that contains the actual hostname of your mail server. When it finds that, it then tries to connect to that host on tcp port 25 and deliver the mail. If that fails some SMTP implementations will then just resolve the actual domain and try and deliver the mail there. This is what is probably happening in your case.

Since your istraining.co.uk is resolving to an IP, the mail is being delivered there.

It seems the the istraining.co.uk is accepting a connection on port 25, but not responding as expected. There could be a secondary issue also related to the time factor you mentioned.

Rob

Author

Commented:
Ahh, just read your latest posts.... Our MX records I've heard are updated through a separate company, Demon, and they've already (alledgedly) updated this before (when it didn't work, and now we're at this stage where it 'mostly' works).

Can I update this instead then?
CERTIFIED EXPERT

Commented:
Does DNS MASTER sound familiar..that is the server providing dns for your domain.
CERTIFIED EXPERT

Commented:
Sorry guys 4 AM here....must go to sleep. Ill check back in the morning.

Author

Commented:
No problems, thanks for the help so far... you've already given me something to tell the boss. :)
Get in touch with skymaster. They are hosting the domain for you. They can assist with getting the MX and A record setup properly for your mail server.

Having done that then check using telnet as stated above you ensure its working. The changes can take a few hours to propergate, so if it doesn't work immidately, just wait a bit longer. (24h max) given you last MX TTL was 1800, it should only take 30 mins, but sometimes DNS servers can take longers as they override low TTLs to save on bandwidth and load.

Rob
 
Skymaster is the company. They operate the ns1.dsnmaster.net and ns2.dnsmaster.net domain servers which are responsible for publishing your domain.

The stuff that matters....

; <<>> DiG 9.3.1 <<>> @::1 a istraining.co.uk

;; ANSWER SECTION:
istraining.co.uk.      1077      IN      A      212.84.173.3
www.istraining.co.uk.      1800      IN      A      212.84.173.3
istraining.co.uk.      474      IN      MX      10 no-mail-here.istraining.co.uk.

;; AUTHORITY SECTION:
istraining.co.uk.      85677      IN      NS      ns2.dnsmaster.net.
istraining.co.uk.      85677      IN      NS      ns1.dnsmaster.net.

;; ADDITIONAL SECTION:
ns1.dnsmaster.net.      172077      IN      A      212.84.167.18
ns2.dnsmaster.net.      172077      IN      A      212.84.168.18

Author

Commented:
Righty, just going to type this out before I forget as this may have something to do with the problem.

We were told last year we needed MX records (please bear in mind I'm not sure what this means/involves), then in October we no longer needed them, then in December we needed them again. Speaking with Demon (who are our mail service provider) they say it is currently being directed at our server but is currently unavailable and the problem exists our end. I've spoken to intY (who provide the Exo Server/firewall before it hits the mail server) and even they can't dial in to their own equipment to see what is going on... yet we still have internet/outgoing email...

I'm sorry if I appear to be ignoring advice (I may well have missed a suggestion), I'm just trying to give the details which support/disprove your theories. Thank you all for your patience, it's very much appreciated.
Couple of points we need to clarify.

You email address end with @istraining.co.uk ?
You have an internal SMTP/ Exchange server or is Demon providing a mail server for you?

Rob

Author

Commented:
Hi... sorry if this answer is a bit lacking in length... been working on this all day and just about to grab 4 hours sleep before havin to go back into work. :(

Yup, emails end with @itstraining.co.uk.

Yup, we have a server running Windows Exchange Server '03, but it needs to get through the intY Exo server first... according to tests (and despite many involved companies saying "it's not our service/equipment, it must be somebody elses") it's hitting the router and bouncing off (reason I say that is that intY themselves have tried to connect through to their own equipment and they can't.

A theory I have (please feel free to pick it to shreds as it's one of those "it's so stupid/simple it might just work" ideas) is that the router we're supplied with is only usable on a windows platform, and intY uses a unix/linux based system? (dunno, all I know is that it's accessed through a web browser from other machines). Now because we can't set up the router on the actual machine it's connected to it still thinks the laptop we used to alter the settings is the DMZ (again, I've only just started reading about this so feel free to laugh) but of course it gets connected to a machine which isn't what it thinks is the DMZ machine. Possibility?

Right... sleep now... very tired... catch you all in 4 hours time...
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION
CERTIFIED EXPERT

Commented:
If you post the IP address from http://www.whatismyip.com here we can tell you if the  tunnelling in the  router are set correctly.

Author

Commented:
Apparently the company we deal with all the MX records is called Demon (I presume then that they get the relevent stuff from Skymaster), so I'll throw that back at them.

Our IP address is 81.149.150.189.
CERTIFIED EXPERT

Commented:
And you are using exchange 2003? Do you have any thing else like a spam filter or anything that intercepts connectoins before they get to the exchange server? The reason i am asking is because i dont get the usual exchange banner when i try to establish an smtp connection. Do this...inside the network from a different computer (not being the exchange server) start -> Run -> telnet server 25   .....where server is the internet name or internal IP address or the exchange server. Let me know what you get.

Author

Commented:
I get a "220 [omitting server info, will privately send if important] ESMTP mail service ready at [time+date]"

Getting ahead of myself here, when our ISP told us to set up Outlook Express with the general account settings to test the ports we got a "0x800ccc0e" error which I'm currently looking up here -> http://support.microsoft.com/default.aspx?scid=kb;en-us;q191687

I know it mentions NT and we're using MS ex'03 but it also mentions port 25 being blocked which coincidentally is what intY said they needed to dial in and they couldn't (despite as far as I could tell that port was open to their specific IP address). We even tried disabling everything and opening all ports for a very small time window but they still couldn't get through.

Gut reaction (again unproven) says that the routers we're trying have something we can't completely disable so we're going to try a different bit of kit with no security on it at all that intY support (although we have to get one first). Anyone think of anything in the meantime?

Author

Commented:
Would port 110 being closed up be anything to do with this? If so, how can I open it?

Author

Commented:
Sorry gbarrientos, just re-read what you wrote.... No filtering or anything as far as I can tell.
CERTIFIED EXPERT
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION
CERTIFIED EXPERT

Commented:
By the way port 110 is for POP3, at this point not important, because the mail server is not working. First lets concentrate on getting the mail server up and running then we will worry about turning on POP3, which in my opinion not really neccesary because users can just use OWA (Outlook web access)
CERTIFIED EXPERT

Commented:
Also a side not "220 [omitting server info, will privately send if important] ESMTP mail service ready at [time+date]" there is no need to omit the sever info as it is displayed when you establish a smtp connection to any mail server. In other words once a mail server is set up properly and everything is working that banner will be visible to any one who wants to see it. :)

Author

Commented:
THanks so far.... the boss has just changed the goalposts though... :(

Rather than working from MX records he's put through that we want it changed to pop3 collection tomorrow (well, 6pm... now actually)..... I'm going to have a stiff drink, then cry, and then have a go at it. I'll post when I get more details.
CERTIFIED EXPERT

Commented:
What do you mean by pop3 collection?

Author

Commented:
From what I can gather, rather than the mails be sent directly to us by our mail service provider it's been arranged that now we have to get our server to connect (via pop3 I'm told) to the MSP and collect it that way. From the example used with me, rather than having the mail put through the letterbox in the front door we now have to go out and collect it from the mailbox out the front of the garden. (I'm beginning to feel very lost regarding this subject) :(
CERTIFIED EXPERT

Commented:
This sounds like you guuys are getting someone to host your mail. As fas as I know this does not require you to set up a server but rather setup every workstation to connect via POP3 to that external source.

Author

Commented:
Oh dear God no! I hope he's not expecting me to set up everyone separately!

As far as I was told this has been done before, and that our server calls through and does the picking up, and then distributes the mail to everyone that way.

Just checking, we have everybody's machines connecting to the exchange server, and that in turn stores/gets sent mail from the outside world. Can't the Exchange server be configured to do the picking up?
CERTIFIED EXPERT

Commented:
I dont think so. Well ive never done it..sorry. But my question is why pay someone when you can get exchange to work in your organization?

Author

Commented:
I have no idea, although with my level of knowledge at the moment I'm glad I'm not wholy responsible for it.

I really have to convince my boss that the Microsoft courses are a good idea.
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION
CERTIFIED EXPERT

Commented:
eaperezh,
you have just repeated what RobArdill and myself have been saying all along. But i think all this really doesnt matter because it sounds like their company is going to managed email server from a third party.

Commented:
Right gbarrientos. But he opened another question in another section and that was my answer before reading yours here.
So consider this a "double post".

from a third party seems a waste of the exchange server...

Author

Commented:
Just out of interest, I can see that any machine with too many parts is more prone to breakage and if I'm honest I'd rather see a simple solution rather than a complicated bodge... If we have an exchange server there and ready, how much effort would it take to eliminate the exo server out of the equation? Is there a tried and tested model I can work towards (I've never been let loose on server '03 before so I'm not sure how different it is to NT).

And as for a third party managing the server, I'm afraid it's just me... thanks to the boss mucking around the last company we're left without a service contract to support any of this... It's down to me to make things work so essentialy *I* am that third party.... *sob*

How quick do you think I can cram the MCSA? Know of any banks need robbing to fund this? :)
Sadly it seems your in a bit on mess.

Even though you have an internal exchnage server your internet based email is being handled by an outside party. To complicate matters your domain has expired and mail is not being delivered to your mail provider.

Desipte you admission that you aren't fully understanding of how Internet mail works, I believe it well with in your understanding to get it working if you follow our directions.

We are all singing the same song, we just need you to dance for us. :)

My advice and I'm sure the others would agree at this point consider your mail setup in such a disarray that you can't make it any worse, by trying to do it your self and get ride of the MSP etc. pop3 collection is a real fudge and very limited.

So now you have your external IP. Make sure you ISP can confirm this is a static IP and not likely to change else it will break everything again.

Get Demon to fix your domain as above.

Setup port forwarding on port 25 for your router or get your intY to do this for you. If they won't help, then get rid of them and ask Demon to supply a router under their Internet supply contract.

Then setup your Local PC's to connect to the internal exchange server, either with Outlook express and IMAP/POP3 or use the full exchange client within Outlook (recommended).

If you don't feel comforatable with doing the above  or you want it fixed nice and fast, I suggest going to your local computer store and asking for a tech that can assist.

Regards
Rob
Sorry for the typo's just heading off site, needed to rush :)

Author

Commented:
Hi all, we finally got this all sorted and it seems that the only reason we didn't get this working sooner was my own daft self not quite understanding what was going on. :)

I've awarded RobArdill and Gbarrientos 200 points each since they got the answer right first, and Eaperezh 100 points. However, I awarded the accepted answer to Eaperezh since if anyone else has the same problem they can go straight to that point which also has an explanation of how it all works. I hope you think this is fair as I'm still quite new to this community.

Author

Commented:
...btw, the router was pointed at the intY exoserver which is in between itself and the exchange server... I configured it so it pointed to the next link in the chain and not the destination where it had to go.
thanks for the points

Author

Commented:
No probs. :)

Gain unlimited access to on-demand training courses with an Experts Exchange subscription.

Get Access
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Empower Your Career
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE

Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.