Exchange server not responding to SMTP on specific domain

Ok, this is a pretty tricky question I believe.  This MAY not be an Exchange problem or issue, and might be a problem with my firewall instead, but I wanted to start here first.

Here is the setup:
Cisco 501 PIX, connecting to BellSouth DSL with statically assigned IP address.
PIX is configured to pass TCP port 25 traffic to inside LAN interface where the MS-Exchange server is located
The MS-Exchange server is on a local domain called, "LOCAL.LAN"  and is configured to accept and send email for an Internet domain called, "LOCAL.COM", (true domain name hidden for security reasons).

When any email is sent internally to the MS-EXCH server for any domain or email user ID, email is received just fine.  Any email sent from the internal LAN to the Internet is sent outbound without error.

The problem is that any inbound email from the Internet destined for the domain LOCAL.COM, it is never received and the sender never receives an "Undeliverable" email response.

Basically what happens is this:
Jane@local.com can send email to any email on the local.lan AND even the local.com domains as long as she is on the local LAN when she does this.

Jane@local.com can send email to her personal email address of Jane@yahoo.com

However, Jane can NOT send email from her personal email address of Jane@yahoo.com to her Jane@local.com address, and does not get any errors back when she does.  The email just goes into the 'ether' somewhere.

Any guesses as to WHERE I might look to fix this problem?

Thank you,
jgrammer42Asked:
Who is Participating?
 
SembeeCommented:
You either haven't got port 25 open on the firewall, or port 25 is blocked by your ISP.
If you are looking at the config of the PIX, then also disable fixup SMTP which can cause problems with email delivery.

Simon.
0
 
SembeeCommented:
Looks like a bog standard inbound failure.

Two things to do.

1. Enable message tracking so that you can see what Exchange is doing with the message (if it gets to Exchange).
2. Put the domain in to dnsreport.com and see what errors it throws back.

Simon.
0
 
jgrammer42Author Commented:
Sembee,

I am unsure how to put the domain in dnsreport.com  

Under "Diagnostics Logging" where do I set that param?

Thank you,
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
northcideCommented:
http://www.dnsreport.com/tools/dnsreport.ch?domain=LOCAL.COM

is the sending domain recieving any non delivery reports?  those might be useful :)
0
 
SembeeCommented:
Go to http://www.dnsreport.com and enter the domain in the box supplied.

I doubt whether diagnostics logging would show anything. I meant logging on the SMTP VS itself.
ESM, Servers, <your server>, Protocols, SMTP. Right click on the SMTP VS and choose Properties.

Simon.
0
 
jgrammer42Author Commented:
Output from dnsreports.com is the following:

DNS Report
-------------
ERROR: I could not complete a connection to any of your mailservers!

MAIL.local.com: Timed out [Last data sent: [Did not connect]]

If this is a timeout problem, note that the DNS report only waits about 40 seconds for responses, so your mail may work fine in this case but you will need to use testing tools specifically designed for such situations.
=========================================================================
Mail Test
----------
jane@local.com. - www.xxx.yyy.zzz  [Could not connect: Could not receive data: Operation timed out.]
  [Note that if your mailserver takes over 30 seconds to respond, our test will timeout, even though real mailservers will wait longer]
=========================================================================

This is exactly what I am seeing when I try to telnet on port 25 from the Internet.  

Any thoughts?

Thank you,

This is the error I am seeing yet the MX record is resolving correcty
0
 
northcideCommented:
you need to do it to your domain, not sub. so just LOCAL.COM, not MAIL.LOCAL.COM
0
 
jgrammer42Author Commented:
northcide,
Sorry, I did just do that for the top level domain.  I edited the results out for security reasons, but the error I cut and pasted gave the FQDN of the MX record.




0
 
jgrammer42Author Commented:
Sembee,
AH HA!  I think you're right about the ISP....I never thought of that.  

I will accept your answer, and if I find that they are not blocking it, I will repost my question.

Thanks for stating the obvious that I was overlooking!

0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.