Solved

Some external mail bouncing back to senders

Posted on 2006-06-12
12
752 Views
Last Modified: 2012-08-13
Exchange 03

We are having an issue with emails. Internal mail is fine. Some external mail is coming through but some isnt. The senders recieve a timeout error.
I have the folowing email from our ISP engineers. They say when they telnet our mail server they get no responce at all! Not even a deny message. They say its our problem and i cannot find anythin wrong. I have checked all out DNS records etc. I dont see how we can be recieving external mail fine from some people but not others........help!


Our mail relay is reporting a lot of timeouts when sending mail to "nz.co.nz". A majority of Emails will timeout originally, sit in a retry queue then go through on the 2nd or 3rd attempt sometime later.
Esentially our Relay is not recieveing an intial response once it makes a connection to your Mail Server and is not sending mail till it receives one. I tried telnetting to mail.nz.co.nz. When I tried a simple HELO saatchi.co.nz I got no immediate response. After a short time I got the below response:

220-SMTP Relay
220 Warning: no name found in DNS for your host address 250 OK

I assume your relay is trying a reverse DNS lookup. I can confirm our DNS records are correct with no recent changes. Could you please check settings at your end.
0
Comment
Question by:comerro1
  • 6
  • 5
12 Comments
 
LVL 39

Expert Comment

by:redseatechnologies
ID: 16891588
Hi comerro1,

nz.co.nz doesnt work - i hope you know that!

http://www.zmailer.org/mxverify.html

nz.co.nz has no mx records - what is your actual domain so we can have a look and see if it is right.

If you dont feel comfortable doing that, enter it yourself into the link above and post the results (without your domain of course)

Hope that helps,

-red
0
 

Author Comment

by:comerro1
ID: 16891770
haha no worrys its

db.co.nz
0
 
LVL 39

Expert Comment

by:redseatechnologies
ID: 16891918
OK, well it worked, it let me connect - however that test is far from conclusive.

I did notice, however, that it took AGES for the server to respond, which I initially thought was something to do with tarpitting, but it seems to be related to the DNS lookup that it performs on incoming mail.

Testing server at address: IPv4 210.54.2.195
[ CONNECTED! ]

 220-SMTP Relay
 220 Warning: no name found in DNS for your host address
 EHLO z2.cat.iki.fi
 250-db.co.nz

-

Have a look at this -> http://support.microsoft.com/Default.aspx?kbid=319356

There is a section there;  How to Use Reverse DNS Lookup.

DISABLE that on your server and then telnet to port 25 and see if you still get that - 220 Warning: no name found in DNS for your host address - message

-red
(i cant believe how long it took me to find that setting!)
0
 

Author Comment

by:comerro1
ID: 16891954
It wasnt enabled...... ?

It musy have taken you awhile cos i couldnt find it!
0
 
LVL 39

Expert Comment

by:redseatechnologies
ID: 16891973
Actually, of course it isnt...

Your exchange server is not the one receiving mail from the outside world.

You have a gateway between the exchange server, and the internet - correct?

THAT machine is the one that you want to disable DNS verification.

-red
0
 
LVL 104

Expert Comment

by:Sembee
ID: 16898101
That is definitely not an Exchange server answer emails.
http://www.dnsreport.com/tools/dnsreport.ch?domain=db.co.nz

Plus the server seems to have confused identities which will cause problems with some servers accepting email.

Simon.
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 

Author Comment

by:comerro1
ID: 16898571
Hi Simon,

Thats a really interesting report. What would you suggest i do?
0
 

Author Comment

by:comerro1
ID: 16899278
I have found many of these errors within our content filters logs

SMTP command failed when talking to 172.28.0.10: >>> RCPT TO: <susanne.wasdon@dbgroup.co.nz>
 <<< 501 This system is not configured to relay mail from <citywd@altern.org> to <susanne.wasdon@dbgroup.co.nz> for 172.28.0.10

172.28.0.10 is our internal firewall IP

Maybe because these email address are spoofed citywd@altern.org (doesnt seem to be a valid address)

0
 
LVL 39

Expert Comment

by:redseatechnologies
ID: 16899382
is 172.28.0.10 the machine that receives mail directly from the internet?

Looks like it is either not configured to handle mail for dbgroup.co.nz (it may just be configured for db.co.nz) or, more likely, is checking inbound senders against a DNS server that is no longer functioning

What is that firewall/gateway/whatever running??

-red
0
 

Author Comment

by:comerro1
ID: 16899666
Im fairly new to this position the guy i replaced was a complete propellor-head and everything is setup really complicated. Ive been here 5months and still trying to get my head around what hes done.

172.28.0.10 is our physical firewall's internal address.
On this domain we have
1 exchange server
1 content filter
1 ISA Server
1 Firewall.

All 4 of these are used in the delivery and sending process for our mail. I dont know what order though.....

I think mail comes in through our ISA Server, then our firewall then our content filter which sends it to exchange. Which then distrubites it. Somewhere in all that theres alot of relaying going on........Hope that helps???

I

0
 
LVL 39

Accepted Solution

by:
redseatechnologies earned 500 total points
ID: 16899688
>> Hope that helps???

Well, it kinda does.  At least we know where we are up to, and that looks like 'up a certain creek'

We need to figure out which server is first in line for mail, that is the one that is most likely doing the DNS lookups, and causing all the issues here.

Have a look on your router, and see if you can figure out which server has port 25 forwarded to it.

If that isnt an option, then manually telnet to each machine from the inside

telnet 172.28.0.10 25

you are looking for one that says

 220-SMTP Relay
 220 Warning: no name found in DNS for your host address
 EHLO z2.cat.iki.fi
 250-db.co.nz

Once we know which machine that is, then you need to physically find it, and hopefully log on to it.  Once we know what operating system and mail server it is running, we should have a far better idea as to what you need to do to sort out the immediate problem.

It is about now that I should give my professional recommendation that you get someone in there to tidy this all up - better now than when you have a major problem (which you will)

Better yet, get the old guy back in and either force him to document it better, or pay him on a contract to do it - money well spent!

-red
0
 

Author Comment

by:comerro1
ID: 16908183
hi Red,

It was an issue with our mx record....our host had made a change they shouldnt have. Thus sending all external  mail round in a loop! Our mail filter was just so confused it was dropping the emails. Thanks for you help it was really good!

Joshua
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

Not sure what the best email signature size is? Are you worried about email signature image size? Follow this best practice guide.
Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates‚Ķ

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now