[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

Some external mail bouncing back to senders

Posted on 2006-06-12
12
Medium Priority
?
773 Views
Last Modified: 2012-08-13
Exchange 03

We are having an issue with emails. Internal mail is fine. Some external mail is coming through but some isnt. The senders recieve a timeout error.
I have the folowing email from our ISP engineers. They say when they telnet our mail server they get no responce at all! Not even a deny message. They say its our problem and i cannot find anythin wrong. I have checked all out DNS records etc. I dont see how we can be recieving external mail fine from some people but not others........help!


Our mail relay is reporting a lot of timeouts when sending mail to "nz.co.nz". A majority of Emails will timeout originally, sit in a retry queue then go through on the 2nd or 3rd attempt sometime later.
Esentially our Relay is not recieveing an intial response once it makes a connection to your Mail Server and is not sending mail till it receives one. I tried telnetting to mail.nz.co.nz. When I tried a simple HELO saatchi.co.nz I got no immediate response. After a short time I got the below response:

220-SMTP Relay
220 Warning: no name found in DNS for your host address 250 OK

I assume your relay is trying a reverse DNS lookup. I can confirm our DNS records are correct with no recent changes. Could you please check settings at your end.
0
Comment
Question by:comerro1
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 5
12 Comments
 
LVL 39

Expert Comment

by:redseatechnologies
ID: 16891588
Hi comerro1,

nz.co.nz doesnt work - i hope you know that!

http://www.zmailer.org/mxverify.html

nz.co.nz has no mx records - what is your actual domain so we can have a look and see if it is right.

If you dont feel comfortable doing that, enter it yourself into the link above and post the results (without your domain of course)

Hope that helps,

-red
0
 

Author Comment

by:comerro1
ID: 16891770
haha no worrys its

db.co.nz
0
 
LVL 39

Expert Comment

by:redseatechnologies
ID: 16891918
OK, well it worked, it let me connect - however that test is far from conclusive.

I did notice, however, that it took AGES for the server to respond, which I initially thought was something to do with tarpitting, but it seems to be related to the DNS lookup that it performs on incoming mail.

Testing server at address: IPv4 210.54.2.195
[ CONNECTED! ]

 220-SMTP Relay
 220 Warning: no name found in DNS for your host address
 EHLO z2.cat.iki.fi
 250-db.co.nz

-

Have a look at this -> http://support.microsoft.com/Default.aspx?kbid=319356

There is a section there;  How to Use Reverse DNS Lookup.

DISABLE that on your server and then telnet to port 25 and see if you still get that - 220 Warning: no name found in DNS for your host address - message

-red
(i cant believe how long it took me to find that setting!)
0
Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 

Author Comment

by:comerro1
ID: 16891954
It wasnt enabled...... ?

It musy have taken you awhile cos i couldnt find it!
0
 
LVL 39

Expert Comment

by:redseatechnologies
ID: 16891973
Actually, of course it isnt...

Your exchange server is not the one receiving mail from the outside world.

You have a gateway between the exchange server, and the internet - correct?

THAT machine is the one that you want to disable DNS verification.

-red
0
 
LVL 104

Expert Comment

by:Sembee
ID: 16898101
That is definitely not an Exchange server answer emails.
http://www.dnsreport.com/tools/dnsreport.ch?domain=db.co.nz

Plus the server seems to have confused identities which will cause problems with some servers accepting email.

Simon.
0
 

Author Comment

by:comerro1
ID: 16898571
Hi Simon,

Thats a really interesting report. What would you suggest i do?
0
 

Author Comment

by:comerro1
ID: 16899278
I have found many of these errors within our content filters logs

SMTP command failed when talking to 172.28.0.10: >>> RCPT TO: <susanne.wasdon@dbgroup.co.nz>
 <<< 501 This system is not configured to relay mail from <citywd@altern.org> to <susanne.wasdon@dbgroup.co.nz> for 172.28.0.10

172.28.0.10 is our internal firewall IP

Maybe because these email address are spoofed citywd@altern.org (doesnt seem to be a valid address)

0
 
LVL 39

Expert Comment

by:redseatechnologies
ID: 16899382
is 172.28.0.10 the machine that receives mail directly from the internet?

Looks like it is either not configured to handle mail for dbgroup.co.nz (it may just be configured for db.co.nz) or, more likely, is checking inbound senders against a DNS server that is no longer functioning

What is that firewall/gateway/whatever running??

-red
0
 

Author Comment

by:comerro1
ID: 16899666
Im fairly new to this position the guy i replaced was a complete propellor-head and everything is setup really complicated. Ive been here 5months and still trying to get my head around what hes done.

172.28.0.10 is our physical firewall's internal address.
On this domain we have
1 exchange server
1 content filter
1 ISA Server
1 Firewall.

All 4 of these are used in the delivery and sending process for our mail. I dont know what order though.....

I think mail comes in through our ISA Server, then our firewall then our content filter which sends it to exchange. Which then distrubites it. Somewhere in all that theres alot of relaying going on........Hope that helps???

I

0
 
LVL 39

Accepted Solution

by:
redseatechnologies earned 2000 total points
ID: 16899688
>> Hope that helps???

Well, it kinda does.  At least we know where we are up to, and that looks like 'up a certain creek'

We need to figure out which server is first in line for mail, that is the one that is most likely doing the DNS lookups, and causing all the issues here.

Have a look on your router, and see if you can figure out which server has port 25 forwarded to it.

If that isnt an option, then manually telnet to each machine from the inside

telnet 172.28.0.10 25

you are looking for one that says

 220-SMTP Relay
 220 Warning: no name found in DNS for your host address
 EHLO z2.cat.iki.fi
 250-db.co.nz

Once we know which machine that is, then you need to physically find it, and hopefully log on to it.  Once we know what operating system and mail server it is running, we should have a far better idea as to what you need to do to sort out the immediate problem.

It is about now that I should give my professional recommendation that you get someone in there to tidy this all up - better now than when you have a major problem (which you will)

Better yet, get the old guy back in and either force him to document it better, or pay him on a contract to do it - money well spent!

-red
0
 

Author Comment

by:comerro1
ID: 16908183
hi Red,

It was an issue with our mx record....our host had made a change they shouldnt have. Thus sending all external  mail round in a loop! Our mail filter was just so confused it was dropping the emails. Thanks for you help it was really good!

Joshua
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I don't pretend to be an expert at this, but I have found a few things that are useful. I hope that sharing them here will help others, so they will not have to face some rather hard choices. Since I felt this to be a topic of enough importance and…
On September 18, Experts Exchange launched the first installment of the Help Bell, a new feature for Premium Members, Team Accounts, and Qualified Experts. The Help Bell will serve as an additional tool to help teams increase question visibility.
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question