• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 784
  • Last Modified:

Some external mail bouncing back to senders

Exchange 03

We are having an issue with emails. Internal mail is fine. Some external mail is coming through but some isnt. The senders recieve a timeout error.
I have the folowing email from our ISP engineers. They say when they telnet our mail server they get no responce at all! Not even a deny message. They say its our problem and i cannot find anythin wrong. I have checked all out DNS records etc. I dont see how we can be recieving external mail fine from some people but not others........help!


Our mail relay is reporting a lot of timeouts when sending mail to "nz.co.nz". A majority of Emails will timeout originally, sit in a retry queue then go through on the 2nd or 3rd attempt sometime later.
Esentially our Relay is not recieveing an intial response once it makes a connection to your Mail Server and is not sending mail till it receives one. I tried telnetting to mail.nz.co.nz. When I tried a simple HELO saatchi.co.nz I got no immediate response. After a short time I got the below response:

220-SMTP Relay
220 Warning: no name found in DNS for your host address 250 OK

I assume your relay is trying a reverse DNS lookup. I can confirm our DNS records are correct with no recent changes. Could you please check settings at your end.
0
comerro1
Asked:
comerro1
  • 6
  • 5
1 Solution
 
redseatechnologiesCommented:
Hi comerro1,

nz.co.nz doesnt work - i hope you know that!

http://www.zmailer.org/mxverify.html

nz.co.nz has no mx records - what is your actual domain so we can have a look and see if it is right.

If you dont feel comfortable doing that, enter it yourself into the link above and post the results (without your domain of course)

Hope that helps,

-red
0
 
comerro1Author Commented:
haha no worrys its

db.co.nz
0
 
redseatechnologiesCommented:
OK, well it worked, it let me connect - however that test is far from conclusive.

I did notice, however, that it took AGES for the server to respond, which I initially thought was something to do with tarpitting, but it seems to be related to the DNS lookup that it performs on incoming mail.

Testing server at address: IPv4 210.54.2.195
[ CONNECTED! ]

 220-SMTP Relay
 220 Warning: no name found in DNS for your host address
 EHLO z2.cat.iki.fi
 250-db.co.nz

-

Have a look at this -> http://support.microsoft.com/Default.aspx?kbid=319356

There is a section there;  How to Use Reverse DNS Lookup.

DISABLE that on your server and then telnet to port 25 and see if you still get that - 220 Warning: no name found in DNS for your host address - message

-red
(i cant believe how long it took me to find that setting!)
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
comerro1Author Commented:
It wasnt enabled...... ?

It musy have taken you awhile cos i couldnt find it!
0
 
redseatechnologiesCommented:
Actually, of course it isnt...

Your exchange server is not the one receiving mail from the outside world.

You have a gateway between the exchange server, and the internet - correct?

THAT machine is the one that you want to disable DNS verification.

-red
0
 
SembeeCommented:
That is definitely not an Exchange server answer emails.
http://www.dnsreport.com/tools/dnsreport.ch?domain=db.co.nz

Plus the server seems to have confused identities which will cause problems with some servers accepting email.

Simon.
0
 
comerro1Author Commented:
Hi Simon,

Thats a really interesting report. What would you suggest i do?
0
 
comerro1Author Commented:
I have found many of these errors within our content filters logs

SMTP command failed when talking to 172.28.0.10: >>> RCPT TO: <susanne.wasdon@dbgroup.co.nz>
 <<< 501 This system is not configured to relay mail from <citywd@altern.org> to <susanne.wasdon@dbgroup.co.nz> for 172.28.0.10

172.28.0.10 is our internal firewall IP

Maybe because these email address are spoofed citywd@altern.org (doesnt seem to be a valid address)

0
 
redseatechnologiesCommented:
is 172.28.0.10 the machine that receives mail directly from the internet?

Looks like it is either not configured to handle mail for dbgroup.co.nz (it may just be configured for db.co.nz) or, more likely, is checking inbound senders against a DNS server that is no longer functioning

What is that firewall/gateway/whatever running??

-red
0
 
comerro1Author Commented:
Im fairly new to this position the guy i replaced was a complete propellor-head and everything is setup really complicated. Ive been here 5months and still trying to get my head around what hes done.

172.28.0.10 is our physical firewall's internal address.
On this domain we have
1 exchange server
1 content filter
1 ISA Server
1 Firewall.

All 4 of these are used in the delivery and sending process for our mail. I dont know what order though.....

I think mail comes in through our ISA Server, then our firewall then our content filter which sends it to exchange. Which then distrubites it. Somewhere in all that theres alot of relaying going on........Hope that helps???

I

0
 
redseatechnologiesCommented:
>> Hope that helps???

Well, it kinda does.  At least we know where we are up to, and that looks like 'up a certain creek'

We need to figure out which server is first in line for mail, that is the one that is most likely doing the DNS lookups, and causing all the issues here.

Have a look on your router, and see if you can figure out which server has port 25 forwarded to it.

If that isnt an option, then manually telnet to each machine from the inside

telnet 172.28.0.10 25

you are looking for one that says

 220-SMTP Relay
 220 Warning: no name found in DNS for your host address
 EHLO z2.cat.iki.fi
 250-db.co.nz

Once we know which machine that is, then you need to physically find it, and hopefully log on to it.  Once we know what operating system and mail server it is running, we should have a far better idea as to what you need to do to sort out the immediate problem.

It is about now that I should give my professional recommendation that you get someone in there to tidy this all up - better now than when you have a major problem (which you will)

Better yet, get the old guy back in and either force him to document it better, or pay him on a contract to do it - money well spent!

-red
0
 
comerro1Author Commented:
hi Red,

It was an issue with our mx record....our host had made a change they shouldnt have. Thus sending all external  mail round in a loop! Our mail filter was just so confused it was dropping the emails. Thanks for you help it was really good!

Joshua
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

  • 6
  • 5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now