comerro1
asked on
Some external mail bouncing back to senders
Exchange 03
We are having an issue with emails. Internal mail is fine. Some external mail is coming through but some isnt. The senders recieve a timeout error.
I have the folowing email from our ISP engineers. They say when they telnet our mail server they get no responce at all! Not even a deny message. They say its our problem and i cannot find anythin wrong. I have checked all out DNS records etc. I dont see how we can be recieving external mail fine from some people but not others........help!
Our mail relay is reporting a lot of timeouts when sending mail to "nz.co.nz". A majority of Emails will timeout originally, sit in a retry queue then go through on the 2nd or 3rd attempt sometime later.
Esentially our Relay is not recieveing an intial response once it makes a connection to your Mail Server and is not sending mail till it receives one. I tried telnetting to mail.nz.co.nz. When I tried a simple HELO saatchi.co.nz I got no immediate response. After a short time I got the below response:
220-SMTP Relay
220 Warning: no name found in DNS for your host address 250 OK
I assume your relay is trying a reverse DNS lookup. I can confirm our DNS records are correct with no recent changes. Could you please check settings at your end.
We are having an issue with emails. Internal mail is fine. Some external mail is coming through but some isnt. The senders recieve a timeout error.
I have the folowing email from our ISP engineers. They say when they telnet our mail server they get no responce at all! Not even a deny message. They say its our problem and i cannot find anythin wrong. I have checked all out DNS records etc. I dont see how we can be recieving external mail fine from some people but not others........help!
Our mail relay is reporting a lot of timeouts when sending mail to "nz.co.nz". A majority of Emails will timeout originally, sit in a retry queue then go through on the 2nd or 3rd attempt sometime later.
Esentially our Relay is not recieveing an intial response once it makes a connection to your Mail Server and is not sending mail till it receives one. I tried telnetting to mail.nz.co.nz. When I tried a simple HELO saatchi.co.nz I got no immediate response. After a short time I got the below response:
220-SMTP Relay
220 Warning: no name found in DNS for your host address 250 OK
I assume your relay is trying a reverse DNS lookup. I can confirm our DNS records are correct with no recent changes. Could you please check settings at your end.
ASKER
haha no worrys its
db.co.nz
db.co.nz
OK, well it worked, it let me connect - however that test is far from conclusive.
I did notice, however, that it took AGES for the server to respond, which I initially thought was something to do with tarpitting, but it seems to be related to the DNS lookup that it performs on incoming mail.
Testing server at address: IPv4 210.54.2.195
[ CONNECTED! ]
220-SMTP Relay
220 Warning: no name found in DNS for your host address
EHLO z2.cat.iki.fi
250-db.co.nz
-
Have a look at this -> http://support.microsoft.com/Default.aspx?kbid=319356
There is a section there; How to Use Reverse DNS Lookup.
DISABLE that on your server and then telnet to port 25 and see if you still get that - 220 Warning: no name found in DNS for your host address - message
-red
(i cant believe how long it took me to find that setting!)
I did notice, however, that it took AGES for the server to respond, which I initially thought was something to do with tarpitting, but it seems to be related to the DNS lookup that it performs on incoming mail.
Testing server at address: IPv4 210.54.2.195
[ CONNECTED! ]
220-SMTP Relay
220 Warning: no name found in DNS for your host address
EHLO z2.cat.iki.fi
250-db.co.nz
-
Have a look at this -> http://support.microsoft.com/Default.aspx?kbid=319356
There is a section there; How to Use Reverse DNS Lookup.
DISABLE that on your server and then telnet to port 25 and see if you still get that - 220 Warning: no name found in DNS for your host address - message
-red
(i cant believe how long it took me to find that setting!)
ASKER
It wasnt enabled...... ?
It musy have taken you awhile cos i couldnt find it!
It musy have taken you awhile cos i couldnt find it!
Actually, of course it isnt...
Your exchange server is not the one receiving mail from the outside world.
You have a gateway between the exchange server, and the internet - correct?
THAT machine is the one that you want to disable DNS verification.
-red
Your exchange server is not the one receiving mail from the outside world.
You have a gateway between the exchange server, and the internet - correct?
THAT machine is the one that you want to disable DNS verification.
-red
That is definitely not an Exchange server answer emails.
http://www.dnsreport.com/tools/dnsreport.ch?domain=db.co.nz
Plus the server seems to have confused identities which will cause problems with some servers accepting email.
Simon.
http://www.dnsreport.com/tools/dnsreport.ch?domain=db.co.nz
Plus the server seems to have confused identities which will cause problems with some servers accepting email.
Simon.
ASKER
Hi Simon,
Thats a really interesting report. What would you suggest i do?
Thats a really interesting report. What would you suggest i do?
ASKER
I have found many of these errors within our content filters logs
SMTP command failed when talking to 172.28.0.10: >>> RCPT TO: <susanne.wasdon@dbgroup.co
<<< 501 This system is not configured to relay mail from <citywd@altern.org> to <susanne.wasdon@dbgroup.co
172.28.0.10 is our internal firewall IP
Maybe because these email address are spoofed citywd@altern.org (doesnt seem to be a valid address)
SMTP command failed when talking to 172.28.0.10: >>> RCPT TO: <susanne.wasdon@dbgroup.co
<<< 501 This system is not configured to relay mail from <citywd@altern.org> to <susanne.wasdon@dbgroup.co
172.28.0.10 is our internal firewall IP
Maybe because these email address are spoofed citywd@altern.org (doesnt seem to be a valid address)
is 172.28.0.10 the machine that receives mail directly from the internet?
Looks like it is either not configured to handle mail for dbgroup.co.nz (it may just be configured for db.co.nz) or, more likely, is checking inbound senders against a DNS server that is no longer functioning
What is that firewall/gateway/whatever running??
-red
Looks like it is either not configured to handle mail for dbgroup.co.nz (it may just be configured for db.co.nz) or, more likely, is checking inbound senders against a DNS server that is no longer functioning
What is that firewall/gateway/whatever running??
-red
ASKER
Im fairly new to this position the guy i replaced was a complete propellor-head and everything is setup really complicated. Ive been here 5months and still trying to get my head around what hes done.
172.28.0.10 is our physical firewall's internal address.
On this domain we have
1 exchange server
1 content filter
1 ISA Server
1 Firewall.
All 4 of these are used in the delivery and sending process for our mail. I dont know what order though.....
I think mail comes in through our ISA Server, then our firewall then our content filter which sends it to exchange. Which then distrubites it. Somewhere in all that theres alot of relaying going on........Hope that helps???
I
172.28.0.10 is our physical firewall's internal address.
On this domain we have
1 exchange server
1 content filter
1 ISA Server
1 Firewall.
All 4 of these are used in the delivery and sending process for our mail. I dont know what order though.....
I think mail comes in through our ISA Server, then our firewall then our content filter which sends it to exchange. Which then distrubites it. Somewhere in all that theres alot of relaying going on........Hope that helps???
I
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
hi Red,
It was an issue with our mx record....our host had made a change they shouldnt have. Thus sending all external mail round in a loop! Our mail filter was just so confused it was dropping the emails. Thanks for you help it was really good!
Joshua
It was an issue with our mx record....our host had made a change they shouldnt have. Thus sending all external mail round in a loop! Our mail filter was just so confused it was dropping the emails. Thanks for you help it was really good!
Joshua
nz.co.nz doesnt work - i hope you know that!
http://www.zmailer.org/mxverify.html
nz.co.nz has no mx records - what is your actual domain so we can have a look and see if it is right.
If you dont feel comfortable doing that, enter it yourself into the link above and post the results (without your domain of course)
Hope that helps,
-red