Windows Server 2003
--
Questions
--
Followers
Top Experts
IIS SMTP server not able to connect to destination mail server
I have a Microsoft Windows 2003 web server running IIS 6.0 and SMTP server. I access the SMTP server in my ASP pages (via Persits Software's ASPemail) to generate outgoing mail, for a variety of reasons (form submissions, online order notifications, etc.).
Anytime a message fails to send (either from ASPemail or SMTP server), it bounces a copy of the delivery status notification message back to me, as the administrator, so I can forward the mail to the appropriate client. This often happens if someone is typing in a website submission form and mis-types their e-mail address, since SMTP server won't allow a message to go out if it has an invalid "from" address.
In general, this works fine. However, there are a few of my clients' domains which I cannot seem to get mail to send to because it says "unable to connect successfully to the destination mail server". The biggest problem for me right now is the domain kohlbp.com. I control the DNS for this domain, which has an A record mail.kohlbp.com pointing to their mail server's IP address 209.10.110.95 and MX records are pointing to mail.kohlbp.com. Their mail in general is working fine, they send and receive messages all day long, I can send and receive messages from them using my Comcast account, etc.
However, when I try to generate a message using our web server's SMTP server, I get what is pasted below (almost in its entirety). The only thing I stripped out was the body of the original message, due to privacy.
So again, in general our server appears to be sending e-mail out with no problem, and kohlbp.com's e-mail system is working, yet for some reason we cannot connect directly to them. I would love to be able to fix this, but I'm out of ideas. Would greatly appreciate some assistance! Thanks.
From: postmaster@blade4
To: info@kohlbp.com
Date: Sat, 10 Feb 2007 19:52:36 -0500
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-statu
boundary="9B095B5ADSN=_01C
X-DSNContext: 7ce717b1 - 1386 - 00000002 - C00402D1
Message-ID: <gnFZS4HIv00000590@smtp.bb
Subject: Delivery Status Notification (Failure)
This is a MIME-formatted message.
Portions of this message may be unreadable without a MIME-capable mail program.
--9B095B5ADSN=_01C73D6BA8A
Content-Type: text/plain; charset=unicode-1-1-utf-7
This is an automatically generated Delivery Status Notification.
Unable to deliver message to the following recipients, due to being unable to connect successfully to the destination mail server.
info@kohlbp.com
--9B095B5ADSN=_01C73D6BA8A
Content-Type: message/delivery-status
Reporting-MTA: dns;smtp.bbdesign.com
Received-From-MTA: dns;blade4
Arrival-Date: Thu, 8 Feb 2007 17:00:24 -0500
Final-Recipient: rfc822;info@kohlbp.com
Action: failed
Status: 4.4.7
--9B095B5ADSN=_01C73D6BA8A
Content-Type: message/rfc822
Received: from blade4 ([192.168.0.22]) by smtp.bbdesign.com with Microsoft SMTPSVC(6.0.3790.1830);
Thu, 8 Feb 2007 17:00:24 -0500
From: <info@kohlbp.com>
To: info@kohlbp.com
Subject: REWARDS 2004-05 REGISTRATION
Date: Thu, 08 Feb 2007 17:00:24 -0500
Message-ID: <20070208-17002466-1f4@bla
MIME-Version: 1.0
Return-Path: info@kohlbp.com
X-OriginalArrivalTime: 08 Feb 2007 22:00:24.0668 (UTC) FILETIME=[88F779C0:01C74BC
--9B095B5ADSN=_01C73D6BA8A
Anytime a message fails to send (either from ASPemail or SMTP server), it bounces a copy of the delivery status notification message back to me, as the administrator, so I can forward the mail to the appropriate client. This often happens if someone is typing in a website submission form and mis-types their e-mail address, since SMTP server won't allow a message to go out if it has an invalid "from" address.
In general, this works fine. However, there are a few of my clients' domains which I cannot seem to get mail to send to because it says "unable to connect successfully to the destination mail server". The biggest problem for me right now is the domain kohlbp.com. I control the DNS for this domain, which has an A record mail.kohlbp.com pointing to their mail server's IP address 209.10.110.95 and MX records are pointing to mail.kohlbp.com. Their mail in general is working fine, they send and receive messages all day long, I can send and receive messages from them using my Comcast account, etc.
However, when I try to generate a message using our web server's SMTP server, I get what is pasted below (almost in its entirety). The only thing I stripped out was the body of the original message, due to privacy.
So again, in general our server appears to be sending e-mail out with no problem, and kohlbp.com's e-mail system is working, yet for some reason we cannot connect directly to them. I would love to be able to fix this, but I'm out of ideas. Would greatly appreciate some assistance! Thanks.
From: postmaster@blade4
To: info@kohlbp.com
Date: Sat, 10 Feb 2007 19:52:36 -0500
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-statu
boundary="9B095B5ADSN=_01C
X-DSNContext: 7ce717b1 - 1386 - 00000002 - C00402D1
Message-ID: <gnFZS4HIv00000590@smtp.bb
Subject: Delivery Status Notification (Failure)
This is a MIME-formatted message.
Portions of this message may be unreadable without a MIME-capable mail program.
--9B095B5ADSN=_01C73D6BA8A
Content-Type: text/plain; charset=unicode-1-1-utf-7
This is an automatically generated Delivery Status Notification.
Unable to deliver message to the following recipients, due to being unable to connect successfully to the destination mail server.
info@kohlbp.com
--9B095B5ADSN=_01C73D6BA8A
Content-Type: message/delivery-status
Reporting-MTA: dns;smtp.bbdesign.com
Received-From-MTA: dns;blade4
Arrival-Date: Thu, 8 Feb 2007 17:00:24 -0500
Final-Recipient: rfc822;info@kohlbp.com
Action: failed
Status: 4.4.7
--9B095B5ADSN=_01C73D6BA8A
Content-Type: message/rfc822
Received: from blade4 ([192.168.0.22]) by smtp.bbdesign.com with Microsoft SMTPSVC(6.0.3790.1830);
Thu, 8 Feb 2007 17:00:24 -0500
From: <info@kohlbp.com>
To: info@kohlbp.com
Subject: REWARDS 2004-05 REGISTRATION
Date: Thu, 08 Feb 2007 17:00:24 -0500
Message-ID: <20070208-17002466-1f4@bla
MIME-Version: 1.0
Return-Path: info@kohlbp.com
X-OriginalArrivalTime: 08 Feb 2007 22:00:24.0668 (UTC) FILETIME=[88F779C0:01C74BC
--9B095B5ADSN=_01C73D6BA8A
Zero AI Policy
We believe in human intelligence. Our moderation policy strictly prohibits the use of LLM content in our Q&A threads.
Hello there,
Could you run a Trace Route to mail.kohlbp.com?
e.g.
C:\> tracert mail.kohlbp.com
The server does respond to ICMP traffic so it should be able to reply. It's a server called londo.swishmail.com hosted by Globix.
What you're looking for here is whether or not the Routing is working correctly and getting you there.
Chris
I did that on the server, it says:
Unable to resolve target system name mail.kohlbp.com
So I guess we're onto something! Running a traceroute on my own computer does not produce a problem. So... the obvious next question is why this particular server cannot connect but everyone else seems to be able to.
Unable to resolve target system name mail.kohlbp.com
So I guess we're onto something! Running a traceroute on my own computer does not produce a problem. So... the obvious next question is why this particular server cannot connect but everyone else seems to be able to.
Okay, next step.
Open the command prompt, type "nslookup mail.kohlbp.com"
If that fails do:
C:\> nslookup
> set type=ns
> kohlbp.com
This should come back with dns1 - dns5.name-services.com. Unfortuately not many of those respond to ICMP pings, less helpful.
However, you can attempt to query them directly:
C:\> nslookup
> server dns1.name-services.com
> mail.kohlbp.com
Do you use Forwarders in your DNS configuration? Or is that entirely in the hands of someone else?
Chris
EARN REWARDS FOR ASKING, ANSWERING, AND MORE.
Earn free swag for participating on the platform.
nslookup mail.kohlbp.com fails
Not sure how to physically enter this with my keyboard in a Command Prompt:
C:\> nslookup
> set type=ns
> kohlbp.com
How do I get to the next > without hitting the return key and causing it to do a lookup on nothing?
I have control over all the DNS. Not sure what you mean by forwarders, though. There isn't any e-mail aliasing going on if that's what you mean. I'm using eNom's name servers. The A records and MX records are as I stated above. I don't have any access or control over the mail server itself, although from all other aspects it appears to be working.
Not sure how to physically enter this with my keyboard in a Command Prompt:
C:\> nslookup
> set type=ns
> kohlbp.com
How do I get to the next > without hitting the return key and causing it to do a lookup on nothing?
I have control over all the DNS. Not sure what you mean by forwarders, though. There isn't any e-mail aliasing going on if that's what you mean. I'm using eNom's name servers. The A records and MX records are as I stated above. I don't have any access or control over the mail server itself, although from all other aspects it appears to be working.
If you run nslookup on it's own it dumps you at the new prompt (a sort of advanced usage mode). You can then change settings inside it, altering the parameters of your query.
Windows DNS Server? If you open up the console, then right click on the server name and open properties. Under the Forwarders tab is anything configured?
Chris
I'm not sure if I'm doing the nslookup right or not. Anyway, it gives me the IP address of our INTERNAL network, 192.168.0.xxx, then it says nameserver = firewall2.
Is this pointing to our internal firewall somehow? Again, I'm not 100% sure I did this right.
I don't operate the name servers myself, I use eNom's. I have access to the DNS through a web interface, but not the computers.
Hope I don't sound too stupid, I'm trying to follow what you're saying but this isn't my area of expertise. Thanks.
Is this pointing to our internal firewall somehow? Again, I'm not 100% sure I did this right.
I don't operate the name servers myself, I use eNom's. I have access to the DNS through a web interface, but not the computers.
Hope I don't sound too stupid, I'm trying to follow what you're saying but this isn't my area of expertise. Thanks.
Get a FREE t-shirt when you ask your first question.
We believe in human intelligence. Our moderation policy strictly prohibits the use of LLM content in our Q&A threads.
You're doing fine, don't worry.
Okay, so your firewall is acting as a DNS server for your local network. We can confirm that, if you run:
C:\> ipconfig /all
It should tell you the DNS servers your Server is using. I suspect that will be firewall2's IP.
When you open up nslookup on Windows it does a quick check of the DNS servers you connect to. It basically ends up telling you what you're connected to.
But we have a name resolution problem, and if possible we need to see exactly where it's breaking, so once inside the nslookup prompt you need to run a few more queries. If you just type in:
set type=ns
kohlbp.com
It will tell you the Name Server Records for kohlbp.com. It needs to be able to retrieve these in order to find an IP address for kohlbp.com (which it's failing to do at the moment).
Here's a copy of mine as an example so what you're looking at will (hopefully) make more sense.
C:\>nslookup
Default Server: sol.highorbit.local
Address: 172.31.255.50
> set type=ns
> kohlbp.com
Server: sol.highorbit.local
Address: 172.31.255.50
Non-authoritative answer:
kohlbp.com nameserver = dns2.name-services.com
kohlbp.com nameserver = dns3.name-services.com
kohlbp.com nameserver = dns4.name-services.com
kohlbp.com nameserver = dns5.name-services.com
kohlbp.com nameserver = dns1.name-services.com
dns2.name-services.com internet address = 216.52.184.230
dns3.name-services.com internet address = 63.251.92.193
dns4.name-services.com internet address = 64.74.96.242
dns5.name-services.com internet address = 70.42.37.1
dns1.name-services.com internet address = 69.25.142.1
>
Chris
Yes, I believe it is firewall2 controlling DNS as you suspected.
My nslookup says:
Server: Unknown
Address: 192.168.0.xxx
kohlbp.com nameserver = firewall2
This is what I did before, though, not sure if I'm doing everything you're asking me to.
My nslookup says:
Server: Unknown
Address: 192.168.0.xxx
kohlbp.com nameserver = firewall2
This is what I did before, though, not sure if I'm doing everything you're asking me to.
That's what you get back if you type set type=ns and then kohlbp.com?
If that is the case your firewall is answering requests for kohlbp.com as if it owns it? Do you maintain the firewall and the DNS server on there?
If your Firewall is answering requests for that as if it owns it then you'll never be able to resolve the mail.kohlbp.com address (as your firewall is saying it doesn't exist).
Chris
EARN REWARDS FOR ASKING, ANSWERING, AND MORE.
Earn free swag for participating on the platform.
Oh and sorry for repeating the question a bit, just it's quite unusual for a firewall to be hosting dns zones.
Anyway, that's where the problem getting to the mail server is from. If you can get that resolved somehow then you'll be fine sending mail.
Chris
Here is what I'm doing, from a fresh Command Prompt:
I type "nslookup" and hit return, it says:
*** Can't find server name for address 192.168.0.xxx: Non-existent domain
Default Server: Unknown
Address: 192.168.0.xxx
Then I type:
> set type=ns
> kohlbp.com
And it says:
Server: Unknown
Address: 192.168.0.xxx
kohlbp.com nameserver = firewall2
I have a server tech guy who maintains the firewall. I'm not very familiar with how that works, is there something I should tell him to do? There must be some reason why this domain is not working but most others are.
I type "nslookup" and hit return, it says:
*** Can't find server name for address 192.168.0.xxx: Non-existent domain
Default Server: Unknown
Address: 192.168.0.xxx
Then I type:
> set type=ns
> kohlbp.com
And it says:
Server: Unknown
Address: 192.168.0.xxx
kohlbp.com nameserver = firewall2
I have a server tech guy who maintains the firewall. I'm not very familiar with how that works, is there something I should tell him to do? There must be some reason why this domain is not working but most others are.
I don't know how to speak very intelligently about what's going on. Can you tell me what to tell my server tech? He knows more about it. Thanks.
Get a FREE t-shirt when you ask your first question.
We believe in human intelligence. Our moderation policy strictly prohibits the use of LLM content in our Q&A threads.
ASKER CERTIFIED SOLUTION
membership
Log in or create a free account to see answer.
Signing up is free and takes 30 seconds. No credit card required.
Thanks! I'll see if he can help or has any questions.
Great :)
OK, server tech did something, I'm not sure what. I tried the nslookup again. Please see here:
http://bbdesign.com/ss.jpg
Does this now look the way it should?
http://bbdesign.com/ss.jpg
Does this now look the way it should?
EARN REWARDS FOR ASKING, ANSWERING, AND MORE.
Earn free swag for participating on the platform.
Indeed... that's much much better. You should be able to get an answer from mail.kohlbp.com now. And you should be able to get mail through.
Chris
Thanks very much! Seems to be working now.
You're welcome :)
Chris
Get a FREE t-shirt when you ask your first question.
We believe in human intelligence. Our moderation policy strictly prohibits the use of LLM content in our Q&A threads.
Windows Server 2003
--
Questions
--
Followers
Top Experts
Windows Server 2003 was based on Windows XP and was released in four editions: Web, Standard, Enterprise and Datacenter. It also had derivative versions for clusters, storage and Microsoft’s Small Business Server. Important upgrades included integrating Internet Information Services (IIS), improvements to Active Directory (AD) and Group Policy (GP), and the migration to Automated System Recovery (ASR).