Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17


Not receiving exteral email from anyone that does not belong to our internal network

Posted on 2007-03-20
Medium Priority
Last Modified: 2013-11-12
I am having the same problem as eptexascrazy, Except THey will kill me tommorow
I was not getting a backup with backup exec in grpwise since SP6 I followed novell  #$%$#**&^ s
patch  for the problem TSA5UP.exe.
I can send out, Send and receive within the network. BUT can't receive from the outside world.
NOw i cant even telnet in to ( I have a couple hundred people that will ..... Oh well...
I have exactly the same problem as eptexascrazy
eptexascrazy wrote:
A couple of days ago our district stopped receiving email from anyone outside our network.  I can send within and outside, I can send from within our groupwise emails but we cannot receive from outside sources.  I have tried emailing myself from my other email accounts outside but nothing.  I have gone through our PIX and Gateway but nothing has changed.  At the GW server I have been having issues with the GW Internet Agent which continues to close.  I used to restart it and it would be good for a few days (had to also restart the PO Agent and Web Agent) then it got to the point where only a server restart would do the trick and now it is not working with any means so far.  On my Log this is a cut and paste of the typical error I keept receiving:

10-14-05 00:03:27 0  Queuing deferred message: GROUPWISE/DATA:\GRPWISE\DOMAIN\WPGATE\GWIA\send\s34e3e48.078

10-14-05 00:03:27 7  DMN: MSG 36557 Send Failure: 450 Host down (

10-14-05 00:03:57 0  Queuing deferred message: GROUPWISE/DATA:\GRPWISE\DOMAIN\WPGATE\GWIA\send\s34e768a.099

10-14-05 00:03:57 0  MSG 36558 Analyzing result file: GROUPWISE/DATA:\GRPWISE\DOMAIN\WPGATE\GWIA\result\r34e3e48.078

10-14-05 00:03:57 0  MSG 36558 Detected error on SMTP command

10-14-05 00:03:57 0  MSG 36558  Command:

10-14-05 00:03:57 0  MSG 36558  Response: 450 Host down (

10-14-05 00:03:57 7  DMN: MSG 36559 Send Failure: 450 Host down (

10-14-05 00:04:27 0  MSG 36560 Analyzing result file: GROUPWISE/DATA:\GRPWISE\DOMAIN\WPGATE\GWIA\result\r34e768a.099

10-14-05 00:04:27 0  MSG 36560 Detected error on SMTP command

10-14-05 00:04:27 0  MSG 36560  Command:

10-14-05 00:04:27 0  MSG 36560  Response: 450 Host down (

I have posted on the Novell Groupwise forums but I have not received any responses.  I am offering TOP point value so please, please HELP!!!!!!!

Authored by: eptexascrazy
Question by:shawn_flynn
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 28

Expert Comment

ID: 18761279
Can't help you with the Groupwise stuff, but I would be glad to take a look at your PIX config to see if I can find anything there that could be the culprit...

Author Comment

ID: 18761328
i pretty sure its groupwise, like cause and effect. Like i added the %&^%$$ files from Novell in to the correct dir and subs. then no outside email. I guess i will have to go back find the files i added and replace them with old one, which of course i don't have backed up. But I do have a couple other mail servers set up the same way..
LVL 35

Accepted Solution

ShineOn earned 2000 total points
ID: 18761423
What would be helpful is if you would post back with the VERSION and SP of GroupWise.  The problem you describe occurs for various reasons and the fix may be different depending on the version.

Also helpful would be to know a tad about how you've got it physically configured.  Is it one of the following, or something different?

1) GWIA on the same NetWare server as the MTA and POA, with only one NIC in the server and the firewall/router doing a NAT of the public IP to the private NIC IP, with packet filter exceptions for port 25 and 53,

2) GWIA on the same server as the MTA and POA, but with a second NIC in the server for public access, either NATted or actually with a public IP (say which)

3)  GWIA on a separate server from the MTA and POA, possibly with the GWWA web service as well, inside the firewall but not in a DMZ, with one NIC for both private and public access, or one for private and one for public (say which)

4) GWIA/GWWA on a separate server in its own GroupWise domain, in the DMZ, with an MTA to MTA link the only access between the primary GW domain and this public-facing secondary domain.

After answering what your physical configuration is like, then we have to look at 1) your public domain entries and name/address resolution, specifically the MX record and the mail host domain name, 2) your GWIA's configuration re: hostname, your GroupWise server's resolver configuration, perhaps the SYS:/etc/hosts file, and maybe a couple of other things, depending on the version/sp of GroupWise you have.

If you post back anything with addresses or names, feel free to mask them to maintain your privacy, but please stay consistent - if it's a public DNS name, for example, always call it "" every time.  If you use for (one of) your public IP address(es), always use for that address, and so on.   Thanks.
Manage your data center from practically anywhere

The KN8164V features HD resolution of 1920 x 1200, FIPS 140-2 with level 1 security standards and virtual media transmissions at twice the speed. Built for reliability, the KN series provides local console and remote over IP access, ensuring 24/7 availability to all servers.


Author Comment

ID: 18761586
Ok lets go.. Had to take a walk...
I am running netware/ grpwise  6.5 all the 'stuff' gwia, poa,webacc, mta is running on the same server, with one nic. as far as the mx I am part of the county of lake, they hold the mx records. I have the server behind sonicwall. I runs in its own "DMZ" I am not too sure about resolver.. thats the DNS? I figure the is public record. Inside we have a world of routers, with heavy state security. So we have a division of labor.
This one's kicking me though...
LVL 35

Expert Comment

ID: 18761803
Can you send out but not receive in, or is it outbound that fails but inbound's OK, or no internet comm at all?

The particular error eptexascrazy posted is an outbound error, not an inbound error.  However, have you examined your GWIA message folders for the offending message(s) to find who they're from or to?

If GWIA is not configured to send response messages with a FROM: of Postmaster, or if Mailer-Daemon isn't set us as an alias for Postmaster, GWIA can get into a message loop if someone sends something from the outside to Mailer-Daemon and it's not deliverable.  That's one thing to check.  See TID# 10056642 in the Novell KB for more info on that.

If you don't have a ROUTE.CFG configured, since you're most-likely behind a NAT firewall, it's also possible you're not able to route a message from GWIA to an internal address, potentially also causing a message loop.  If I remember right (it's been a while) you'd put the host name that the MX record points to in the route.cfg, but your server's private IP address.  That way, internal messages to would go to the GWIA directly instead of out and then back in.

Another possibility is that somewhere in your county's public network setup you've got an "intelligent mail host" like a spam filter or a store-and-forward mail host, rather than your GWIA going directly to the Internet.  In such case, your GWIA config should be using the "/mh" (mail host) switch, to point outgoing mail to the mail relay.  If that mail host is a) unreachable or b) they changed the name or c) the /MH is otherwise wrong, you'll get a 450 host down on outbound messages too.  Make sure if the mailhost option is set, it's pointing at a valid, reachable mail host, and the host name is resolvable by the server.

That's the other part of the picture - make sure whatever mail server address is failing is reachable and resolveable.  If it's not in DNS but you know the host name and IP address, adding it to your server's SYS:/etc/hosts might fix it...

Author Comment

ID: 18766211
Sorry for your efforts… This is what happened: I panicked.
I have a dozen servers. I had forgotten that I had move a new server into a DMZ to handle the internet stuff.
I applied a patch for problems I was having with Backup Exec on my post office server.
I then restarted the server. No gwia. So I started the gwia. Now, unknown to myself  I have two running! The one which should be running gwia started abending, 'course since I forgot about it, I never looked at it..
After reading shineons suggestions, I started to realize that my problem was more connection orientated. Since I could telnet inside the building to port 25 but not outside
When I got to work today, (more calm) I looked at firewall configuration and and saw I had the internet traffic pointing to another server! I could have hit myself in the head! I suddenly remembered setting up the server to handle internet traffic and placing it in a DMZ!
So I turned off the gwia running on the post office server. Restarted the gwia on the DMZ server, and now all is well in Social Services. Lesson learned. And I thank you for the calming influence.

Expert Comment

ID: 20286802
Forced accept.

EE Admin

Featured Post

Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Article by: rfc1180
The Maximum Segment size (MSS) is an important consideration when troubleshooting connectivity via the Internet/Intranet. As the packets are routed via the Internet/Intranet, the packets must traverse through multiple routers in the path between two…
Configuring network clients can be a chore, especially if there are a large number of them or a lot of itinerant users.  DHCP dynamically manages this process, much to the relief of users and administrators alike!
This tutorial gives a high-level tour of the interface of Marketo (a marketing automation tool to help businesses track and engage prospective customers and drive them to purchase). You will see the main areas including Marketing Activities, Design …
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

670 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question