Solved

Verify DNS records for owa and mail A records - email not being delivered

Posted on 2007-03-28
14
1,828 Views
Last Modified: 2012-05-05
I have been contacted by an admin from a local company saying that they are not able to send mail to our domain.com email addresses.  They receive an NDR eventually that says the following:

The following recipient(s) could not be reached:

      user@domain.com on 3/24/2007 11:13 AM
            The e-mail system was unable to deliver the message, but did not report a specific reason.  Check the address and try again.  If it still fails, contact your system administrator.

            < s001.OTHERDOMAIN.COM #4.0.0 X-Postfix; lost connection with    mail.domain.com [123.123.123.115] while performing the initial protocol    handshake>

The admin says that their Sophos mail server shows logs that the mail is trying to be delivered to owa.domain.com instead of mail.domain.com.  He thinks that my DNS settings for domain.com are not setup correctly and thinks I need to fix it.  I have not heard of any other complaints from other companies not able to contact us via email.  

I am trying to determine if my DNS settings are correct for my setup or if I need to change them.  Since I have the same IP set for owa.domain.com and mail.domain.com the admin believes I need to obtain another IP address from my ISP and set owa.domain.com to it.  Is that necessary?  Let me know if you need any more information.

I have a setup as follows:

Public IP: 123.123.123.115
domain: domain.com

-Small office with SBS 2003, using Exchange for domain emails - domain.com.  The Exchange server is setup for OWA from the external network so that users can access their mail by going to https://owa.domain.com/exchange.  
-Windows 2003 Server with ISA Server 2006 as firewall connected directly to internet connection.  Port 25 is opened and forwarded to SBS server for mail delivery.  Traffic for owa is also forwarded to SBS server.

-------DNS Records---------
Subdomain: .
Type:  NS
Value:  ns1.s422.sureserver.com
TTL:  25920

Subdomain: .
Type:  NS
Value:  ns2.s422.sureserver.com
TTL:  25920

Subdomain: owa
Type:  A
Value:  123.123.123.115
TTL:  14400

Subdomain: .
Type:  A
Value:  234.234.234.142
TTL:  14400

Subdomain: *
Type:  A
Value:  234.234.234.142
TTL:  14400
 
Subdomain: mail
Type:  A
Value:  123.123.123.115
TTL:  14400

Subdomain: .
Type:  MX
Value:  mail.domain.com
TTL:  14400

0
Comment
Question by:jsvor
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 4
  • 2
  • +1
14 Comments
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 18809688
The other admin is somewhat correct in that you have two host (A) records pointing to the same public IP.  However, your MX record is correct, so it really shouldn't be a problem.  What I would do, however, would be to make the owa.mydomain.com record an alias (CNAME) record rather than a host (A) record.  This might alleviate the problem.
0
 
LVL 104

Expert Comment

by:Sembee
ID: 18809826
That looks like a firewall or other SMTP Communication issue rather than DNS.
Is the ISA getting involved with SMTP delivery, or does it just do OWA?

Does your firewall have any SMTP Scanning features on it? If so, turn them off.

Simon.
0
 
LVL 8

Author Comment

by:jsvor
ID: 18809853
Could the problem be that his mail server may be doing a reverse DNS lookup and is getting the owa name from the 123.123.123.115 address?  I believe I have it setup so that the ISA server will not accept anything other than mail being delivered to mail.domain.com.

If I change the DNS record for owa to a CNAME record would that help with the reverse DNS lookup?
0
Online Training Solution

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action. Forget about retraining and skyrocket knowledge retention rates.

 
LVL 104

Expert Comment

by:Sembee
ID: 18809866
Reverse DNS lookups are only used when receiving email, not sending email.
Are you doing reverse DNS lookups?

Simon.
0
 
LVL 8

Author Comment

by:jsvor
ID: 18809892
The ISA server is not doing any scanning on the SMTP mail being delivered that I know of.  I did not set it up to filter anything, just to forward it onto the Exchange server.  The ISA server does the authentication for the OWA connection.
0
 
LVL 8

Author Comment

by:jsvor
ID: 18809914
Simon, no we are not doing reverse DNS lookups when receiving mail.
0
 
LVL 104

Expert Comment

by:Sembee
ID: 18812014
As I wrote above, I don't think this has anything to do with DNS - it looks like some kind of interference with the SMTP traffic.

Simon.
0
 
LVL 8

Author Comment

by:jsvor
ID: 18812559
Thanks for the responses.  I'll see if I can find anything in the ISA server logs and also the exchange logs.  Where is the best place to look at the logs for Exchange? Event viewer?
0
 
LVL 8

Author Comment

by:jsvor
ID: 18813046
I've looked in the logs and have found some error events - see below:

Event Type: Error
Event Source: MSExchangeTransport
Event Category: SMTP Protocol
Event ID: 7004

Date: 3/28/2007
Time: 5:23:43 PM
User: N/A
Computer: COMPUTERNAME
Description: This is an SMTP protocol error log for virtual server ID 1, connection #2229. The remote host "s001.domain.com", responded to the SMTP command "xexch50" with "504 Need to authenticate first ". The full command sent was "XEXCH50 2336 3 ". This will probably cause the connection to fail.

I changed the loggin on the ExchangeTransport to Medium and will have the admin try sending mail again tomorrow and see what else the logs may say.
0
 
LVL 38

Accepted Solution

by:
Hypercat (Deb) earned 250 total points
ID: 18816428
The 7004 event error is common on Exchange 2000 and 2003 servers and usually does not cause a problem.  The only time you need to worry about that error is if it occurs between two internal Exchange servers.  There's a regedit that is supposed to prevent those errors, but in my experience it hasn't worked very well.  You could try it, however, if you're concerned, or just ignore the errors.  Here's a link to an EventID.net page that has some good info on this error:

http://www.eventid.net/display.asp?eventid=7004&eventno=3510&source=MSExchangeTransport&phase=1

Do you have message tracking and SMTP logging turned on in Exchange?  These tools would help you see what is happening at the SMTP gateway and, if the message even gets to Exchange what is happening to it there.
0
 
LVL 8

Author Comment

by:jsvor
ID: 18820868
I think I have the logging on that I need but not sure.  Where do I enable message tracking and SMTP logging?
0
 
LVL 104

Assisted Solution

by:Sembee
Sembee earned 250 total points
ID: 18822495
Message Tracking is enabled on the first tab of the Properties of the Exchange server in ESM, Servers. You then use Message Tracking Center to track the messages.
SMTP Logging is enabled on the first tab of the default SMTP virtual server in ESM, Servers, <your server>, Protocols, SMTP.

Simon.
0
 
LVL 8

Author Comment

by:jsvor
ID: 18865736
Sorry I didn't get back to this earlier.  I was able to fix the issue with the help from you guys.  Since you both thought it wasn't a DNS issue I stopped looking at DNS being the culprit.  What I ended up doing was disabling standard SMTP filter on the ISA server and we were then able to receive mail from the one company.  Since the local company was the only one having issues I have a hard time believing that this was something I had to fix on my end.  I hate not having the simple SMTP filter on eventhough it doesn't do too much.  Thanks for all your help.  I'll split the points between the two of you.
0
 

Expert Comment

by:Beulin
ID: 18877381
We had the same problem with a remote vendor who was unable to send email to our site.  We utilize ISA firewalls as well, and you actually need to make a configuration change to the SMTP Filter for ISA.  Here are two articles that speak of the configuration changes:  

http://forums.isaserver.org/m_230066200/tm.htm 
http://www.securityfocus.com/infocus/1654

Basically follow these configs on the ISA Server:

Open ISA Management.
Expand Local Server then Configuration, and click on Add-Ins
Double Click the SMTP Filer to bring up the properties
Click on the SMTP Commands tab
Click on NOOP and then click edit
Change the Maximum length from the default (6) to 38 bytes
Apply the changes and then it should work.
0

Featured Post

Business Impact of IT Communications

What are the business impacts of how well businesses communicate during an IT incident? Targeting, speed, and transparency all matter. Find out more in this infographic.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

MS Outlook is a world-class email client application that is mainly used for e-communication globally.  In this article, we will discuss the basic idea about MS Outlook, its advanced features, and types of MS Outlook File formats.
This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…
This video discusses moving either the default database or any database to a new volume.

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question