Solved

Odd Problem Switching DNS Providers

Posted on 2007-04-05
4
782 Views
Last Modified: 2013-12-17
One of my customers is having an odd problem receiving mail after moving their MX record to another ISP / DNS Host.

The customer has Comcast for business.  Comcast is only being used for the network access.  Their help desk people didn’t know what an MX record was and I decided to have a third party do their DNS.  Their original dial up ISP (prior to switching to Comcast) was hosting their DNS record after they switched to Comcast.  Another company hosts and designs their ecommerce web site.  Their “A” record for their web site and MX record for their internal email server was hosted there.  Everything was working fine.  Mail was being sent and received.

Their current web  provider (not Comcast) also does DNS hosting.  The company decided to simplify things by having their web provider host their DNS information.    They made the changes and got the hand off from the DNS host.  However, after three days since the change they still cannot receive email.

Their mail server can be resolved on the internet.

When I telnet, I get the Exchange server just fine.

Users sending mail to my customer get this error:
The following organization rejected your message: mail88.megamailservers.com.
mail88.megamailservers.com #550 5.7.1 <Administrator@mckeeganequip.com>... Relaying denied: You must check for new mail before sending mail. ##

When I run the test at DNS Report, their network passes all the tests except the “Duplicate MX Records”.  Here is the error:
WARNING: You have duplicate MX records. This means that mailservers may try delivering mail to the same IP more than once. Although technically valid, this is very confusing, and wastes resources. The duplicate MX records are:

mail.mckeeganequip.com. and mail.mckeeganequip.com. both resolve to 70.91.41.238.
mail.mckeeganequip.com. and mail.mckeeganequip.com. both resolve to 70.91.41.238.
mail.mckeeganequip.com. and mail.mckeeganequip.com. both resolve to 70.91.41.238.

They also fail the “Connect to Mail Servers” test:
ERROR: I could not complete a connection to any of your mailservers!

mail.mckeeganequip.com: Timed out [Last data sent: [Did not connect]]
mail.mckeeganequip.com: Timed out [Last data sent: [Did not connect]]
mail.mckeeganequip.com: Timed out [Last data sent: [Did not connect]]

If this is a timeout problem, note that the DNS report only waits about 40 seconds for responses, so your mail *may* work fine in this case but you will need to use testing tools specifically designed for such situations to be certain.

Since email was working fine prior to changing the DNS providers, obviously this is their issue, however they feel that the record is correct and it’s either Comcast or us.

Has anyone seen this before?  What is the best way to resolve this?  

Thanks!!!
0
Comment
Question by:tedwill
  • 2
4 Comments
 
LVL 30

Expert Comment

by:LauraEHunterMVP
Comment Utility
I'm immediately drawn to that "Relaying denied" message.  I've not seen an Exchange server reply with that SMTP message before, but the message itself is usually referred to as the "POP before SMTP" setting - to ensure that attempts to send mail are valid, many ISP SMTP servers will require users to check for new mail (and thus authenticate) before attempting to send mail.

I'm also questioning how megamailserver.com got into the mix, is that your ISP's SMTP server?  Are you using that server as a "smart host" that Exchange is sending all of its outgoing mail to?  If so, the issue may be your ISP may not have configured that megamailserver.com server to accept mail from your Exchange box's new IP?

I'm 99.several-nines% certain that this isn't an Exchange issue, per se.  Though you didn't specify, I'm assuming that your IP address space changed when you moved to having your web provider hosting your DNS, yes?  Assuming that's the case, this feels like an issue where that megamailservers.com server needed to be re-configured when you changed IP addresses and someone dropped the ball.

Hope this helps.

(As an aside for your benefit, when posting configuration information on a public website, it's best to sanitize the output that you're posting, particularly public IP addresses.  Think about it: you just told every hacker on the Internet the IP address of your SMTP server for them to go hack at it. :-))

Laura E. Hunter - Microsoft MVP: Windows Server - Networking
0
 

Author Comment

by:tedwill
Comment Utility
The ISP for connectivty is Comcast.  The customer's web developer is hosting their DNS for their "A" record for the web site and the MX record for their email.  The web developer said just to use DNS and not a smart host for the Exchange settings.

The same scenario worked fine when another DNS provider held their MX record.

The customer's IP adress did not change.

Thanks.
0
 
LVL 70

Accepted Solution

by:
Chris Dent earned 500 total points
Comment Utility

Hello there,

You need to go back to that MX Record. After a quick look I found that you don't actually have a valid MX at all, it all looks fine, but it's missing a really essential piece on information.

If we have another look at the output from here:

http://www.dnsreport.com/tools/dnsreport.ch?domain=mckeeganequip.com

You should note the following:

5 mx1.mckeeganequip.com. [TTL=86400] IP=[No Glue, No A record]
1 mx.mckeeganequip.com. [TTL=86400] IP=[No Glue, No A record]

First of all, using MX as a Hostname (as above) is incredibly bad practice, the DNS server will read MX as a Record Type and not process it correctly as a record. The importance of this comes into play when you get to adding a Host Record for that server (which it's failing to find).

Without the Host Record your domain will not receive mail because no one knows where you mail servers actually are.

So, I recommend you change mx1 and mx to smtp1 and smtp2, then add host entries relevant to those two servers. If you don't have two servers that can receive mail then you will only need one MX record.

Hope that makes sense!

Chris
0
 
LVL 70

Assisted Solution

by:Chris Dent
Chris Dent earned 500 total points
Comment Utility

Oh, and once you've got the MX fixed and working you should of course verify that the Relay issue, as mentioned by Laura, is sorted out.

Chris
0

Featured Post

Free book by J.Peter Bruzzese, Microsoft MVP

Are you using Office 365? Trying to set up email signatures but you’re struggling with transport rules and connectors? Let renowned Microsoft MVP J.Peter Bruzzese show you how in this exclusive e-book on Office 365 email signatures. Better yet, it’s free!

Join & Write a Comment

Easy CSR creation in Exchange 2007,2010 and 2013
This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now