• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1024
  • Last Modified:

Exchange Server SMTP can't send out gets stuck in queue

I have a 2003 sbs server and I can't get the virtual smtp server to send out email.  I am pretty sure its a dns issue, but don't know what to try.  I've added/changed the DNS numbers with no luck. I've tried to set up a smarthost, but I don't think it is right.  We have an at&t static DSL.  In the additional information it says rejected by host.  I think I ran into this years ago and I had microsoft log into a different server and they added a microsoft DNS server number to my DNS list.  Can anyone help?
0
totalsystemssupport
Asked:
totalsystemssupport
  • 19
  • 12
  • 2
  • +2
1 Solution
 
ajcaruso00Commented:
Is this to anyone or to certain places (e.g. AOL, yahoo, etc)?

It could be a number of things....

1) Can you resolve names via DNS?  open up a command prompt and type nslookup, then the following:

set q=MX
ou.edu

if you get:

Non-authoritative answer:
ou.edu  MX preference = 10, mail exchanger = dooku3.network.ou.edu
ou.edu  MX preference = 20, mail exchanger = roslyn.zero.ou.edu

roslyn.zero.ou.edu      internet address = 129.15.0.210
dooku3.network.ou.edu   internet address = 129.15.3.83

you're fine there.

2)  Can you actually get out on port 25?  from the command prompt,

telnet 129.15.0.210 25

you should get:

220 vader3.ironport-fe.ou.edu ESMTP

type quit, that worked.

Let me know about the above two and I then I will go on.
0
 
upul007Commented:
Dont have enough info on your setup. Can you use either of the tools below to see if it can figure out the issue?

1. Microsoft Exchange Server SMTPDiag Tool
http://www.microsoft.com/downloads/details.aspx?FamilyID=bc1881c7-925d-4a29-bd42-71e8563c80a9&DisplayLang=en

2. Microsoft Exchange Troubleshooting Assistant v1.1
http://www.microsoft.com/downloads/details.aspx?FamilyID=4bdc1d6b-de34-4f1c-aeba-fed1256caf9a&DisplayLang=en

I think the first tool itself will be adequate to id the situ. Wish u luck!
0
 
Muzafar MominCommented:
its an DNS problem , can you try putting the dns ip of hosted domain which u will get it from the people where you have hosted your server
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
totalsystemssupportAuthor Commented:
ajcaruso00: yeah all that worked fine.  What should I try now?  Thanks.
0
 
totalsystemssupportAuthor Commented:
upul007: I ran the first tool and it said everything was successfull.  local, remote and everything.  So now what? lol...

0
 
ajcaruso00Commented:
OK - lets take a look at the Connectors and the SMTP Virtual Server.

Under your routing groups, Connectors, you should have an SMTP connector.  If not create one.  For address space it should be SMTP,*,1.  For General Tab, Use DNS to route each address space on this connector (which is *).  In the advanced tab, click outbound security.  Click Anonymous access (just for now).

Under First Administrative Group, Server, select protocols, SMTP.  You should have a Default SMTP Virtual Server.  Right click and 1) make sure start is "grayed out" (that means it is running) and then 2) select properties.

General tab: IP Addresses: (All unassigned)
Access:
    Authentication: Select Anonymous Access (again for testing)
    Connection Control: All except the list below.
    Relay: All except the list below
               Allow all computers which successfully authenticate to relay
Messaging - doesn't matter
Delivery:
   Outbound - Anonymous access
   Advanced Delivery - Fully Qualified domain name:  This should be your full domain name.  Click Check DNS and make sure you get success.

Also, what is your domain name?  I can look at your DNS records and let you know if those are properly setup.

Finally, stupid question - but the tests from earlier where run from the server, right?

Let me know how the above goes. -T


0
 
totalsystemssupportAuthor Commented:
ok thats done.  Yeah I ran the dns test on the server.  I switched the things that weren't like you said and The domain is fubc.net  Its still saying the connection was dropped by the remote host

-Chris-


0
 
ajcaruso00Commented:
the machine should have a host name.   The MX record for the domain points to 216.180.225.50, but the PTR record for that points to global.dnsprotect.com.  This may be your issue (no reverse lookup).

Have you tried to telnet to the remote server on 25?

telnet remote.mailserver.com 25
helo fubc.net

If it disconnects right here, it is likely due to reverse lookup.  Contact your ISP and have them make the PTR record for the IP address point to your server's name.

Let me know. -T
0
 
totalsystemssupportAuthor Commented:
it says 220 mailbouncer then it says connect to host lost... is that what you thought??
0
 
totalsystemssupportAuthor Commented:
what should I ask the ISP to put in for the server name?  The actual name of the server?  Thanks.
0
 
ajcaruso00Commented:
Yes, it has to match, so I'd say fubc.net (or change your dns for your mx to machinename.fubc.net.  Time for happy hour... -T
0
 
totalsystemssupportAuthor Commented:
I'm a little confused on this.  Should I contact at&t (dsl provider) or is it through the website. fubc.net?  should I add it to the list of dns names on the website.  There is ns9.dnsprotect.com and ns10?  Or I am completely lost... lol...  thanks for any help!
0
 
ajcaruso00Commented:
Is the Exchange server hosted by you or dnsprotect? Looking at the IP address for you MX record, it looks like dnsprotect is hosting your mail server.  Is this correct?  You said you had an SBS server.  Is this at DNS protect or in your possession connected to the AT&T DSL?  Finally, are trying to relay all of your mail through dnsprotect (e.g. when I send you a message to fubc.net, is it supposed to go to your Exchange Server or to dnsprotect's server?

If I assume you want mail to come in/out of your Exchange server then you need:

1.  You need the static public IP address of your Exchange Server
2.  The name of the server (mail.fubc.net)
3.  Update ns9 & ns10 - create an A record for mail.fubc.net and an MX record
4.  Call your ISP (AT&T) and tell them you need a PTR record for the IP address in (1) to point to mail.fubc.net.

If this is not the case (i.e. my assumption is incorrect), let us know what you trying to accomplish - specifically around e-mail flow.

0
 
totalsystemssupportAuthor Commented:
Here is what I want to do.  I have the sbs connected to at&t static dsl with a public ip.  I have the mail currently hosted with dnsprotect.  I want to server to send out with smtp and I want to configure it to go and retrieve the pop mail from dnsprotect.  The server gets the mail fine, but it won't send out.
0
 
totalsystemssupportAuthor Commented:
Heres the thing.  I am almost positive that it is a problem with at&t.  It should just send out with the dns.  I have a couple of other servers at different locations that send out just fine with DNS.  But when you call them, they don't know anything and can't help with anything besides opening port 25.
0
 
totalsystemssupportAuthor Commented:
Oh, I also test the remote.mailserver.com 25 on a server that is working with sending out email, and it doesn't work either, so I don't think that that is the issue.  Is there anything else I can try, or tell at&t so the email will go out with dns?  Thanks.
0
 
ajcaruso00Commented:
Um, remote.mailserver.com 25 is an example, not a real server - so that will not work.  However, you indicated that

telnet 129.15.0.210 25

resulted in

220 vader3.ironport-fe.ou.edu ESMTP

so you can get out on port 25.  To whom are you trying to send e-mail (the domain)?  Some mail servers care about the DNS other don't.  As for accepting e-mail, that has little to do w/ AT&T, that is the remote system.  Most importantly though, is making sure you can do the above from the mail server.
0
 
totalsystemssupportAuthor Commented:
Yeah that worked fine.  exchange is saying the remote server did not respond to a connection attempt.  I really need to get this server to send emails out.  Is there anything else I need to try.
0
 
ajcaruso00Commented:
Lets backup a bit.  DNS and e-mail are only related in the since that, like all Internet services, DNS is used to resolve names to IP address.  The Exchange server needs only two things (assuming everything else working) to send mail, DNS resolution and the ability to send on port 25.

On the Exchange server, open a command prompt and

1.  type ping www.yahoo.com.  This tests DNS resolution.

2.  from the command prompt,
telnet 209.191.118.103 25

You should get some kind of message from yahoo's server.  This shows you can get out on port 25, type quit to exit.

3.  type nslookup.  You should have a DNS server listed under Default Server.  Make sure this is a real DNS server.  if you type
set  q=mx
yahoo.com
you should get a list of their mail servers.  If all of this works, then it is likely the Exchange setup and not DNS (though I do expect it is DNS somehow).

4.  Finally, as a double-check, make sure the SMTP service and all the related exchange services are running.

Finally - when you said Exchange says the remote server doesn't respond, do you mean when you type this from the command line or in the logs?  -T
0
 
totalsystemssupportAuthor Commented:
All that worked, except I don't know where to type set q=mx yahoo.com  
on the nslookup I get churchserver.fubchurch.local (the servers name and domain)

everything looks like it is runing as far as smtp

I get the remote server doesn't respond under the queues under additional queues information on the message that is trying to send out, it is in retry mode...
0
 
ajcaruso00Commented:
after opening a command prompt, type nslookup
then you will have a prompt that looks like
>
THat's where you type
set q=mx
yahoo.com

and you should get a bunch of stuff back.

Lemmie know  -T
0
 
totalsystemssupportAuthor Commented:
yeah, got a buncha stuff back.  Eveything seems to works?!?  but they won't leave the queues...

0
 
upul007Commented:
Please also see if you can check you domain at www.dnsreport.com using the DNSReport tool. Let us know what you get in terms of RED & YELLOW warnings.

Most probably your MX records are not properly set up.

Remember to verify the MX records that you get for your domain from your mail server as mentioned by ajcaruso00 (instead of yahoo.com, type your own domain name and your local DNS server ip / not the DNS IP for the ISP's DNS server - my domain.com 172.22.65.5) against the same details on the DNS Report.

at the command prompt on the mail server:
set q=all (enter)
<mydomain.com>space<mylocalDNSserverIP> (enter)
0
 
totalsystemssupportAuthor Commented:
heres the thing our fubc.net has nothing to do with our mail server.  We have our email hosted on another mail server not in house.  I just want the exchange serverr (in house) to send out using smtp on our at&t dsl with DNS.
0
 
ajcaruso00Commented:
For clarification, is this some mail that won't go or no mail will go?  upul007 is right in that your MX records don't list your server as a sender (didn't you have two MX addresses Friday?).  Now you only have one pointing to your ISP's server.  MX really only matters for receiving, but many people are using them when they get mail from you (they do a reverse lookup) to help fight SPAM.  That's why I am curious, just some messages can't go or all.  Also, does the error messages say anything about relaying? -T
0
 
totalsystemssupportAuthor Commented:
No emails have gone out yet that I know of.  I have a lot of emails to different places siting in the queues.  It just says the remote server did not respond.  I am not sure about the mx records.  I did try to us no-ip.com to try to ge the server to send out.  Maybe that did something?
0
 
ajcaruso00Commented:
So, in the queue you have a message to someone@somewhere.com.  open a cmd prompt, type in nslookup.
set q=mx
somewhere.com (from one of the items in your queue).

This will give you the IP address of the mail server.  Type exit to get out of nslookup.
Type
telnet <ipaddress> 25 using the ip address from above.
when you connect, type
helo mail.fubc.net
if it says hi back, we need to look at how you are resolving addresses in Exchange.

When you say you tried no-ip.com, where did you try that?
0
 
totalsystemssupportAuthor Commented:
Ok I got it to work, it is saying 250 mx12.dca.untdcom Hello adsl-76-247-148-94.dsl.lgtmi.sbcglobal.net pleased to meet you, then it says 451 timed out.

Is that good or bad?
0
 
totalsystemssupportAuthor Commented:
also we keep testing with fubc.net.  But that has nothing to do with this server.  I am not trying to send out with fubc.net  Or is it using fubc.net because that is their email address (reply address?)  I just want to server to send out the email.  I am using a pop3 connector to go and retreive the emails from our hosting server.  THanks..
0
 
ajcaruso00Commented:
re: the 451, if you didn't talk to the server, then a timeout is good - at least it didn't hang up on you.

As far as fubc.net, yes - that is who you are pretending to be when you send out e-mail (or, more precisely, relay e-mail through that server).  I understand you want the server to send mail, but with the huge increase in spam, most people don't want to accept mail from just any server - hence the reverse lookup scheme.

That you can telnet to mx12.dca.untdcom.com, lets see if it actually accepts an e-mail from you....

telnet mx12.dca.untdcom.com 25
helo fubc.net
mail from: george@fubc.net
rcpt to: <whoeveryouaresendingto@untdcom.com
data
Subject: Test message

This is a test, please reply.
.
quit

If that can all be accomplished, then they accept mail from your server.

Obviously, fill-in george w/ a real address and put a real address (without <> ) in the rcpt to: command.

Let us know how it goes. -T
0
 
totalsystemssupportAuthor Commented:
I can't connect to it.  It says could not open connection to the host on port 25
0
 
totalsystemssupportAuthor Commented:
I tried again with a different address and it worked, except it would not accept the rcpt to: command.  It said unrecongnized command
0
 
ajcaruso00Commented:
It should accept the command unless it already hung up on you or (if using windows telnet,)using the backspace key will mess up the session.  Try again an post the conversation.  -T
0
 
totalsystemssupportAuthor Commented:
Got it working, had to reinstall exchange, so there was a problem somewhere in exchange, even though all the setting were correct (like DNS #s).  After I did a clean install of exchange and put all the setting in, it worked right away.
0
 
Muzafar MominCommented:
gr8
0
 
Computer101Commented:
PAQed with points refunded (500)

Computer101
EE Admin
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 19
  • 12
  • 2
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now