MikeGeig
asked on
Can't recieve outside email
Hello, I discovered yesterday that our organization was unable to recieve emails sent from external sources. Are configuration is Firewall->Barracuda Spam Filter->Exchange mail server. In my tests so far, I have found that our DNS is correct. Emails sent from an outside source are let through the spam filter. This means that mail is making it through the firewall and then through the spam filter. There they dissapear. The senders are not recieving any type of error message about the email. I have check the queues of the exchange server and can still find no trace of the emails that made it through the spam filter. Any help would be appreciated.
Did you check your tracking logs to see if Exchange received the messages? If nothing is there, examine your SMTP logs for inbound mail from the barracuda. Does barracuda has telnet as one of its tools so you can see what Exchange said during the SMTP conversation. Also, it has logs, what do they state happened to the messages?
Sup DarkStar3d :P
ASKER
How do I check these logs? I apologize, but I am very much a beginner in the ways of network administration. ATIG, all I can say is that I have no idea how to do anything you just said
Open the Exchange management console under organizational configurations > Hub transport then the Send connections tab, Then double click on send mail add an * to the list. Try that and let me know if that helps. Also it may be something to do with your MX records.
heheh :)
1. Can you logon to your spam filter and telnet to port 25 on your Exchange server?
2. as mentioned by Dark..... an easy test would be to look at your message tracking logs (if they are enabled)
-- open ESM -- tools -- message tracking center
this should help you find whats going on with the message
3. Are you running an Anti virus on the 2003 server?
last but not least have you rebooted your Exchange server or just tried to restart the services?
1. Can you logon to your spam filter and telnet to port 25 on your Exchange server?
2. as mentioned by Dark..... an easy test would be to look at your message tracking logs (if they are enabled)
-- open ESM -- tools -- message tracking center
this should help you find whats going on with the message
3. Are you running an Anti virus on the 2003 server?
last but not least have you rebooted your Exchange server or just tried to restart the services?
ASKER
Crown, * was already added to my list. As far as MX goes, I am not sure what it is or how to check it
I did not pay attention you are running Ex 2007?
If so open EMC --> toolbox --> mail flow troubleshooter
-- for message tracking if you have more than 1 server its best to do from EMS
however if you have 1 then in the toolbox is the message tracking tool as well....
Under - Server config --hub transport -- validate your recieve connector is enabled
you can open EMS -- test-mailflow
-- for message tracking if you have more than 1 server its best to do from EMS
however if you have 1 then in the toolbox is the message tracking tool as well....
Under - Server config --hub transport -- validate your recieve connector is enabled
you can open EMS -- test-mailflow
ASKER
ATIG, yes I am. The lest message in my logs were yesterday at about 6 in the morning from my spam filter. Does this make it safe to assume that even though my spam firewall claims to be sending the emails that it it not? Or maybe there is a routing issue? I don't know how to check from here
ASKER
I did a barracuda diagnostic:
Could not send email to your default mail server. Please verify that your mail server is reachable and is accepting mail. If you are using a DNS name for your default mail server, verify that your DNS settings are properly configured
Supposedly valid email is being rejected by your mail server. Please verify your test email address, and configure your mail server to receive email for this address from the Barracuda Spam Firewall.
It does not look like the MX record for your default domain resolves to your Barracuda Spam Firewall's IP address. Please verify that your DNS servers are properly configured.
Inbound Mail Reception...
Could not send mail to your Barracuda Spam Firewall. Please verify that your network permissions (firewall) allow SMTP traffic from the Internet to the Barracuda Spam Firewall
Could not send email to your default mail server. Please verify that your mail server is reachable and is accepting mail. If you are using a DNS name for your default mail server, verify that your DNS settings are properly configured
Supposedly valid email is being rejected by your mail server. Please verify your test email address, and configure your mail server to receive email for this address from the Barracuda Spam Firewall.
It does not look like the MX record for your default domain resolves to your Barracuda Spam Firewall's IP address. Please verify that your DNS servers are properly configured.
Inbound Mail Reception...
Could not send mail to your Barracuda Spam Firewall. Please verify that your network permissions (firewall) allow SMTP traffic from the Internet to the Barracuda Spam Firewall
Can users send mail to each other-- if yes then most likely that EX is ok however
from you workstation --open a command window
telent youexservername 25 <enter>
help <enter>
mail from: youremaial <enter>
rcp to: youremail <enter>
data <enter>
. <enter>
quit
you should get an email from your self,
this will test you recieving email from a simulated outside source by your Ex server.
yes its possible that the spam filter is not passing the messages.. anything is possible
from you workstation --open a command window
telent youexservername 25 <enter>
help <enter>
mail from: youremaial <enter>
rcp to: youremail <enter>
data <enter>
. <enter>
quit
you should get an email from your self,
this will test you recieving email from a simulated outside source by your Ex server.
yes its possible that the spam filter is not passing the messages.. anything is possible
so mail flow should be --- pass firewall -spam-exchange
what IP is live/routeable? are you Nating?
to find your MX
nslookup <enter>
set type=mx
youdomainname <enter>
this should poin to your fireall or spam (i dont know your setup)
what IP is live/routeable? are you Nating?
to find your MX
nslookup <enter>
set type=mx
youdomainname <enter>
this should poin to your fireall or spam (i dont know your setup)
ASKER
My MX ip points to my ex server, not my spam filter or firewall.
Firewall 10.1.1.1
Filter 10.1.1.4
ex 10.1.1.13
(physically in that order)
Users can send to each other and they can send outbound
Firewall 10.1.1.1
Filter 10.1.1.4
ex 10.1.1.13
(physically in that order)
Users can send to each other and they can send outbound
ASKER
Also, I don't know what Nating is
those are private ips....... what is your live external Ip...
you dont need an MX for internal usage either....
what is your domain name I can look it up if you willing to state it
you dont need an MX for internal usage either....
what is your domain name I can look it up if you willing to state it
Nat -Network Address Translation
http://en.wikipedia.org/wiki/Network_address_translation
which is looks like your doing
http://en.wikipedia.org/wiki/Network_address_translation
which is looks like your doing
ASKER
ymcastark.org
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Let me check that. I have to look into my firewall config real quick
ASKER
Well, ATIG, I thank you for your help. As it turns out, the problem was an error 4.3.1 Insufficient Resources. Apparently the resource watcher required the server to have an extra 5 gigs of space. My drive dipped into the 4.70 range and my server refused the smtp emails. For anyone in the future who reads this, go here http://exchangepedia.com/blog/2007/03/exchange-server-2007-transport-452-431.html
ASKER
By the way, I gave you the points. Thanks
is it possible to remove that from that mix?
you have restarted your transport services?
try running dcdiag on your ex server to see if its communication with the directory?
are 100% of messages failing to show?
try telent from spam filter to ex server on port 25 and send your self a message.
what has changed recently