Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Entire company not receiving external emails

Posted on 2007-11-20
7
Medium Priority
?
365 Views
Last Modified: 2010-03-06
Just this morning the entire company stopped receiving external emails. Sending/receiving internally works fine, sending externally works fine, receiving external does NOT.

Only a single NDR recieved out of the hundreds of test emails I sent to myself.

Quote:
Reason: Remote SMTP server has rejected address
Diagnostic code: smtp;550 relay not permitted
Remote system: dns;nature.naturesvalue.com

Another funny thing I noticed is, I recieved 2 of my test emails after a 40 minute delay but nothing after that.

I don't recall changing anything on the Exchange server but if I did, what could be preventing external emails from coming in?

We're behind a Firebox Fireguard NAT router and according to dnsstuff.com, the MX record for naturesvalue.com is pointing to our router WAN IP (as it should, correct?) but according to dnscheck it does not find an MX record at all.

Incoming SMTP is allowed and being forwarded to the correct internal IP of the Exchange server.  SMTP for outgoing and optional network is allowed as well.  However I cannot telnet port 25, possibly an issue with the firebox?

I've spent literally hours researching and I just can't seem to find any resolution.
0
Comment
Question by:paintb4707
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 23

Accepted Solution

by:
debuggerau earned 500 total points
ID: 20325722
seen this a bit, seems some of the DNS servers while doing updates seem to 'forget' to bring over the MX record. Dig some DNS records off popular servers to observe the problem. Ring your network registrant and complain, you will at least find out who is not passing the correct stuff around.
There are DNS hack around which allow poisoning of records, but they are sorted out promptly, more likely a transitional problem.
Depending on your config, port 25 could return a welcome message when you connect. by typing 'quit' it should pop you out. This could be a secure setting though, since you might not be on the allow list.

0
 
LVL 15

Assisted Solution

by:wingatesl
wingatesl earned 500 total points
ID: 20325741
Using the domain name you listed I could not connect to your email server
> naturesvalue.com
Server:  ns-public.dmv.com
Address:  64.45.128.4

Non-authoritative answer:
naturesvalue.com        MX preference = 10, mail exchanger = MAIL.naturesvalue.c
om
> exit

C:\Documents and Settings\Administrator>telnet mail.naturesvalue.com 25
Connecting To mail.naturesvalue.com...Could not open connection to the host, on
port 25: Connect failed
0
 
LVL 3

Assisted Solution

by:mediaonegraphics
mediaonegraphics earned 500 total points
ID: 20325754
First place to check would be the logs on the Firebox.
0
Veeam Task Manager for Hyper-V

Task Manager for Hyper-V provides critical information that allows you to monitor Hyper-V performance by displaying real-time views of CPU and memory at the individual VM-level, so you can quickly identify which VMs are using host resources.

 
LVL 3

Expert Comment

by:mediaonegraphics
ID: 20325761
Also do an nslookup on the dns server that is authoritative for your domain.
0
 
LVL 31

Assisted Solution

by:LeeDerbyshire
LeeDerbyshire earned 500 total points
ID: 20327899
Try a telnet from the LAN instead.  If it works, then it suggests a problem with the firewall, or maybe your ISP has decided to block incoming port 25 traffic.
0
 

Author Comment

by:paintb4707
ID: 20329962
Ahhhh I feel like an idiot.  Apparently it was the firewall.  I use a KVM switch to switch between our 2k3 server and the exchange server.  Apparently the configuration on the firewall rolled back to a previous state and incoming SMTP traffic was being sent to the 2k3 server.  I guess I got the IPs mixed up and thought it was being sent correctly.
0
 
LVL 31

Expert Comment

by:LeeDerbyshire
ID: 20329971
Hehe - been there, done that!
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Unified and professional email signatures help maintain a consistent company brand image to the outside world. This article shows how to create an email signature in Exchange Server 2010 using a transport rule and how to overcome native limitations …
I don't pretend to be an expert at this, but I have found a few things that are useful. I hope that sharing them here will help others, so they will not have to face some rather hard choices. Since I felt this to be a topic of enough importance and…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

670 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question