Solved

Entire company not receiving external emails

Posted on 2007-11-20
7
344 Views
Last Modified: 2010-03-06
Just this morning the entire company stopped receiving external emails. Sending/receiving internally works fine, sending externally works fine, receiving external does NOT.

Only a single NDR recieved out of the hundreds of test emails I sent to myself.

Quote:
Reason: Remote SMTP server has rejected address
Diagnostic code: smtp;550 relay not permitted
Remote system: dns;nature.naturesvalue.com

Another funny thing I noticed is, I recieved 2 of my test emails after a 40 minute delay but nothing after that.

I don't recall changing anything on the Exchange server but if I did, what could be preventing external emails from coming in?

We're behind a Firebox Fireguard NAT router and according to dnsstuff.com, the MX record for naturesvalue.com is pointing to our router WAN IP (as it should, correct?) but according to dnscheck it does not find an MX record at all.

Incoming SMTP is allowed and being forwarded to the correct internal IP of the Exchange server.  SMTP for outgoing and optional network is allowed as well.  However I cannot telnet port 25, possibly an issue with the firebox?

I've spent literally hours researching and I just can't seem to find any resolution.
0
Comment
Question by:paintb4707
7 Comments
 
LVL 23

Accepted Solution

by:
debuggerau earned 125 total points
ID: 20325722
seen this a bit, seems some of the DNS servers while doing updates seem to 'forget' to bring over the MX record. Dig some DNS records off popular servers to observe the problem. Ring your network registrant and complain, you will at least find out who is not passing the correct stuff around.
There are DNS hack around which allow poisoning of records, but they are sorted out promptly, more likely a transitional problem.
Depending on your config, port 25 could return a welcome message when you connect. by typing 'quit' it should pop you out. This could be a secure setting though, since you might not be on the allow list.

0
 
LVL 15

Assisted Solution

by:wingatesl
wingatesl earned 125 total points
ID: 20325741
Using the domain name you listed I could not connect to your email server
> naturesvalue.com
Server:  ns-public.dmv.com
Address:  64.45.128.4

Non-authoritative answer:
naturesvalue.com        MX preference = 10, mail exchanger = MAIL.naturesvalue.c
om
> exit

C:\Documents and Settings\Administrator>telnet mail.naturesvalue.com 25
Connecting To mail.naturesvalue.com...Could not open connection to the host, on
port 25: Connect failed
0
 
LVL 3

Assisted Solution

by:mediaonegraphics
mediaonegraphics earned 125 total points
ID: 20325754
First place to check would be the logs on the Firebox.
0
Too many email signature updates to deal with?

Do you feel like you are taking up all of your time constantly visiting users’ desks to make changes to email signatures? Wish you could manage all signatures from one central location, easily design them and deploy them quickly to users? Well, there is an easy way!

 
LVL 3

Expert Comment

by:mediaonegraphics
ID: 20325761
Also do an nslookup on the dns server that is authoritative for your domain.
0
 
LVL 31

Assisted Solution

by:LeeDerbyshire
LeeDerbyshire earned 125 total points
ID: 20327899
Try a telnet from the LAN instead.  If it works, then it suggests a problem with the firewall, or maybe your ISP has decided to block incoming port 25 traffic.
0
 

Author Comment

by:paintb4707
ID: 20329962
Ahhhh I feel like an idiot.  Apparently it was the firewall.  I use a KVM switch to switch between our 2k3 server and the exchange server.  Apparently the configuration on the firewall rolled back to a previous state and incoming SMTP traffic was being sent to the 2k3 server.  I guess I got the IPs mixed up and thought it was being sent correctly.
0
 
LVL 31

Expert Comment

by:LeeDerbyshire
ID: 20329971
Hehe - been there, done that!
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

Local Continuous Replication is a cost effective and quick way of backing up Exchange server data. The following article describes the steps required to configure Local Continuous Replication. Also, the article tells you how to restore from a backup…
This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
how to add IIS SMTP to handle application/Scanner relays into office 365.

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now