Solved

Entire company not receiving external emails

Posted on 2007-11-20
7
358 Views
Last Modified: 2010-03-06
Just this morning the entire company stopped receiving external emails. Sending/receiving internally works fine, sending externally works fine, receiving external does NOT.

Only a single NDR recieved out of the hundreds of test emails I sent to myself.

Quote:
Reason: Remote SMTP server has rejected address
Diagnostic code: smtp;550 relay not permitted
Remote system: dns;nature.naturesvalue.com

Another funny thing I noticed is, I recieved 2 of my test emails after a 40 minute delay but nothing after that.

I don't recall changing anything on the Exchange server but if I did, what could be preventing external emails from coming in?

We're behind a Firebox Fireguard NAT router and according to dnsstuff.com, the MX record for naturesvalue.com is pointing to our router WAN IP (as it should, correct?) but according to dnscheck it does not find an MX record at all.

Incoming SMTP is allowed and being forwarded to the correct internal IP of the Exchange server.  SMTP for outgoing and optional network is allowed as well.  However I cannot telnet port 25, possibly an issue with the firebox?

I've spent literally hours researching and I just can't seem to find any resolution.
0
Comment
Question by:paintb4707
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 23

Accepted Solution

by:
debuggerau earned 125 total points
ID: 20325722
seen this a bit, seems some of the DNS servers while doing updates seem to 'forget' to bring over the MX record. Dig some DNS records off popular servers to observe the problem. Ring your network registrant and complain, you will at least find out who is not passing the correct stuff around.
There are DNS hack around which allow poisoning of records, but they are sorted out promptly, more likely a transitional problem.
Depending on your config, port 25 could return a welcome message when you connect. by typing 'quit' it should pop you out. This could be a secure setting though, since you might not be on the allow list.

0
 
LVL 15

Assisted Solution

by:wingatesl
wingatesl earned 125 total points
ID: 20325741
Using the domain name you listed I could not connect to your email server
> naturesvalue.com
Server:  ns-public.dmv.com
Address:  64.45.128.4

Non-authoritative answer:
naturesvalue.com        MX preference = 10, mail exchanger = MAIL.naturesvalue.c
om
> exit

C:\Documents and Settings\Administrator>telnet mail.naturesvalue.com 25
Connecting To mail.naturesvalue.com...Could not open connection to the host, on
port 25: Connect failed
0
 
LVL 3

Assisted Solution

by:mediaonegraphics
mediaonegraphics earned 125 total points
ID: 20325754
First place to check would be the logs on the Firebox.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 3

Expert Comment

by:mediaonegraphics
ID: 20325761
Also do an nslookup on the dns server that is authoritative for your domain.
0
 
LVL 31

Assisted Solution

by:LeeDerbyshire
LeeDerbyshire earned 125 total points
ID: 20327899
Try a telnet from the LAN instead.  If it works, then it suggests a problem with the firewall, or maybe your ISP has decided to block incoming port 25 traffic.
0
 

Author Comment

by:paintb4707
ID: 20329962
Ahhhh I feel like an idiot.  Apparently it was the firewall.  I use a KVM switch to switch between our 2k3 server and the exchange server.  Apparently the configuration on the firewall rolled back to a previous state and incoming SMTP traffic was being sent to the 2k3 server.  I guess I got the IPs mixed up and thought it was being sent correctly.
0
 
LVL 31

Expert Comment

by:LeeDerbyshire
ID: 20329971
Hehe - been there, done that!
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Find out what you should include to make the best professional email signature for your organization.
Check out this step-by-step guide for using the newly updated Experts Exchange mobile app—released on May 30.
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

626 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question