Solved

Entire company not receiving external emails

Posted on 2007-11-20
7
354 Views
Last Modified: 2010-03-06
Just this morning the entire company stopped receiving external emails. Sending/receiving internally works fine, sending externally works fine, receiving external does NOT.

Only a single NDR recieved out of the hundreds of test emails I sent to myself.

Quote:
Reason: Remote SMTP server has rejected address
Diagnostic code: smtp;550 relay not permitted
Remote system: dns;nature.naturesvalue.com

Another funny thing I noticed is, I recieved 2 of my test emails after a 40 minute delay but nothing after that.

I don't recall changing anything on the Exchange server but if I did, what could be preventing external emails from coming in?

We're behind a Firebox Fireguard NAT router and according to dnsstuff.com, the MX record for naturesvalue.com is pointing to our router WAN IP (as it should, correct?) but according to dnscheck it does not find an MX record at all.

Incoming SMTP is allowed and being forwarded to the correct internal IP of the Exchange server.  SMTP for outgoing and optional network is allowed as well.  However I cannot telnet port 25, possibly an issue with the firebox?

I've spent literally hours researching and I just can't seem to find any resolution.
0
Comment
Question by:paintb4707
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 23

Accepted Solution

by:
debuggerau earned 125 total points
ID: 20325722
seen this a bit, seems some of the DNS servers while doing updates seem to 'forget' to bring over the MX record. Dig some DNS records off popular servers to observe the problem. Ring your network registrant and complain, you will at least find out who is not passing the correct stuff around.
There are DNS hack around which allow poisoning of records, but they are sorted out promptly, more likely a transitional problem.
Depending on your config, port 25 could return a welcome message when you connect. by typing 'quit' it should pop you out. This could be a secure setting though, since you might not be on the allow list.

0
 
LVL 15

Assisted Solution

by:wingatesl
wingatesl earned 125 total points
ID: 20325741
Using the domain name you listed I could not connect to your email server
> naturesvalue.com
Server:  ns-public.dmv.com
Address:  64.45.128.4

Non-authoritative answer:
naturesvalue.com        MX preference = 10, mail exchanger = MAIL.naturesvalue.c
om
> exit

C:\Documents and Settings\Administrator>telnet mail.naturesvalue.com 25
Connecting To mail.naturesvalue.com...Could not open connection to the host, on
port 25: Connect failed
0
 
LVL 3

Assisted Solution

by:mediaonegraphics
mediaonegraphics earned 125 total points
ID: 20325754
First place to check would be the logs on the Firebox.
0
Edgartown IT Case Study

Learn about Edgartown's quest to ensure the safety and security of the entire town's employee and citizen data. Read the case study!

 
LVL 3

Expert Comment

by:mediaonegraphics
ID: 20325761
Also do an nslookup on the dns server that is authoritative for your domain.
0
 
LVL 31

Assisted Solution

by:LeeDerbyshire
LeeDerbyshire earned 125 total points
ID: 20327899
Try a telnet from the LAN instead.  If it works, then it suggests a problem with the firewall, or maybe your ISP has decided to block incoming port 25 traffic.
0
 

Author Comment

by:paintb4707
ID: 20329962
Ahhhh I feel like an idiot.  Apparently it was the firewall.  I use a KVM switch to switch between our 2k3 server and the exchange server.  Apparently the configuration on the firewall rolled back to a previous state and incoming SMTP traffic was being sent to the 2k3 server.  I guess I got the IPs mixed up and thought it was being sent correctly.
0
 
LVL 31

Expert Comment

by:LeeDerbyshire
ID: 20329971
Hehe - been there, done that!
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Exchange Server not available 42 69
SECURITY CAM sends emails but they show 12 hours in the past..?? 2 56
exchange, owa 4 49
Exchange 2010 permissions issue 8 29
This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question