syip88
asked on
Exchange 2000, some senders complaint their email did not get through with the below message
We are running MS EX 2000 and the last few days there have been senders saying they receive bounced back messages with the error message. The problem is sporadic. I would send from gmail and the server and the OL client will receive without any problem but on yahoo, it continues to have the same problem. The restart of the SMTP services would help and allow the message to come through but after awhile the problem arise again. Any idea? May be some of the internet email servers are having problem and our ISP has an issue? The 65.254.231.150 represents the IP address of one of the MX records. The host name is 12.104.133.2.zircon.com and also mail.zircon.com with the 12.104.133.2 IP address. Both MX records show we are not on blacklisted. Thanks in advance,
ASKER
Hi Midustouch,
1. The email from the Internet does come through directly
2 & 3. There is a LAN server called "mail" setup to receive and process Internet email. That's also running a SPAM fltering software. We are using TrendMicro IMSS.
Additonal info: if I send 10 email from Yahoo, without changing any configuration, may be 4 will come through, the rest will have the same error message. Gmail has a better %, may be 9 out of 10 will come through. If I restart the SMTP services, it looks to work for awhile, but then go back to the same problem again. There has been no changes, we start having this problem few days ago, and one of the blacklist thing has been removed for two days. Thanks much
1. The email from the Internet does come through directly
2 & 3. There is a LAN server called "mail" setup to receive and process Internet email. That's also running a SPAM fltering software. We are using TrendMicro IMSS.
Additonal info: if I send 10 email from Yahoo, without changing any configuration, may be 4 will come through, the rest will have the same error message. Gmail has a better %, may be 9 out of 10 will come through. If I restart the SMTP services, it looks to work for awhile, but then go back to the same problem again. There has been no changes, we start having this problem few days ago, and one of the blacklist thing has been removed for two days. Thanks much
I would suggest doing this, send the 10 emails from yahoo with subject titles "Test send 1". "Test send 2" up till "Test send 10". See if all of them arrive and in which sequence.
How is your DNS configured? Are you hosting the primary DNS for your internet domain or your provider?
If it's your provider, it could be your reverse lookup on your provider is not configured correctly. Causing SMTP connection to fail between yours and Yahoo's.
Yahoo has multiple smtp sending servers and connect to your first SMTP may be failing between SOME yahoo smtp sending servers.
How is your DNS configured? Are you hosting the primary DNS for your internet domain or your provider?
If it's your provider, it could be your reverse lookup on your provider is not configured correctly. Causing SMTP connection to fail between yours and Yahoo's.
Yahoo has multiple smtp sending servers and connect to your first SMTP may be failing between SOME yahoo smtp sending servers.
When you say restart SMTP, are you refering to the IMSS side or your exchange side?
Are there any problems sending email internally?
Do you have OWA installed on your network?
Are there any problems sending email internally?
Do you have OWA installed on your network?
If you've been running smoothly for some time prior to this and there have been no major changes in configuration on your IMSS server or your Exchange server, I would check with your ISP to see if they've made any recent changes to their DNS.
Did your SMTP server hang before you reset it? Prior to resetting it, is it able to receive mail from google? Is the problem isolated to yahoo only?
Did your SMTP server hang before you reset it? Prior to resetting it, is it able to receive mail from google? Is the problem isolated to yahoo only?
Your problem is your first MX record 12.104.133.2.zircon.com, which does not resolve to any IP addresses, this will cause you problems, either remove it or rename it as 12-104-133-2.zircon.com.
Cause 12.104.133.2.zircon.com, even with a Ip address will not be resolved by DNS servers and since your MX preferences are set to 10 on both records, it's just normall that mail will not flow in normally.
So i would rename the first one and change the MX preferences, the first at 10, the second 50 for example, or completely remove the first MX record
Cause 12.104.133.2.zircon.com, even with a Ip address will not be resolved by DNS servers and since your MX preferences are set to 10 on both records, it's just normall that mail will not flow in normally.
So i would rename the first one and change the MX preferences, the first at 10, the second 50 for example, or completely remove the first MX record
ASKER
The SMTP I restarted is on the exchange server, but it might have the same impact if I restart the SMTP on the IMSS side.
Sending email internally is not a problem
Yes, OWA is available via other server and it is not affected.
Do you think it is the IMSS rejecting some of the email?
Thanks
Sending email internally is not a problem
Yes, OWA is available via other server and it is not affected.
Do you think it is the IMSS rejecting some of the email?
Thanks
Have you checked the connection logs and spam folder on your IMSS machine?
External MX record pointing to IMSS server right?
External MX record pointing to IMSS server right?
ASKER
Hi isaman07,
How do you change the MX record? I was not aware of the second host name 12.104.133.2.zircon.com in the past, and its IP address is 65.254.231.150 which is showing in the error message. When doing a whois on the address, it belongs to yourhostingaccount.com which I tried contacting them but no respond so far. So I don't want to mess it up as I am sure if the ISP requires this setting...12.104.133.2 is our host name - mail.zircon.com
Thanks
How do you change the MX record? I was not aware of the second host name 12.104.133.2.zircon.com in the past, and its IP address is 65.254.231.150 which is showing in the error message. When doing a whois on the address, it belongs to yourhostingaccount.com which I tried contacting them but no respond so far. So I don't want to mess it up as I am sure if the ISP requires this setting...12.104.133.2 is our host name - mail.zircon.com
Thanks
I would suggest you make a call to the tech support of your ISP on this issue.
But do the test send email with sequential headers - this will provide you the "ammo" against your ISP.
But do the test send email with sequential headers - this will provide you the "ammo" against your ISP.
If you're hosting your own DNS, you can change it from the external facing DNS.
Is your IMSS server's ip address 12.104.133.2?
ASKER
How come restarting the SMTP on the exchange server seems to fix the problem temporary? But it goes back to the problem again?
I am not sure if IMSS is 12.104.133.2 and it also may be the mail.zircon.com, I will find out
sorry I am bit confuse here
I am not sure if IMSS is 12.104.133.2 and it also may be the mail.zircon.com, I will find out
sorry I am bit confuse here
Don't restart the SMTP on your exchange anymore for now. do the test email with sequential subject titles first. We'll see how the email arrives from yahoo first.
Contact your DNS provider and ask them to remove it.
I just did some tests, your first MX record is not accepting to connections at all.
No do not remove it;
> zircon.com
Server: dns7.xxxxxxx.com.sg
Address: 202.156.1.78
Non-authoritative answer:
Name: zircon.com
Address: 65.254.231.150
> mail.zircon.com
Server: dns7.xxxxxx.com.sg
Address: 202.156.1.78
Non-authoritative answer:
Name: mail.zircon.com
Address: 12.104.133.2
> quit
C:\>ping 12.104.133.2
Pinging 12.104.133.2 with 32 bytes of data:
Reply from 12.104.133.2: bytes=32 time=627ms TTL=50
Reply from 12.104.133.2: bytes=32 time=391ms TTL=50
Reply from 12.104.133.2: bytes=32 time=832ms TTL=50
Reply from 12.104.133.2: bytes=32 time=934ms TTL=50
> zircon.com
Server: dns7.xxxxxxx.com.sg
Address: 202.156.1.78
Non-authoritative answer:
Name: zircon.com
Address: 65.254.231.150
> mail.zircon.com
Server: dns7.xxxxxx.com.sg
Address: 202.156.1.78
Non-authoritative answer:
Name: mail.zircon.com
Address: 12.104.133.2
> quit
C:\>ping 12.104.133.2
Pinging 12.104.133.2 with 32 bytes of data:
Reply from 12.104.133.2: bytes=32 time=627ms TTL=50
Reply from 12.104.133.2: bytes=32 time=391ms TTL=50
Reply from 12.104.133.2: bytes=32 time=832ms TTL=50
Reply from 12.104.133.2: bytes=32 time=934ms TTL=50
Ok, you're running IMSS 5.5 on your 12.104.133.2 and have verified that it's listening. (using telnet to your port 25).
Check with your ISP on why 65.254.231.150 is not relaying.
Get your ISP to set 12.104.133.2 as your primary connection.
If it's already set to your primary SMTP connection, then bandwidth problems may be causing connectivity issues to your IMSS server.
Reason I'm saying that is the yahoo server is connecting to your 65.254.231.150 server instead of your 12.104.133.2 server.
Doing a DNS lookup mail.zircon.com points to your 12.104.133.2 server, it shouldn't even connect to 65.254.231.150
I would check your internal connection from your exchange to IMSS too.
Check with your ISP on why 65.254.231.150 is not relaying.
Get your ISP to set 12.104.133.2 as your primary connection.
If it's already set to your primary SMTP connection, then bandwidth problems may be causing connectivity issues to your IMSS server.
Reason I'm saying that is the yahoo server is connecting to your 65.254.231.150 server instead of your 12.104.133.2 server.
Doing a DNS lookup mail.zircon.com points to your 12.104.133.2 server, it shouldn't even connect to 65.254.231.150
I would check your internal connection from your exchange to IMSS too.
ASKER
is this our first MX record?
10 12.104.133.2.zircon.com 65.254.231.150
Is the 2nd IP belongs to the ISP?
Is that common to have 2 MX records?
10 12.104.133.2.zircon.com 65.254.231.150
Is the 2nd IP belongs to the ISP?
Is that common to have 2 MX records?
If your ISP provides a backup SMTP services, yes. Some ISPs have that service and it's normally chargable.
Contact your ISP on this issue.
Contact your ISP on this issue.
ASKER
Yes, I agree the problem might be on ISP end as it indicated that IP address on the error message.. The problem is contacting the ISP at this point. I took over from a previous IT person and he told me we are with starlogic but I don't see if the company exists now. Looks to me the IP belongs to yourhostingaccount.com but they are nowhere to be contacted too..
Is that safe or possible to remove the MX record pointing to 65.254.231.150 (I assume it is the ISP) without contacting them, then it only has one record and points to 12.104.133.2 <> mail.zircon.com <> host name zircon.com. If it is possible, do you think everything will work?
Is that safe or possible to remove the MX record pointing to 65.254.231.150 (I assume it is the ISP) without contacting them, then it only has one record and points to 12.104.133.2 <> mail.zircon.com <> host name zircon.com. If it is possible, do you think everything will work?
Your ISP is startlogic.
Domain name: ZIRCON.COM
Administrative Contact:
Corporation, Zircon james@zircon.com
1580 Dell Av
Campbell, CA 95008
US
+1.4083762825 Fax: +1.4088669230
Technical Contact:
Manager, Domain hostmaster@startlogic.com
919 E Jefferson St.
Suite 100
Phoenix, AZ 85034
US
+1.8007258064
Registration Service Provider:
StartLogic, Inc., hostmaster@startlogic.com
1-800-725-8064
http://www.startlogic.com
Domain name: ZIRCON.COM
Administrative Contact:
Corporation, Zircon james@zircon.com
1580 Dell Av
Campbell, CA 95008
US
+1.4083762825 Fax: +1.4088669230
Technical Contact:
Manager, Domain hostmaster@startlogic.com
919 E Jefferson St.
Suite 100
Phoenix, AZ 85034
US
+1.8007258064
Registration Service Provider:
StartLogic, Inc., hostmaster@startlogic.com
1-800-725-8064
http://www.startlogic.com
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
midustouch, thanks for the ISP info.
I thought it was starlogic then I see the yourhostingaccount.com info which confused me. I will stay on this track to contact the ISP and find what's going on. The live chat with Startlogic is on but don't see anyone there.
So, the question to ask (once I am able to contact them) is why the IP 65.254.231.150 is rejecting the senders? Thanks and will keep you posted
I thought it was starlogic then I see the yourhostingaccount.com info which confused me. I will stay on this track to contact the ISP and find what's going on. The live chat with Startlogic is on but don't see anyone there.
So, the question to ask (once I am able to contact them) is why the IP 65.254.231.150 is rejecting the senders? Thanks and will keep you posted
ASKER
Isaman07,
I missed your suggestion. Are you saying make the 12.104.133.2 as 10 and make other one 50? I think right now, they both are 10 and the ISP one is on the top when doing the mxtoolbox.com , does it make a difference? Thanks
I missed your suggestion. Are you saying make the 12.104.133.2 as 10 and make other one 50? I think right now, they both are 10 and the ISP one is on the top when doing the mxtoolbox.com , does it make a difference? Thanks
Check if you have they are the backup SMTP provider for your domain - if they are, ask why the messages are being bounced.
If they're not, ask why is their server listed as one of the MX records and if it's a necessary record.
Anything else depends on their response.
Good luck.
If they're not, ask why is their server listed as one of the MX records and if it's a necessary record.
Anything else depends on their response.
Good luck.
To your question to Isaman07, check with your ISP first on the history then decide. I suspect they are hosting your DNS records too so you might have to go through them to modify anything.
Yes, it makes a difference, cause then the mail will go directly to your server 12.104.133.2, just in case your server is not available, then it will go to your ISP address 65.xxx.xxx.xxx
That's why, even if they are providing mail backup or relay, your server should be the primary one and not theirs. It just doesn't make sense having their IP as primary.
Being on top or bottom within the DNS zone doesn't change anyhting, the important is the MX preferences, the lower preference is the primary, the next lower preference will be contacted only if the first one is down or unreachable.
Did you read the report that i attached in my prior posting?
That's why, even if they are providing mail backup or relay, your server should be the primary one and not theirs. It just doesn't make sense having their IP as primary.
Being on top or bottom within the DNS zone doesn't change anyhting, the important is the MX preferences, the lower preference is the primary, the next lower preference will be contacted only if the first one is down or unreachable.
Did you read the report that i attached in my prior posting?
ASKER
isaman07,
Yes, I took a look earlier and now I see how they are listed. I am trying to contact them now but no success so far. Will keep you guys posted. Thanks
Yes, I took a look earlier and now I see how they are listed. I am trying to contact them now but no success so far. Will keep you guys posted. Thanks
ASKER
Isaman07,
Finally talked the ISP and they actually did not know what the problem is so I told them to redo the preferences so now the MX records are:
10 mail.zircon.com <> 12.104.133.2
20 12.104.133.2 <> 65.254.231.150
But they said it will take about 24-48 hrs for it to be fully updated..
Looks like the email is flowing now, at least those who reported problems are coming through, not sure if there is any bounced. Can you check if everything is lining up correctly now and email should be working? Thanks
Finally talked the ISP and they actually did not know what the problem is so I told them to redo the preferences so now the MX records are:
10 mail.zircon.com <> 12.104.133.2
20 12.104.133.2 <> 65.254.231.150
But they said it will take about 24-48 hrs for it to be fully updated..
Looks like the email is flowing now, at least those who reported problems are coming through, not sure if there is any bounced. Can you check if everything is lining up correctly now and email should be working? Thanks
ASKER
I meant
20 12.104.133.2,zircon.com <> 65.254.231.150
20 12.104.133.2,zircon.com <> 65.254.231.150
It 24-48 hours as the DNS TTL is set as such by your provided. You may be able to request for shorter TTLs but it will only take effect once the original lapses. Decreasing TTL (Time to Live) will speed up replication but will increase bandwidth usage.
Typo = I meant "provider" not "provided"
Awesome, everything is lined up as it should be, i can cinnect instantly to your server, which was not the case two days ago.
Final thought, if your ISp is doing nothing, like backup email server or relay, just remove the pointer to their server. Regardless, it looks great.
Harout
Final thought, if your ISp is doing nothing, like backup email server or relay, just remove the pointer to their server. Regardless, it looks great.
Harout
ASKER
Yes, thanks isaman07. I believe you guys have the same suggestion. If sharing is okay, both of you should be credited. Best regards,
I don't care much about the points, so fine by me and thanks
I do... *grin* I need to hit my 3000pts for my account to remain advertisement free...
ASKER
do you want me to re-assign that? Or if it is possible to do it? Tell me how.
Sorry for the inconvenience
Sorry for the inconvenience
No worries, just do as you see fit. Answered for the points and MOSTLY for the fun of it. So whatever is ok. Cheers.
Points not awarded yet... :-P
2. Is your email coming through another machine in your LAN before reaching your Exchange server?
3. Do you have any SPAM filtering software/devices?