Link to home
Start Free TrialLog in
Avatar of prophit4024
prophit4024Flag for United States of America

asked on

Exchange dead?

We where having some issues in the last few days with our exchange. WEll today it just died. No one can send or recieve. I have checked and rechecked the connectors and DNS. Nothing has been changed on the server in over a month. Not sure how to really troubleshoot this. Could someone please guide me to the right spot that would help.
I am able to telnet in from an outside network via port 25. So i know the port is open. All the services are running. Still not sure why this is not working. Thanks for the help and let me know if you need more details
ASKER CERTIFIED SOLUTION
Avatar of s2000hawaii
s2000hawaii

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of prophit4024

ASKER

I know for sure that port 25 is open. I can telnet in from an outside network. DNS is always a pain the butt. Just more info about the server its a dual NIC 2k3 server. Once nic is linked to the internet the other for internal. We also use this machine for VPN(we will soon be moving it)
NIC -LAN settings
1.2.3.4
255.255.255.0
no gateway
DNS is 1.2.3.4
NIC - WAN
66.77.88.99
255.255.255.248
66.77.88.00
DNS is 1.2.3.4

Could that be my issue? Not sure why that would have started to happen all of sudden
Firstly i would suggest running the Exchange Troubleshooting Assistant.

http://www.microsoft.com/downloads/details.aspx?familyid=4bdc1d6b-de34-4f1c-aeba-fed1256caf9a&displaylang=en

Let me know what is complains about...
not sure which test to try. Could you be more specific on which test you want. Also what about the test results is there something you want in general or just the whole result files?
There should be a Mail Flow troubleshooter, and if you can just quick-list any issues it lists.
it was giving me alot of errors about the remote servers its trying to send mail to. Alot of those either didnt respond. Im wondering if we got hit by an attack. Now OWA is not functionable.
Have a read through some of this.

Basically talks you through how to check if your an open relay (used for spam attacks) and how to clean up if you have been relayed.

http://www.amset.info/exchange/spam-cleanup.asp

i would recommend you go in to the exchange system manager, and see what mail is stacked up in the queues. Then you can do a "find all" to see all mail waiting to go out. Depending on the attitude of the company, i would choose to delete all the mail in the outbound queue, to see if something dodgy was causing the queue problems.

http://www.amset.info/exchange/spam-cleanup.asp
Well i tried the open relay and its not. I did check event viewer and i have a few of these in there
Event Type:      Warning
Event Source:      MSExchangeMTA
Event Category:      X.400 Service
Event ID:      290
Date:            7/22/2008
Time:            5:14:41 PM
User:            N/A
Computer:      PTEXCHANGESVR
Description:
A non-delivery report (reason code unable-to-transfer and diagnostic code unrecognised-OR-name) is being generated for message C=US;A= ;P=Printelogy;L=PTEXCHANGESVR-080722222835Z-9. It was originally destined for DN:CN=KLOSASSO,CN=RECIPIENTS,OU=FIRST ADMINISTRATIVE GROUP,O=PRINTELOGY§ (recipient number 1), and was to be redirected to . [MTA DISP:RESULT 16 136] (12)

For more information, click http://www.microsoft.com/contentredirect.asp.

I tried to reinstall the exchange server and might have cause more problems.
Avatar of bigbigsheep
bigbigsheep

hi

there are very strange, if i were you, i will try to reboot the server and test the function again , and check the event log.

remarks : may be your server turn on auto update option, need reboot the server for reload the service

anthony
Rebooting has been done about 20 times. Sometimes it take 5 minutes to come back up. Others over 30. We have just moved over to hosted exchange. We lost 2 days worth of emails and still cant figure out the problem. I have moved exchange to a new machine and still having issues. Once we have email function back up via hosted we will remove exchange and reload the machines with a new image. I found remnants of an attack. Thank you all for the help.
come to find out the we have 2 companys that handle our web hosting. This server was being handled by the one we didnt call. Come to find out they made some changes over the weekend and our MX records got tangled up and needed to be re-added