Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 308
  • Last Modified:

Exchange tries sending mail to the wrong IP address periodically

I have an SBS 2003 server running Exchange. Periodically, when sending to a remote domain it fails with an NDR, usually no such recipient. Looking in the SMTP logs I've noted that when the emails go through successfully, the Exchange server is sending to the correct IP address. When the emails fails, the Exchange server is trying to send to a wrong address, which happens to be the same domains WWW record IP address, which happens to be running an SMTP server, but kicks it back as no such recipeint. The remote domain is running their own mail server, not hosting it.
0
msjesiel
Asked:
msjesiel
1 Solution
 
codezpCommented:
I would suggest your try clearing the DNS, the wrong IP might be cached and it sometime pulls it up if it tries using local instead of network.

hope that helps
0
 
msjesielAuthor Commented:
That is one of the first things I did, flushed teh DNS cache on the server. This appears to be happening over several days time, longer than a likely TTL would be set at. I'm attaching two smtp logs for a successful mail delivery and a failed email delivery. They were sent an hour and a half apart or so.
0
 
msjesielAuthor Commented:
Here are the log files for failed and success delivery. One and a half hours apart.
failed.txt
successful-sent-hour-earlier.txt
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
codezpCommented:
Ok so they have both of those ips:

Pinging alderwoodwater.com [209.200.118.90] with 32 bytes of data:
Reply from 209.200.118.90: bytes=32 time=82ms TTL=113
Reply from 209.200.118.90: bytes=32 time=83ms TTL=113
Reply from 209.200.118.90: bytes=32 time=83ms TTL=113
Reply from 209.200.118.90: bytes=32 time=110ms TTL=113

C:\Users\Codez>ping smtp.alderwoodwater.com

Pinging smtp.alderwoodwater.com [74.94.76.97] with 32 bytes of data:
Reply from 74.94.76.97: bytes=32 time=109ms TTL=239
Reply from 74.94.76.97: bytes=32 time=111ms TTL=239
Reply from 74.94.76.97: bytes=32 time=110ms TTL=239
Reply from 74.94.76.97: bytes=32 time=110ms TTL=239



As you see 74.94.26.97 is their SMTP server and the other one is their web server. They are on seperate servers.

if I have to guess I would think either you have a wrong cache of it localy or their mx records are not setup properly.


0
 
codezpCommented:
if you do a nslookup -q=mx domain.com from your Exchange, does DNS resolv this to a correct name and IP of the destination domain?

I suspect the problem can be caused if you have an unneeded SMTP Connector -- for example, if you have a single-site, single server topology but have an SMTP Connector installed. However, this is only a guess. At one location I removed the unneeded SMTP Connector among other changes and the problem went away. I never knew if removing the SMTP connector solved the issue or if something else resolved the issue.

Also tryDNS properties and under forwarders section check if "Do not use recursion for this domain" is disabled.
Under "Advanced" tab see "Disable recursion" option is disabled.

Restart the DNS server and try if emails goes through at one shot.

ALSO

In the properties for the SMTP Virtual Server, set the IP address to be an IP not the "All Unassigned" option and that may help.

Hope that helps!
0
 
ckozloskiCommented:
Make sure that you have a world MX record that is pointed to the proper IP address. If your MX record is also an alias of your web domain that could cause problems.
0
 
msjesielAuthor Commented:
All great suggestions. I won't be able to try anything until after the weekend, so I'll get back to this on Monday. Thanks.
0
 
msjesielAuthor Commented:
Changed the SMTP virtual server configuration to not use external DNS, which it was. Also made sure teh internal DNS server forwarders were set correctly. It's sporadic, so I'll let it go a couple days adn see if we have any more failures.
0
 
Computer101Commented:
PAQed with points refunded (250)

Computer101
EE Admin
0

Featured Post

Become an Android App Developer

Ready to kick start your career in 2018? Learn how to build an Android app in January’s Course of the Month and open the door to new opportunities.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now