How do I troubleshoot Exchange to see why I am not able to send or receive emails outside the network?

Our Exchange work fine yesterday morning until our ISP  came in to replace our modem that handles our telephone system.  They did not touch the modem that handles the internet or touch any other cables.
It could probably be conincidental that he arrived at the same time the email was down.
How can I troubleshoot to find out why email is down?
j_ramesesInfo Sys MngrAsked:
Who is Participating?
 
Antonio VargasConnect With a Mentor Microsoft Senior Cloud ConsultantCommented:
dont you have a router? check also if your company ip address is still the same
for some reason they could have changed it and you also need to change your mx record.
one question: when you tracked the email sent from outside (gmail for example) does it arrives to exchange?
0
 
flyingskyCommented:
obviousely you need to make sure your Internet connection is working fine first. (you can try just browse the internet, do a speed test, etc).
In terms of determine why cannot send email outside, do a message track and find out where it stops.
for not receiving email, try send email to yourself from an outside account (like Yahoo, Gmail, etc) and see if you get any NDR.
0
 
sstone55423Commented:
Do you have outbound internet connections?  Can you ping outside?  Is your data connection cable modem or DSL?  (or something else?)
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
AzyreCommented:
What is the NDR that is generated when you attempt to send a mail from your exchange server?  Is mail down for both internal and external emails, or only external?
0
 
cavinlimCommented:
In Exchange server queue, it that shown Retry? or it successful send out to internet?

Your Exchange server is your SMTP gateway, where it will route email to internet directly?

Can you perform nslookup, make sure your domain able to resolve the recipient domain likes yahoo.com and hotmail.com.

Try to send email from external, hotmail account to your organization see hotmail got bound back any message or not.

0
 
j_ramesesInfo Sys MngrAuthor Commented:
i am able to receive internal mail but not external.
I have tried to send mail to from from hotmail.com and yahoo.com and no mail arrives.
I do not get a NDR.
I have cable modem.
Surfing the net is normal.
Pinging any URL works.

FLYINGSKY,
How do I track an email to see where it gets stuck at?
0
 
flyingskyCommented:
system manager -> tools -> message tracking center.
0
 
j_ramesesInfo Sys MngrAuthor Commented:
flyingsky,
i found them, now what?
0
 
j_ramesesInfo Sys MngrAuthor Commented:
flyingsky, this is where it stops:

10/15/08  9:11 AM   SMTP Store Driver:  Message delivered locally to store to username@website.
0
 
flyingskyCommented:
try send an email to outside, then using the tracking center to track
0
 
Antonio VargasMicrosoft Senior Cloud ConsultantCommented:
They changed the modem or the router?
0
 
j_ramesesInfo Sys MngrAuthor Commented:
they changed one of the modems, the one that had the phone lines connected to it.
I have two modems.
one for the internet and one for the phone lines.
the modem with the internet has four phone lines attached to it.
the other modem which was replaced has three lines attached to it.
0
 
j_ramesesInfo Sys MngrAuthor Commented:
everyone,
i am able to send email out from the network to to outside the network.
0
 
Antonio VargasMicrosoft Senior Cloud ConsultantCommented:
other hint. go to cmd line on a pc with internet and do:
nslookup
set type=mx
companyname.com (your company name)
you will get the mx (mail) record active for your company.. check if it's correct..
0
 
Antonio VargasMicrosoft Senior Cloud ConsultantCommented:
if you are able to send and not receive it could be my hint the correct... mx record wrong only afects inbound mail
0
 
j_ramesesInfo Sys MngrAuthor Commented:
greatvargas,
the email does not arrive to exchange according to Exchange-->tools-->message tracking center.
how do i track emails from the outside like hotmail coming to the network?
nothing shows up when i enter my email address  as the sender.
should i remove the server name from the list as server?
0
 
Antonio VargasMicrosoft Senior Cloud ConsultantCommented:
you try to send with hotmail and nothing shows up.. right? you cannot track in exchange something that simply does not get there... if i'm right.. we have two possible reasons here:
- router nat problems.. you still did not told me if you have a router (default gateway)
- mx record problems.. do the command line i told you to do and for example ping the address you get or check with the isp what are your public address(s).. mx record should be one of them or the one.. understood?

0
 
j_ramesesInfo Sys MngrAuthor Commented:
greatvargas, this is the error message i get from typing : nslookup:

Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.

C:\Documents and Settings\Administrator>nslookup
*** Can't find server name for address 10.0.0.1: Non-existent domain
Default Server:  UnKnown
Address:  10.0.0.1
0
 
j_ramesesInfo Sys MngrAuthor Commented:
greatvargas,
yes i have a router.
0
 
j_ramesesInfo Sys MngrAuthor Commented:
i am able to ping my router, my server, and my website
0
 
Antonio VargasMicrosoft Senior Cloud ConsultantCommented:
is not finding dns server name... type nslookup -server yourdnsservername
0
 
Antonio VargasMicrosoft Senior Cloud ConsultantCommented:
or do the nslookup on the server insted of doing it on your machine
0
 
Antonio VargasMicrosoft Senior Cloud ConsultantCommented:
what we need to know is... whats your mx record ip address .. tell me something.. you have always the same external ip provided by the isp?
0
 
sstone55423Connect With a Mentor Commented:
The error message you get in nslookup is normal, it just means there is no PTR record for 10.0.0.1.
 
After you get that, then do the remaining steps:
set type=mx
companyname.com
 
Did the ISP change your subnet IP addresses?  Please get the result of the MX above, or give us the domain name and we can look it up.
From the mail server, go to  a web site www.whatismyip.com and tell us what you get.  And, does it match what is returned by the MX lookup?
0
 
j_ramesesInfo Sys MngrAuthor Commented:
yes we have a static ip address
i cannot ping my ip address
when you ask about our mx record ip address are you referring to our static ip address?
0
 
Antonio VargasConnect With a Mentor Microsoft Senior Cloud ConsultantCommented:
do what stone said.. continue the nslookup steps.. after getting the address go to the site he gave you and compare the addresses... mx record is the address the mail is sent everytime someone from outside trys to send your company mail.. if it's wrong sent mail will be lost..
0
 
j_ramesesInfo Sys MngrAuthor Commented:
sstone55423,

I get the following:

Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.

C:\Documents and Settings\Administrator>nslookup
*** Can't find server name for address 10.0.0.1: Non-existent domain
Default Server:  UnKnown
Address:  10.0.0.1

> set type=mx
> mywebsite.com
Server:  UnKnown
Address:  10.0.0.1

Non-authoritative answer:
mywebsite.com      MX preference = 0, mail exchanger = 127.0.1.50
>--------------------------
my domain is mybdrn.com so you can look up the mx record.
what website you use to get the mx record?
i will check with our isp if they changed the subnet, but if they changed it the internet would not work and the internet works because i am on the server right now.
0
 
Antonio VargasMicrosoft Senior Cloud ConsultantCommented:
click on this link www.whatismyip.com  and tell me what is your ip
0
 
j_ramesesInfo Sys MngrAuthor Commented:
ip is 96.56.246.234
0
 
Antonio VargasMicrosoft Senior Cloud ConsultantCommented:
your mx record is 127.0.1.50.. check with the isp what's your public ip.. also access the site to check.. ask the isp how many public ips do you have... (can be a subnet of ips)
0
 
Antonio VargasMicrosoft Senior Cloud ConsultantCommented:
access the site to see the ip directly from the mail server
0
 
j_ramesesInfo Sys MngrAuthor Commented:
greatvargas,
my mx record should be identical to my stastc ip address?
0
 
AzyreConnect With a Mentor Commented:
Yes.  Your MX record should be the external IP of your exchange server.
0
 
AzyreCommented:
If you're on a cable modem,  then you probably only have 1 IP address, if so that should be the IP listed in your MX record.  If you have multiple IP's then your MX record should be the IP / IP's assigned to your mail server at your static NAT.
0
 
Antonio VargasMicrosoft Senior Cloud ConsultantCommented:
exactly... but first please tell me something.. your exchange server receives the mail direclty or is it going to get the mail to one external mail server (from one isp) and pushes it to your server? check in system manager if you have a pop3 connector.. if not than your mx record should be one of your external ip addresses.. if you only have one.. it should be that one..
0
 
sstone55423Commented:
127.0.1.50 can't be correct.  That is an internal only IP, and not an external IP.
0
 
j_ramesesInfo Sys MngrAuthor Commented:
what website can i use to check my mx record?
0
 
sstone55423Commented:
It is also not a correct IP for inside private IP's used through NAT.  It is a loopback IP.
0
 
Antonio VargasMicrosoft Senior Cloud ConsultantCommented:
stone.. loopback reserved ip's are only in the subnet 127.0.0.0/8 .. even though it's strange that mx record ip..
rameses.. you cannot check your mx record in no site.. you have already done it in nslookup.. check if exchange has a pop3 connector in order for us to find out if the mail is directly delivered to you or if you are pushing it from one isp mail server
0
 
j_ramesesInfo Sys MngrAuthor Commented:
i am not using a pop3
0
 
Antonio VargasMicrosoft Senior Cloud ConsultantCommented:
ok.. fine.. now call your isp and ask how many public ip's do you have
0
 
sstone55423Commented:
127.0.1.50 is in the loopback network (/8)  No router will route it.  
Can you give is the email domain name.  We know it is for BDRN, but need the domain in order to do the MX lookup.
0
 
sstone55423Commented:
96.56.246.232 - 96.56.246.239
0
 
Antonio VargasMicrosoft Senior Cloud ConsultantCommented:
ok...rameses... the problem is for sure found.. call your isp and tell them that your mx record is misconfigured and they need to configure it with one ip inside the range that stone gave you
0
 
j_ramesesInfo Sys MngrAuthor Commented:
my email is rguerra@mybdrn.com
0
 
sstone55423Commented:
mybdrn.com. MX IN 86400 127.0.1.50. [Preference = 0]
mybdrn.com. NS IN 86400
 ns1.nameresolve.com. mybdrn.com.
NS IN 86400 ns2.nameresolve.com.
 mybdrn.com. NS IN 86400 ns3.nameresolve.com.
mybdrn.com. NS IN 86400 ns4.nameresolve.com.
ns1.nameresolve.com. A IN 86400 64.94.117.196
ns2.nameresolve.com. A IN 86400 63.251.83.82
ns3.nameresolve.com. A IN 86400 66.150.161.132
ns4.nameresolve.com. A IN 86400 64.94.31.110
 
 
The MX record needs to be changed to 96.56.246.234
0
 
Antonio VargasMicrosoft Senior Cloud ConsultantCommented:
after telling them the mx record error report to us their response
0
 
Antonio VargasMicrosoft Senior Cloud ConsultantCommented:
rameses.. change the mx record to your external ip 96.56.246.234 and test... you need to call our isp to change it
0
 
j_ramesesInfo Sys MngrAuthor Commented:
should it be our website provider or our isp provider that the mx record has to be changed?
0
 
sstone55423Commented:
The TTL is 86400 for the MX, which is 24 hours.  So, it can take that long until the record is updated for some people, so be patient.  Ask them to change the TTL from 86400 to 3600.
0
 
Antonio VargasMicrosoft Senior Cloud ConsultantCommented:
the isp provider...
0
 
sstone55423Commented:
Note changing the TTL will allow any future changes to occure more rapidly, but will not speed up this change.  Most people will get the change right away -- but ironically, people who have been trying to email you regularly may have current cached records, and may take as long as 24 hours to update.
0
 
sstone55423Commented:
The people who manage the DNS:
NAMERESOLVE.COM
      P.O. Box 821650
      Vancouver, WA  98682
      US
      +1.360-449-5933
 
Run by Dotster.

 
0
 
j_ramesesInfo Sys MngrAuthor Commented:
I just finished speaking to my ISP and they said they will update it.
They also informed me that my Exchange and internet should be on separate IP addresses.
Is that true?
It worked fine this long with minor problems that restart solved.
Does it make a difference?
0
 
Antonio VargasMicrosoft Senior Cloud ConsultantCommented:
there is no problem in having the mx record pointed to your internet ip.. when you have only one ip external you can have a website and one exchange server.. that is all managed by static nat entries in the router that say for example that all traffic coming for port 25 (exchange smtp) to to your exchange server inside your company...

hope it helps
regards
António Vargas
0
 
sstone55423Commented:
It is possible that the IP that your Internet goes out on, and the IP that you use for SMTP coming inbound should be different.  The reaosns I asked you to go outbound from your email server was to make sure that the NAT for the mail server address was given.  This should be the right adddress, although there is a small chance that your email server has more than one IP address.
 
If you go to whatismyip.com from a workstation (not youe email server) do you get the same one, or a different one than the one we got before for the mail server?
I am not sure what your last question is.
 
0
 
j_ramesesInfo Sys MngrAuthor Commented:
sstone55423,
I went to a different PC and the IP is the same as the server.
0
 
sstone55423Commented:
Lets wait until they change the MX and then test to see if it works, and if not, we will diagnose further.  I just checked, and at this time, it has not been updated yet.
0
 
j_ramesesInfo Sys MngrAuthor Commented:
everyone,
whenever I enter my IP address on the address bar I get the "Welcome to Windows Small Business Server 2003" homepage.  see attached file to view what i get.
how can i prevent this from happening?
SBS-2003-weelcome-page.doc
0
 
Antonio VargasMicrosoft Senior Cloud ConsultantCommented:
Hi, this happens from the outside because you must have a nat entry in the router to port 80 redirecting to the server. the other cause can be the external ip be configured in your sbs server.. do you have a nic in the server with external addresses? do you have isa server working and publishing services?

regards

António Vargas
0
 
j_ramesesInfo Sys MngrAuthor Commented:
GreatVargas,
yes i have a nic in the server with external address.
I also an an internal nic.
Yes, I have a ISA server working, but I am not sure about publishing services.
How can I check to see if I do?
By the way, the MX record has not propagated yet.
0
 
Antonio VargasMicrosoft Senior Cloud ConsultantCommented:
You need to open your ISA server, go to firewall policies and look for a web site publishing rule. Listener should be on port 80 and your external ip address. You dont want the site to be avaiable from the Internet, right? right click on that rule, choose disable rule, apply the policies and then test. The site should stay avaiable from the internal network using http://internalserverip but not from the Internet.

hope it helps
regards
António Vargas
0
 
j_ramesesInfo Sys MngrAuthor Commented:
Antonio,
I made the changes.
Can you check on your end to see if the SBS Welcome page still shows up.
All our PCs are on the network.
Let me know what you see.
0
 
Antonio VargasMicrosoft Senior Cloud ConsultantCommented:
it's still showing. go to administrative tools, iis, then go to default web site right click and go to properties. see in what ip address he is listening, if any avaiable is selected, select only the internal ip address and restart iis. after doing this tell me to test.

regards
0
 
j_ramesesInfo Sys MngrAuthor Commented:
Antonio,

It was already pointing to the internal IP address.
0
 
Antonio VargasMicrosoft Senior Cloud ConsultantCommented:
what's the name and configurations of the rule you disabled? it must be a web server publishing rule. have you applied the changes in the top of the firewall policies table?
0
 
j_ramesesInfo Sys MngrAuthor Commented:
the one i disabled was : SBS RWW Web Publishing Rule
The other ones I found are:
1) OWA Web Publishing Rule
2) Monitoring Web Publishing Rule
0
 
Antonio VargasMicrosoft Senior Cloud ConsultantCommented:
OWA web publishing rule is correct. It's for the webmail. See on the rww web publishing rule what are the paths included. for example in owa will be /exchange or /owa and others.. see if the root path is on the rule you disabled.
0
 
j_ramesesInfo Sys MngrAuthor Commented:
I did not disabled OWA nor MOnitoring Web Publishinig Rule.

The PAth for RWW is: I clicked on PRoperties and then clicked on the "Paths" tab.
External Path                                              Internal Path
<same as internal>                                    /ClientHelp/*
<same as internal>                                    /Remote/*
0
 
Antonio VargasMicrosoft Senior Cloud ConsultantCommented:
ok, you can enable that rule. thats not the rule we want. that only applys when you access external to http://yourip/clienthelp and /remote
see paths for monitoring web publishing rule and post it
0
 
j_ramesesInfo Sys MngrAuthor Commented:
External Path                                              Internal Path
<same as internal>                                     /Monitoring/*
0
 
j_ramesesInfo Sys MngrAuthor Commented:
I spoke to my ISP and they informed me that I have to contact my webhosting provider to change the MX Record.  I sent them an email and I hope the make the changes as soon as possible because we cannot be another day without email.  We are going to change our webhosting from serverfly.com to our ISP web hosting services.  Serverfly has no phone number listed everything is done by email.
0
 
Antonio VargasMicrosoft Senior Cloud ConsultantCommented:
That's the best to do. regarding the publishing rules, it's also not that one.
something on isa firewall rules must be directing clients to your iis. sure that no other publishing rule is configured?
0
 
j_ramesesInfo Sys MngrAuthor Commented:
I found two other ones:
1)Outlook via the Internet Web Publishing Rule
External Path                                              Internal Path
<same as internal>                                     /RPC/*

2) Windows Sharepoint Services Web Publishing Rule
External Path                                              Internal Path
/*                                                                 /*
0
 
Antonio VargasMicrosoft Senior Cloud ConsultantCommented:
disable sharepoint publishing rule and problem is solved. test internally after disabling the rule and see if it works (test with internal ip).

now it does help :)
regards
0
 
j_ramesesInfo Sys MngrAuthor Commented:
I tested withour static IP and Server IP address and it still shows up.
Can you check on your end maybe because I am on the network it shows up maybe someone outside the network will get a different message.
0
 
Antonio VargasMicrosoft Senior Cloud ConsultantCommented:
It's still up.. have you applied the settings after the change? you need to do it at the top of the page
0
 
j_ramesesInfo Sys MngrAuthor Commented:
yes i did that.
I just closed ISA and turned back on.
maybe that would help.
pls check again.
0
 
Antonio VargasMicrosoft Senior Cloud ConsultantCommented:
still up.. restart the firewall service. check if a symbol pinting down is on the rule indicating that the rule is disabled.
0
 
j_ramesesInfo Sys MngrAuthor Commented:
how do i restart the firewall service?
0
 
j_ramesesInfo Sys MngrAuthor Commented:
the action in SHarepoint is "ALLOW" should it be "Deny"?
0
 
Antonio VargasMicrosoft Senior Cloud ConsultantCommented:
the action is allow.. the policy beeing disabled there will be no action.. enabling the policy and put action to deny should also solve the issue... restart the service inside isa console.. look for services/firewall
0
 
j_ramesesInfo Sys MngrAuthor Commented:
i enabled and selected deny the sharepoint and clicked on apply.
when you say restart the servie are you referring to enabling the sharepoint?
how do i restart the service inside the ISA console?
I cannot find services/firewall.
0
 
Antonio VargasMicrosoft Senior Cloud ConsultantCommented:
No changes are beeing made... do you click apply twice? you must.. apply in the message box were you make the changes.. and apply on the top of the page everytime you make a change...
sharepoint still online
0
 
j_ramesesInfo Sys MngrAuthor Commented:
yes, i click on the apply button that is on top and then i click on the ok button when the window pops ups.  I just reverese the changes and made the changes again so that the service is enabled and the action is deny.
0
 
Antonio VargasMicrosoft Senior Cloud ConsultantCommented:
still online. go to services tab on admin tools in control panel a restart service of firewall. again you can have another publish rule active. look for it
0
 
j_ramesesInfo Sys MngrAuthor Commented:
what exactly should I look for in a path?
should i be looking in the path?
if yes, should i remove the path or disable the option.
0
 
j_ramesesInfo Sys MngrAuthor Commented:
i restarted MS Firewall.
Can u check now?
0
 
sstone55423Commented:
J Ramses:  You have to contact the people who manage your DNS, not your ISP, or your web hosting (which for some people are the say, and others they are different.)  I gave you the contact for the DNS earlier.

The people who manage the DNS:
NAMERESOLVE.COM
     P.O. Box 821650
     Vancouver, WA  98682
     US
     +1.360-449-5933

Run by Dotster.
Contact by phone, not by email.  The average time for response is much longer for email requests.
As for all of the ISA problems.  Most peope have an appliance firewall, and have moved away from ISA server or other software based firewalls, as they are just too difficult to manage.
 
 
0
 
Antonio VargasMicrosoft Senior Cloud ConsultantCommented:
As last resort delete the sharepoint publish policy. something is not beeing well done. also it can be one of the other web publish policies that also have the /* path.. check them all. some must have the path... remove it. it must work.
0
 
sstone55423Commented:
How does it look?  How are things going?
0
 
j_ramesesInfo Sys MngrAuthor Commented:
sstone55423,
The problem was that our domain registration expired.
I will still award points because if it wasn't for the MX record notes I would have not known what the problem was.
I have not closed this post because I am trying to resolve an issue that GreatVargas is helping me out with.
0
 
sstone55423Commented:
Great!  Thanks and good luck.
0
 
Antonio VargasMicrosoft Senior Cloud ConsultantCommented:
Hi rameses... how's the isa server issue? ISA is not the best of the best but publishing a web site without the admin want is not the type of microsoft bugs.. we have to look at all the publish site rules.. one or several must be publishing the /* path..
keep me posted

regards
António Vargas
0
 
j_ramesesInfo Sys MngrAuthor Commented:
Great Vargas,
So I then go item per item and check to see who has /*.
If I find that SHould I then delete it?
If I delete it, will it affect my ISA in a negative manner?
0
 
j_ramesesInfo Sys MngrAuthor Commented:
GreatVargas,

I found the following:
SBS Business Card Web Publishing Rules with an "/" as internal path.
and the other was the one mentioned before:
SBS Windows SharePoint Services Web Publishing Rule both internal and external path of "/*",
the action is "Deny" and it is enabled.

What do you suggest?
0
 
j_ramesesInfo Sys MngrAuthor Commented:
GreatVargas what do you suggest?
0
 
Antonio VargasMicrosoft Senior Cloud ConsultantCommented:
Both publishing rules have the deny action and are enabled?
i suggest that you disable all you web publishng rules and we test. after that we will enable all one by one.
0
 
j_ramesesInfo Sys MngrAuthor Commented:
SBS Business Card Web Publishing Rules with an "/" as internal path has is allow and enabled.
0
 
Antonio VargasMicrosoft Senior Cloud ConsultantCommented:
what's the external name to access the site you dont want to have published?
0
 
j_ramesesInfo Sys MngrAuthor Commented:
I do not understand your question.
0
 
Antonio VargasMicrosoft Senior Cloud ConsultantCommented:
what address do you type to access the site externally? the site that you dont want published.
0
 
j_ramesesInfo Sys MngrAuthor Commented:
all i enter is my IP address and then it pops up
0
 
j_ramesesInfo Sys MngrAuthor Commented:
greatvargas?
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.