• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 588
  • Last Modified:

How do I get my Exchange to receive emails from outside the network when it used to work until I uninstalled a software?

On Monday we were able to receive emails.
We  were  having problem with one of our software (FIleMaker Server) so we uninstalled it and then reinstalled it.  That was the only changes mde to the server.  That should not affect Exchange 2004.  We are running SBS 2003.  We are able to send/receive emails from within the network.  We are able to send emails out of the network(I tested it).  The sender from outside the network receives a NDR when they send emails to us.  How can I correct this so we can receive emails.  No changes were made to the server.
0
j_rameses
Asked:
j_rameses
  • 14
  • 11
1 Solution
 
tigermattCommented:

What NDR message do the external senders receive?

At this stage, you probably also want to re-run the Connect to the Internet wizard from the SBS Server Management console > Internet and Email tab. If there is a problem with the server, re-running the wizard should fix it.

-Matt
0
 
j_ramesesInfo Sys MngrAuthor Commented:
tigermatt.
The wizard did not solve the problem.
I just remembered something.
Two weeks ago our MX record was matching our static IP address.
At that same time we had a Cisco firewall installed and they changed the IP address to a different number.   Could this be the problem?  That the MX record is not pointing in the new IP address?
0
 
j_ramesesInfo Sys MngrAuthor Commented:
We were receiving emails fine until yesterday.
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
tigermattCommented:

It could be a possibility. Can you post your public email domain here (just the part after the @ sign)? I can run some tests against it and see where your problem is.

-Matt
0
 
j_ramesesInfo Sys MngrAuthor Commented:
mybdrn.com
0
 
tigermattCommented:

Things seem to be in order DNS-wise, although you need to get your Reverse DNS record sorted with your ISP. At present, the reverse DNS for your mail server (96.56.246.234) goes to mybdrn.com. Instead, this needs to match the MX record; in other words, Reverse DNS for 96.56.246.234 should map to mail.mybdrn.com. This, however, will not stop inbound mail flow.

I was able to get a connection to something which was listening on port 25 at 96.56.246.234. However, no commands I issued in the SMTP session were accepted. You said you had a Cisco firewall installed. I have had issues in the past whereby some sort of SMTP scanning / filtering feature was enabled in the firewall which causes the SMTP sessions to become mangled. That is what seems to be occurring here, since the SMTP banner is mangled when I first connect to the session. The exact name of the feature escapes me at the moment, but can you look in the Cisco admin interface and see what you can find called SMTP something. SMTP screening, filtering, monitoring... something like that.

I would suspect that feature in the Cisco firewall is what is causing the issue. It's definitely not DNS.

-Matt
0
 
tigermattCommented:
Aha... I think it's the Mailguard feature. It's described in http://support.microsoft.com/kb/295725. I am 90% positive this is what is causing the issue; it has done in the past, and that feature of the Cisco firewall needs disabling for SMTP traffic to work again.

-Matt
0
 
j_ramesesInfo Sys MngrAuthor Commented:
that was my old mx record and ip address.
my new one is 96.56.246.238.
the mx record is pointing to 96.56.246.234.
if the pointer is changed should that resolve the email problem?
0
 
j_ramesesInfo Sys MngrAuthor Commented:
i do not have a Cisco PIX firewall.
I have a Cisco ASA5510 firewall.
0
 
tigermattCommented:

If the IP on the MX record is incorrect then that will be where the issue is. You will need to get that changed so the MX record points to the new IP address.

You will still need to contact the ISP and get the Reverse DNS record set correctly for that IP, so the MX record's IP maps in Reverse DNS to mail.mybdrn.com.

However when connecting directly to 96.56.246.238 on port 25, be aware the connection is refused. You'll need to check the port mapping is set in the firewall.

-Matt
0
 
j_ramesesInfo Sys MngrAuthor Commented:
Matt,
WHen  you say : "
However when connecting directly to 96.56.246.238 on port 25, be aware the connection is refused. You'll need to check the port mapping is set in the firewall."
Can this be a problem because the MX record is pointing to .234 instead of .238?

Also, why am I able to send emails out of the network?
0
 
tigermattCommented:

The MX record wasn't an issue in my last test because I connected directly to the IP address you specified (.238). Therefore the MX record was eliminated; the firewall has to be what is restricting the connection in this instance.

Emails can be sent out because they don't rely on the MX record for external sending - particularly if you use a Smart Host to send mail.

-Matt
0
 
j_ramesesInfo Sys MngrAuthor Commented:
the port mapping should it be 25?
WHat should I tell the company that installed my firewall?

I just had the MX record changed to .238.
The reverse DNS is pointing to mail.mybdrn.com.

You mention that the firewall could be the issue.  Why would we be able to receive emails for three weeks and then all of a sudden we are unable to?
0
 
j_ramesesInfo Sys MngrAuthor Commented:
Here is the message I got from the Cisco rep:
"All smtp on port 25 is going to your server directly"
0
 
tigermattCommented:

Yes. The SMTP port mapping should be port 25.

I'm seeing the MX record as being updated, so it is now 96.56.246.238. I can't see the PTR record for that IP yet, but it can take time to propagate through DNS.

As for connecting to the Exchange Server, I still cannot connect on either mail.mybdrn.com or directly on the IP address. This would indicate either the server is not listening, or the firewall is wrongly configured. We can test this. On a network joined PC, open a command prompt and type the command telnet <IP of Exchange Server> 25 - if you get a reply something like 220 mail.mybdrn.com Microsoft ESMTP... then the server has responded. If that is the case, it pretty much proves this is a firewall issue and the issue must be reported back to the Cisco installer.

-Matt
0
 
j_ramesesInfo Sys MngrAuthor Commented:
is the ip address of the exchange server the same as the default gateway?
if no, how do I find the IP address of the exchange server?
0
 
j_ramesesInfo Sys MngrAuthor Commented:
if the ip address of the exchange server is the same as  the default gateway, these are the results:

Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\Documents and Settings\Administrator.BDRN>telnet 10.1.1.1 25
Connecting To 10.1.1.1...Could not open connection to the host, on port 25: Conn
ect failed

C:\Documents and Settings\Administrator.BDRN>
0
 
tigermattCommented:

Internally the IP address of the Exchange Server won't be the same as the gateway. It will be something different.

Go to the Exchange Server and enter ipconfig /all at a command prompt. That will give you the IP to use in a telnet session.

-Matt
0
 
j_ramesesInfo Sys MngrAuthor Commented:
I only have one server that runs both SBS 2003 and Exchange 2003.
I typped IPConfig /all and these are the results:

Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.

C:\Documents and Settings\Administrator>ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : nameofserver
   Primary Dns Suffix  . . . . . . . : domain.local
   Node Type . . . . . . . . . . . . : Unknown
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : Yes
   DNS Suffix Search List. . . . . . : DOmain.local

Ethernet adapter LAN:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Marvell Yukon 88E8056 PCI-E Gigabit Ether
net Controller
   Physical Address. . . . . . . . . : 00-1A-4D-43-E3-84
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 10.1.1.10
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 10.1.1.1
   DNS Servers . . . . . . . . . . . : 10.1.1.10
   Primary WINS Server . . . . . . . : 10.1.1.10

C:\Documents and Settings\Administrator>

Which Ip address should I use?
0
 
j_ramesesInfo Sys MngrAuthor Commented:
can you check the ptr record.
I do not know what that is and where to get it.
0
 
tigermattCommented:
The IP address of the server is what we are concerned about here. The server's IP is 10.1.1.10. Type that into a telnet 10.1.1.10 25 session and see if you get a response.

-Matt
0
 
j_ramesesInfo Sys MngrAuthor Commented:
these are the results:

220 nameOfServer.Domain.local Microsoft ESMTP MAIL Service, Version: 6.0.3790.3959
 ready at  Thu, 19 Feb 2009 10:24:53 -0500
0
 
tigermattCommented:

That indicates that the SBS server is listening correctly on the SMTP port (25) and that there is no problem with the server. This leaves only the firewall, and nothing other than the firewall, that could be the problem here.

Get back on to the company who installed the firewall and insist there is a fault with the port 25 mapping on 96.56.246.238. They are the ones who will need to sort this out for you in the firewall configuration.

-Matt
0
 
tigermattCommented:
Also, you might want to give the ISP a call and make sure they aren't blocking port 25... but I doubt that's the issue.

-Matt
0
 
j_ramesesInfo Sys MngrAuthor Commented:
Matt,

Last week on the 19th, I spoke to Microsoft and they troubleshooted the problem.
But they found nothing.  They told me to contact my ISP.  So I did.  No problem at their end.  Both of them suggested it was the firewall people.  I contacted Cisco right away and  they tried to trouble via remote connectionand from their end.  They said nothing is wrong with the firewall but if we wanted a better examinationthey'll have to come over at an expense ($450).   SO we made the arrangement for Monday.
They cam and examined it with two Cisco engineers and they found nothing wrong with the unit.  They said it is defiantely the Exchange server.  I contacted Microsoft and spoke to a different rep and he had me download two separate executables which he said will help to fix the problem.
I downloaded and ran the executables and he did a iisreset or iisrestart.  Then we started receiving emails.
I would like to thank you but unfortunetaly I cannot award any points.

The name of the two downloadbles were:
metaEdit 2.2
exMetabaseCheck
0

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

  • 14
  • 11
Tackle projects and never again get stuck behind a technical roadblock.
Join Now