• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 295
  • Last Modified:

How can email end up on the wrong server?

Hi All,
I have a rather angry client that had a SmallBusiness Server 2003 in his head office, running exchange as their mail server. Due to some logistic consideration, we have created a new server ( it was a little more complicated but in essence) and placed an EXSi dual quad server into a Data Centre.

From this moment we started to have wierd problems. Some of the problems were caused by me overlooking new factors introduced by being on an open WAN. In any case, the final setup is:
Debian firewall with IPTables as the gateway.
SBServer as the exchange and file server
Terminal Server ( windows XP running RDPlus)
The apropriate ports are forwarded to the two servers throung IPTables. The two Windows servers sit on a local IP range not accessable from the WAN

This above is what is in the data-centre.

In the Head office:
The original Linux box, SmallBusiness Server and same XP Running RDPlus

The delegation is set to point to the new server, but the emails are still ending up on the old server in the Head office

Thedelegation has been checked a number of times, just to see if we missed anything... no, all looks ok. We have done the same kind of delegation for years for many clients, never had any similar issues.

If I check the domain name/ IP address, all looks good. nslookup returns the correct setup, ping returns the correct IP, but when the email leaves, it goes straight to the OLD server in HO.

I thought maybe some forwarding, we chaked over and over again, no pop 3 connector, no forwarding...
To make sure it is not something "hidden" I set up an account called mlog, and forwared all incoming and outgoing emails on both servers to the respective mlog account.
Guess what? The emails don't even touch the server in the DC. They only appear to show up on the HOffice. So we are stuck.
How can this happen?
TIA,

Tom
0
tom_szabo
Asked:
tom_szabo
  • 3
  • 3
1 Solution
 
Maciej SsysadminCommented:
What do you mean by 'delegation'? MX? When did you change this? Name servers need some time to refresh your new entry (it takes approximately something about 48 hours).
Can you write here what is your domain so we can check it (as well as your old and new server's name/ip)?
0
 
tom_szaboAuthor Commented:
I am happy to give it to you directly, but prefer not to give details publicly: my email is tom -at- intersoft.net.au - send me an email and I will send you the details
TIA,
Tom
0
 
tom_szaboAuthor Commented:
Hi Oklit, Your server rejected my email!  >>Client host rejected: I don't want emails from APNIC<<
0
Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

 
Maciej SsysadminCommented:
Heh.. antispam rule ;) This will be my first nonspam email from APNIC's IP range ;)
I've added your email to whitelist - try again.
0
 
Maciej SsysadminCommented:
Information for other experts: I was asked to not reveal details, but I still wanted to answer it here - it can still be helpful for other EE users (I hope :)) even without concrete domain/hostnames.

So - I checked MX's for your.domain.name, and it looks, that you are using external company's SMTP to receive your emails, which are later relayed/forwarded to your own SMTP.
For "host -t mx your.domain.name" command I got answer:
your.domain.name mail is handled by 10 10smtp (real name hidden :))
your.domain.name mail is handled by 20 20smtp (real name hidden :))
your.domain.name mail is handled by 30 30smtp (real name hidden :))
your.domain.name mail is handled by 40 40smtp (real name hidden :))
your.domain.name mail is handled by 50 50smtp (real name hidden :))

Your new smtp server has lowest priority (50), so as long as previous ones (10smtp, 20smtp, 30smtp, 40smtp) are working, it will not receive any email (theoretically - some spammers are often sending their emails through MX's with lowest priority, but it's not the case right now).                                                                                                                              

You are pointing your main MX's to external company's SMTPs, so you should tell them, that your own SMTP server has changed, and give them its new IP (or - if you have access to some configuration panel, change this by yourself).                                                                                                                                                 I don't know this external company, and I'm not familiar with services they are offering, but it looks, that they are not aware of your server's IP change.                                                                                                                                            

Other solution could be to change priority of your SMTP server (the one with new.ip.address) to 0, but then you will of course miss features offered by external company.

Hope this helps
0
 
tom_szaboAuthor Commented:
Thanks for the help, as it turned out it was an issue with the Postini system, all sorted now, Thanks again
0

Featured Post

A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now