Solved

SBS 2003 email not flowing

Posted on 2009-05-13
16
603 Views
Last Modified: 2013-11-30
I have an email traffic issue on a new setu that appears to be an external dns issue, but I need some kind of confirmation on this. This is a new install of SBS 2003 and I have run the CEICW with all the correct paramaters. I can telnet to port 25 from within the network, but not the outside world. I have a router with ports forwarded and can connect to the server via vpn, rdp, and owa. Sent mail will also not leave the server, eventually giving a message that the remote server did not respond. The test emails I send from my gmail account come back with 550 550 <user@mydomain.com>: User unknown (state 14) almost immediately. Something strange I see in the NDR is that thw smtp server rejecting has an IP of 10.x.x.x which is a private ip block. I need help with this fat as the Customer is getting rather impatient.
0
Comment
Question by:GandalphWizard
  • 6
  • 5
  • 3
  • +1
16 Comments
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 24378906
It sounds like a DNS issue to me, but you have both internal and external issues.  If your email will not go out, that is an internal DNS issue.  Please post the IP configuration information on your server.  Also, on your SBS server, do you have forwarders set up in DNS, and if so what are those? Can you browse the Internet from the SBS server?  Do you have ISA or another proxy server or firewall running on your server?
As for external DNS, who is hosting your external DNS zone? Have you added an A (Host) and MX (Mail Exchanger) record on your external DNS zone to point to the public IP address of your Internet connection?  
0
 
LVL 1

Expert Comment

by:Damag3d
ID: 24378929
Hi,
Can you telnet a destination server on port 25 from your SBS machine? I assume that the SBS server can browse internet pages if you wanted it to?
It is a bit strange that you would be getting NDR's with a private IP referenced as no private IP's are routable on the internet.

Can you nslookup from the SBS server and set type=mx for the destination domain? Once you obtain the mail server you need, can you telnet it (25)?

Also, are you receiving mail?

0
 
LVL 6

Expert Comment

by:jesusrulesme
ID: 24378939
Even if you are having DNS issues, you should be able to telnet to your WAN IP on port 25 and get a response.  This is definitely a problem.  If you can't telnet to port 25 from the outside, you're not going to be able to receive email.  Verify that port 25 is forwarded in your router to the proper internal IP address.
0
 
LVL 1

Author Comment

by:GandalphWizard
ID: 24379085
the server is behind a router with an internal ip in the 192.168.x.x. All necessary ports are forwarded to the server in the router and I can get through the router on the vpn, rdp, and owa ports. dns forwarders have been setup using the ISP's dns and the dns hosts dns. There is no proxy/firwall running. The dns host has an mx record pointing to mail1.mydomain.com and an a record pointing mail1.mydomain.com to the assigned static ip address given by the isp. Lastly, port 25 is indeed forwarded and I can reach the server via all other forwarded ports.
0
 
LVL 1

Assisted Solution

by:Damag3d
Damag3d earned 250 total points
ID: 24379171
Hi,

Lets not worry about the port forwarding for now, that is for mail and resources inbound. What I want to find out first off is,
1) Can you telnet a destination mail server on port 25 and get a response
2) Can you successfully perform and nslookup from your SBS server and see the MX records for the destination hosts?
3) When you perform an nslookup with set type=mx can you post the outputs?
4) Can your SBS server get out to the internet? - I reilise that you are able to get in.
0
 
LVL 1

Accepted Solution

by:
GandalphWizard earned 0 total points
ID: 24379378
1) Can you telnet a destination mail server on port 25 and get a response
no I cannot
2) Can you successfully perform and nslookup from your SBS server and see the MX records for the destination hosts?  yes
3) When you perform an nslookup with set type=mx can you post the outputs? not sure what you mean here, the results output on the screen, I cannot post then here
4) Can your SBS server get out to the internet? - I reilise that you are able to get in.  yes
0
 
LVL 38

Assisted Solution

by:Hypercat (Deb)
Hypercat (Deb) earned 100 total points
ID: 24379488
Is it possible that your ISP has port 25 blocked?  I've heard that some ISP's do this to prevent spam, which would mean that you would have to see if they can unblock it for your IP address, or you might have to use an SMTP connector to forward your outgoing email through one of your ISP's mail servers.
0
 
LVL 1

Author Comment

by:GandalphWizard
ID: 24379524
I asked the ISP that very same question and got an emphatic no as an answer, but it still seems likely since I cannot teleport out through port 25 either. I s it possible it is blocked on the modem?
0
Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

 
LVL 1

Expert Comment

by:Damag3d
ID: 24379629
C:\Documents and Settings\admin>nslookup
Default Server:  name.domainx.com
Address:  x.x.x.x

> set type=mx
> google.com
Server:  server.domain.com
Address:  xxx.xxx.xxx.xxx

Non-authoritative answer:
google.com      MX preference = 10, mail exchanger = smtp3.google.com
google.com      MX preference = 10, mail exchanger = smtp4.google.com
google.com      MX preference = 10, mail exchanger = smtp1.google.com
google.com      MX preference = 10, mail exchanger = smtp2.google.com
>

Hi,

Please look at this output from nslookup on how to query mx records. This is more of a FYI.
But yes if DNS is working fine as you say above then your main problem here is the inability to connect to mail servers SMTP ports. Somthing is blocking this, whether its your ISP or someing installed on your Server/network, unfortunatly you will have to dig a bit deeper to find out.
0
 
LVL 1

Expert Comment

by:Damag3d
ID: 24379636
What router and or modem do you have?
0
 
LVL 1

Author Comment

by:GandalphWizard
ID: 24379647
I should note that, as per the ISP's suggestion, I have changed the outbound smtp port to 587.
0
 
LVL 6

Expert Comment

by:jesusrulesme
ID: 24379650
Outbound port 25 blocking could be done on your firewall.  I always set up firewalls to block outbound 25 and put in a specific rule for the Exchange server.  Are you trying to telnet from the server, or from a workstation?  Go to shields up at www.grc.com and run the test on all ports.  That will tell you what is open and what isn't.  If it says port 25 is closed, that's definitely a problem (as far as inbound email is concerned).
0
 
LVL 1

Author Comment

by:GandalphWizard
ID: 24379727
Router is a basic Cisco/Linksys DSL router (although I have also tried it with a Netgear router) and not sure of modem (I am not currently onsite).

Here is nslookup output for one of the email domains
> > Server:  server.mydomain.local
Address:  192.168.x.x

yahoo.com      MX preference = 1, mail exchanger = b.mx.mail.yahoo.com
yahoo.com      MX preference = 1, mail exchanger = f.mx.mail.yahoo.com
yahoo.com      MX preference = 1, mail exchanger = e.mx.mail.yahoo.com
yahoo.com      MX preference = 1, mail exchanger = a.mx.mail.yahoo.com
yahoo.com      MX preference = 1, mail exchanger = d.mx.mail.yahoo.com
yahoo.com      MX preference = 1, mail exchanger = c.mx.mail.yahoo.com
yahoo.com      MX preference = 1, mail exchanger = g.mx.mail.yahoo.com

b.mx.mail.yahoo.com      internet address = 66.196.97.250

0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 24379823
If you are trying to send outbound email direct, as opposed to using your ISP's SMTP server to relay email, then you cannot send outbound on port 587.  By changing your outbound port to 587, you are effectively closing (i.e., not using) port 25 to send email. In order for outbound mail on port 587 to be received, the server on the other end has to be receiving on port 587.  This is what your ISP does - they receive the email on port 587 and then send it out on port 25, so if you are relaying through them that would work. Change your outbound port back to 25, and it should start working normally.
0
 
LVL 1

Author Comment

by:GandalphWizard
ID: 24379862
OK, problem solved. It turns out the ISP was blocking port 25 and I would not have the proof without Damaq3d's bringing to light telneting from the server to outbound mail severs, so I will be graning him 1/2 the points and some points to hypercat for being helpful as well.
0
 
LVL 1

Expert Comment

by:Damag3d
ID: 24380127
very glad you got to the bottom of it :)
0

Featured Post

Too many email signature changes to deal with?

Are you constantly being asked to update your organization's email signatures? Do they take up too much of your time? Wouldn't you love to be able to manage all signatures from one central location, easily design them and deploy them quickly to users. Well, you can!

Join & Write a Comment

Suggested Solutions

Check out this infographic on what you need to make a good email signature that will work perfectly for your organization.
Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
In this video we show how to create a User Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Mailb…
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now