Solved

pop3 exchange not working possible DNS issue

Posted on 2009-07-08
14
425 Views
Last Modified: 2013-11-29
had posted earlier about a bounce message. Fix was I repoint my MX records. That did work but now I do not have external POP3/OWA connections.

The change made was
mail.egearusa.com was pointed at 24 .247.236.3 and now is pointed at 24.247.236.4. Our Barrucuda Spam filter is also on 24.247.236.4 and is receiving mail fine. Our internal exchange is fine as well sending and receiving. It is just our external POP3/OWA connection that no longer works. Please let me know if you need any other info.
0
Comment
Question by:egear
14 Comments
 
LVL 6

Expert Comment

by:cmccall
Comment Utility
You probably need to have your firewall configured to forward port 80 and 443 traffic to you exchange servers instead of you Barrucuda box.
0
 
LVL 70

Expert Comment

by:Chris Dent
Comment Utility

POP3 runs on TCP Port 110, so don't forget that one.

Chris
0
 
LVL 6

Expert Comment

by:MikeeMiracle
Comment Utility
Yes you will need to do some port mapping to send traffic to port 25 to your Barracuda and 110/80 (or 443 if your using https) to your exchange box.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
Comment Utility
How is your network configured?  Is it as per the image attached?
If not, please describe your environment.
If it is, then you presumably have multiple IP's configured on your Internet Connection.
Do both IP's (24.247.236.4 / 24.247.236.3) come in on the same firewall?

Barracuda-Network-Layout.jpg
0
 

Author Comment

by:egear
Comment Utility
Attached are some screen shots of the firewall configuration.

Cable modem to firewall to core switch from there Barracuda, email server, phone switch, then rest of the network.  

alanhardisty: you are correct in your map.


Translation-Rules.bmp
System-Properties---Interfaces.bmp
Hosts-Networks-Outside-Interface.bmp
0
 
LVL 76

Expert Comment

by:Alan Hardisty
Comment Utility
Are you able to export the config from the Cisco Pix to a text file?
It would give me all the info I need and would tell me how to help you.  You can email it to me if you prefer so that you are not advertising everything (could be a poor config that could be abused).  Details in my profile.
0
 

Author Comment

by:egear
Comment Utility
alanhardisty: Did you get the text file?
0
6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

 
LVL 76

Expert Comment

by:Alan Hardisty
Comment Utility
Sorry - yes - just processing it (and dinner!)
0
 

Author Comment

by:egear
Comment Utility
Thank you. Enjoy dinner :)
0
 
LVL 76

Expert Comment

by:Alan Hardisty
Comment Utility
Okay - blew my head with your PIX file - I need to learn more about CISCO commands!
Basically, I can telnet to your IP 24.247.236.3 on port 110, so communications are open, so it would be a DNS issue that is causing you a problem.
You don't have anything pointing in DNS to 24.247.236.3 so you need to add an A record for this IP and a CNAME such as POP3 and/or OWA and then use these to direct your POP3 / OWA to and off you go.
0
 

Author Comment

by:egear
Comment Utility
Please see attached screen shot of the DNS configs.

Here is the problem. The external OWA and POP3 worked fine when mail.egearusa.com was pointed at 24.247.236.3 but it was causing some of the mail to bounce as well since all the mail flows through the barracuda 24.247.236.4. So we changed the mail to .4 and have not had any bouncing anymore.

So now that I have a pop3.egearusa.com pointed at 24.247.236.3 how do I check on the inside that is pointed to the pop3/ OWA?

DNS-shot.bmp
0
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 500 total points
Comment Utility
These entries in your PIX Config allow the ports and I can telnet to port 110 and get through to your POP3 server. OWA will use https, so you should be fine if you use https://pop3.egearusa.com/exchange - I get a login prompt (see attached)
access-list outside_access_in permit tcp any host 24.247.236.3 eq pop3
access-list outside_access_in permit tcp any host 24.247.236.3 eq https

 

Telnet.jpg
OWA-Login.jpg
0
 

Author Closing Comment

by:egear
Comment Utility
Thank you for your help and follow through. You truly are a Guru.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
Comment Utility
Glad you are sorted now and appreciate the points.
Dinner was lovely :-p
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now