asked on

How can I tell if my Exchange server is timing out or not accepting connections?

I have two MX records for my mail server, a primary(10) which points to my public IP address which is then NAT'd on the firewall to my server, and then a backup MX record(90) which points to my ISP's server in the event that our server is down, they will collect email until it is back up again. Anyways, we are able to send and receive email 24/7 just fine with no issues. An issue came up th other day where another domain behind our firewall can't send us email, it just get's "lost". Sometimes we get it hours or days later.....So my ISP said they checked their logs for their server and there's a TON of emails not getting through to us. Here's a sample from the log (all entries are the same error):

Jul 16 10:24:52 mailx mx/error[59967]: 5339EC9469: to=<user@mydomain.com>, relay=none, delay=278907, delays=278907/0.03/0/0, dsn=4.4.2, status=deferred (delivery temporarily suspended: lost connection with mail.mydomain.com[<MY PUBLIC IP>] while sending MAIL FROM)

ASKER CERTIFIED SOLUTION

tmeunier

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

tenover

ASKER

I think I fixed it by creating a rule on our Sonicwall. Since both of our seperate networks are behind the same firewall, it wouldn't let us see each others public mail server IP addresses. I created a rule that said "just use each others internal IP addresses for SMTP to each other" and that seems to have done it. One more question though......What would cause an Exchange server to sometimes respond to telnet on port 25 and not other times? I ask because our backup MX record (ISPs) has a boatload of email in it that for some reason went to that MX instead of our primary.....

tmeunier

Well, your server should ALWAYS be answering on port 25, and if you want to ensure that it is, there are a number of good utilities that can attempt connection every x seconds/minutes etc. IPCHECK or ServersAlive or WhatsUp Gold, can be had for cheap. At any rate, the most common reason I see mails queuing at a 2ndary MX is because spammers know that many times we purchase expensive messaging hygeine apps for our primary MX, but leave our secondaries unprotected. So I would ordinarily expect to see tons of SPAM going to the 2ndary MX, and less valid mail. If you have this happening a lot, definitely set up one of the keep-alive checker utils, to hit your server from an external location, and alarm.

tenover

ASKER

That makes sense, and I actually thought that might be the case (Spam going to secondary MX). I guess there's no way to really check though, huh?

tenover

ASKER

Was an issue on the firewall due to the two different LANs being behind the same firewall. I needed to create explicit rules to allow SMTP to flow between the two LANs. Thanks for your help.