When I type my mail ip on MXtoolbox.com, I get timeout errors from three diffrent blacklists. how can I clear out these errors.

Everytime I send to an email account such as comcast, sbcglobal, and cox, I get delivery failures from my exchange server.
castroe5Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

TekServerCommented:
A few of the DNS lookup tests (usually at the bottom of the list) are always going to time out.  Check out this MXToolbox report for the MX server at Microsoft.com:  http://www.mxtoolbox.com/SuperTool.aspx?action=mx%3amicrosoft.com

So if those are the only errors you see in the MXToolBox report, then you don't have a blacklist problem.  Check your DNS server that serves your Exchange box, and make sure its forwarders are configured correctly so that the Exchange box can resolve external domains correctly.

:)
0
castroe5Author Commented:
On my DNS server, how do I check the forwarders?
0
castroe5Author Commented:
I was able to check the forwarders and my DNS servers were not listed. I added my DNS servers to the list. I hope that fixes the problem. What else can I check that could be causing this?  
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

castroe5Author Commented:
thank you for your advise TEKserver
0
TekServerCommented:
Sorry I didn't get back to you earlier; I was away from my computer.

To clarify my earlier statements, here is the progression of DNS server references:

  • The DNS server settings (under TCP/IP settings for the network connection) on your Exchange box should point to the internal DNS server(s) for your domain.
  • On your domain DNS server(s), in the properties of the DNS server (right-click "My Computer" -> "Manage", expand "Services and Applications", expand "DNS", right-click your DNS server -> "Properties") under the "Forwarders" tab you should have listed one or more internet DNS servers.  Chances are these are already present; otherwise you'd have internet access (specifically DNS resolution) problems.  You can, if desired, test if there is a problem with these by replacing them with the OpenDNS servers (208.67.222.222 and 208.67.220.220; don't forget to write down your numbers before replacing them!).
If you have any sort of DNS proxy device in place (e.g. for a content filter or similar device), there may be additional "hops" in the DNS resolution path in your environment.

Now, having said all of that, there are some simple tests you can do from your Exchange box to test DNS resolution.
  • First, go to MXToolbox.com and pull the MX records for the domains to which you are unable to send mail.
  • Then go to your Exchange box, and try to ping their mail servers, both by DNS name and by IP address.
    • If you can't ping them by name, you have a DNS resolution issue somewhere along the line.
    • If you can't ping them by IP address, you have a routing issue (or else something along the way is blocking pings).
  • If you can ping their mail servers (or suspect something like a firewall is blocking your ability to ping), you'll need to test whether you can connect to their mail server on port 25 (SMTP).  Do this from a command prompt with telnet:  "telnet mail.cox.net 25" (replace with appropriate mail server address).
  • If you get a response, you can use the telnet interface to send commands to the mail server to send a test message.  There is a Microsoft article on how to do this here; this page has a somewhat more concise example that may help.
If you've gotten this far with no errors, chances are there could be a problem with the recipient e-mail addresses themselves; double check them for easy to miss spelling errors (I've seen it plenty of times before).  Also, if you get errors back from the telnet tests, these could point you in the right direction as well; you can Google them or post them back here for us to look at.
Worst case scenario would be a problem somewhere in the internal settings of your Exchange server; if that looks to be the case, we'll need to do additional troubleshooting to figure out where the issue is.

I hope you find something useful in all my rambling up there!
:)
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
castroe5Author Commented:
From my exchange box, I was unable to ping those comcast and cox mail servers such as mx1.comcast.net, mx2.comcast.net. I tried the corresponding ip address and it also failed. Therefore I have a dns and routing issue. how can I fix the routing and dns problem? What is a good start?
0
castroe5Author Commented:
The response gave me insight but was not an accurate solution.
0
TekServerCommented:
Well, had you not impatiently closed the question with a "B" grade, I probably would have tried to continue helping you troubleshoot the problem.  It would most likely have looked something like this:

*********
Did you try the telnet tests?  As I hinted at before, your router/firewall may be blocking outgoing pings.  It's also possible that the mail servers you're pinging are configured not to respond to pings themselves (not an uncommon way to protect against Ping Flood type attacks).

If you still can't reach the mail servers by IP address using telnet on port 25, then you have a routing or port blocking problem - NOT a DNS problem.  Don't waste your time trying to chase DNS settings and resolutions; you're better off troubleshooting the routing.  Check your router for any settings that might be blocking or misdirecting traffic.  Also, a program such as PingPlotter can help run traceroutes on non-standard ports (like port 25, for instance) to see where the route is failing.  You can also try the telnet test on port 110 (POP), to see if port 25 is being blocked.  And it's probably a good idea to contact your ISP and get them to help troubleshoot; ISP's will usually only block port 25 inbound on residential connections (to prevent users from running mail servers at cheaper residential rates rather than commercial rates), but they may know something or be able to find something that will help.
*********
 
But, since the question is already closed, I guess I won't post that ...
;)
(Seriously, though, thanks for the Accept, even if it was only grade "B", and good luck!)
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.