Solved

Can't send email to external

Posted on 2010-11-19
14
594 Views
Last Modified: 2012-05-10
Hi Experts,

I have an exchange server 2003, everything was working just fine and there was no change since last few weeks.
But suddenly nobody can't send email to external (yahoo,gmail..etc). We can only recieve email from external (yahoo,gmail...etc).

We can only send and recieve email from people who is in our domain only.

Here is the general map of my network:
exchange --switch--firewall--public internet

What do I have to do to trouble shoot this problem?
Thanks.
0
Comment
Question by:SJCA
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
  • 3
  • +2
14 Comments
 

Expert Comment

by:rsaffel
ID: 34178750
Check DNS, check routes.
0
 
LVL 1

Author Comment

by:SJCA
ID: 34178761
Sorry for stupid question, how do you check dns and routes?
0
 
LVL 9

Assisted Solution

by:rfportilla
rfportilla earned 150 total points
ID: 34178779
One possibility is that your company may have been blacklisted.  THis is a common problem.  Many email servers control spam with shared blacklist services.  If your company was added to a blacklist then you will be blocked from many servers.  

An easy way to check email is to send by telnet.  If you have a yahoo account you can use the template below.  Open the command prompt and run the following line:

    telnet g.mx.mail.yahoo.com 25

Modify the following template with your own mail server (instead of "emaildomain.com") and your own exchange email (instead of MyEmail@emaildomain.com) and your own yahoo email (instead of myemail@yahoo.com).  See if you get any errors.  If not, check the yahoo account.  You may need to look in the spam mail folder.


HELO emaildomain.com
MAIL FROM: MyEmail@emaildomain.com <MyEmail@emaildomain.com>
RCPT TO: myemail@yahoo.com <myemail@yahoo.com>
Data
From: MyEmail@emaildomain.com
Subject: Test Email

this is a test email
.
quit

Open in new window

0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
LVL 1

Author Comment

by:SJCA
ID: 34178802
I finally tested the dns, everything looks fine.

But when I did the tracert from home back to my mail server IP, I see almost every line is ' *        *        *     Request timed out.' What could be the problem?
0
 
LVL 1

Author Comment

by:SJCA
ID: 34178807
Will it possible a firewall issue?
0
 
LVL 9

Expert Comment

by:rfportilla
ID: 34178857
There are many possibilities.  Firewall is an option.  If you use the script I gave you, it will help to narrow down the issue.  

Why would you suggest firewall?  Did someone change something on the firewall?
0
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 350 total points
ID: 34178900
Is some mail leaving your server or no mail leaving your server?

If no mail - please check with your ISP that they have not cut off port 25 outbound access - some do without warning and this will explain loads.

If it is just a few - you may not be configured correctly.

When you send mail, you tell the receiving server your Fully Qualified Domain Name (e.g., mail,yourdomain.com), this has to resolve in DNS back to the IP Address that you are sending from and also have to have Reverse DNS that matches your FQDN.

If anything is wrong here - you will have problems sending mail to some domains.

It will be easier if you can post your domain name and IP Address which I can hide for you (to protect your identity) then checks can be made and your configuration checked.
0
 

Expert Comment

by:Tech-Notes
ID: 34178937
How does your Exchange server send his email ?
There 2 options here, by dns or through a smarthost.

You can find this setting in the Exchange Management console in the connectors.
If your server is set to a smarthost, you should try to telnet to this host and try to send a mail like rfportilla showed you. If this doens't work check the settings with your provider.
0
 
LVL 9

Expert Comment

by:rfportilla
ID: 34179270
@Tech-Notes If the OP is not using a smarthost, then they should def check telnet to check mail b/c they are not going through anyone else.  If it is a smarthost environment, then complain to the smarthoster and let them fix it.  (Thanks for the support) ;-)

FYI, smarthosts are usually a good idea b/c it offloads this kind of issue.  They are specialized to handle mail and are usually more aware of blacklists and how to stay off them.  It also limits the liability when you have a virus attack in your office that starts spamming (which is how most companies end up getting blacklisted).  When your internet IP and mail IP are the same , there is a higher risk of mail getting affected.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 34179288
>>FYI, smarthosts are usually a good idea b/c it offloads this kind of issue.  They are specialized to handle mail and are usually more aware of blacklists and how to stay off them<<

Whilst I agree with the above in general - there are some smarthosts / ISPs that this does not apply to:

http://alanhardisty.wordpress.com/2010/11/09/demons-thus-telecom-response-about-their-mail-servers-being-blacklisted-do-they-give-a-damn/
0
 
LVL 9

Expert Comment

by:rfportilla
ID: 34179312
@alanhardisty True enough.  There are plenty of exceptions.  Even still, I think that in most cases they are better than relying on the overworked system administrator who barely has time to maintain the network, nevermind read up on the latest spam hacks and blacklisting strategies and how to defend against them.  It definitely gets to be a pain.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 34179337
I guess it depends on what Anti-Spam software / Hardware you use.

We get no spam and virtually zero Administration to keep it that way.
0
 
LVL 9

Expert Comment

by:rfportilla
ID: 34179351
@alanhardisty That's awesome if you have a solution that good.  I've used a few spam solutions, but they haven't taken care of outgoing issues (usu. viruses on unprotected networks) and they don't make up for poorly configured Exchange servers.  :-p-
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 34179396
Nothing ever makes up for badly configured Exchange Servers.

I use Forefront TMG and Vamsoft.  Forefront kills lots of bad connections and Vamsoft cleans the rest up.  It also has an Auto-Sender whitelist, so if you send an email to someone, when they reply, it is already whitelisted.
0

Featured Post

[Webinar] Learn How Hackers Steal Your Credentials

Do You Know How Hackers Steal Your Credentials? Join us and Skyport Systems to learn how hackers steal your credentials and why Active Directory must be secure to stop them. Thursday, July 13, 2017 10:00 A.M. PDT

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

On Feb. 28, Amazon’s Simple Storage Service (S3) went down after an employee issued the wrong command during a debugging exercise. Among those affected were big names like Netflix, Spotify and Expedia.
Check out this step-by-step guide for using the newly updated Experts Exchange mobile app—released on May 30.
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
Suggested Courses

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question