SJCA
asked on
Can't send email to external
Hi Experts,
I have an exchange server 2003, everything was working just fine and there was no change since last few weeks.
But suddenly nobody can't send email to external (yahoo,gmail..etc). We can only recieve email from external (yahoo,gmail...etc).
We can only send and recieve email from people who is in our domain only.
Here is the general map of my network:
exchange --switch--firewall--public
What do I have to do to trouble shoot this problem?
Thanks.
I have an exchange server 2003, everything was working just fine and there was no change since last few weeks.
But suddenly nobody can't send email to external (yahoo,gmail..etc). We can only recieve email from external (yahoo,gmail...etc).
We can only send and recieve email from people who is in our domain only.
Here is the general map of my network:
exchange --switch--firewall--public
What do I have to do to trouble shoot this problem?
Thanks.
Check DNS, check routes.
ASKER
Sorry for stupid question, how do you check dns and routes?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I finally tested the dns, everything looks fine.
But when I did the tracert from home back to my mail server IP, I see almost every line is ' * * * Request timed out.' What could be the problem?
But when I did the tracert from home back to my mail server IP, I see almost every line is ' * * * Request timed out.' What could be the problem?
ASKER
Will it possible a firewall issue?
There are many possibilities. Firewall is an option. If you use the script I gave you, it will help to narrow down the issue.
Why would you suggest firewall? Did someone change something on the firewall?
Why would you suggest firewall? Did someone change something on the firewall?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
How does your Exchange server send his email ?
There 2 options here, by dns or through a smarthost.
You can find this setting in the Exchange Management console in the connectors.
If your server is set to a smarthost, you should try to telnet to this host and try to send a mail like rfportilla showed you. If this doens't work check the settings with your provider.
There 2 options here, by dns or through a smarthost.
You can find this setting in the Exchange Management console in the connectors.
If your server is set to a smarthost, you should try to telnet to this host and try to send a mail like rfportilla showed you. If this doens't work check the settings with your provider.
@Tech-Notes If the OP is not using a smarthost, then they should def check telnet to check mail b/c they are not going through anyone else. If it is a smarthost environment, then complain to the smarthoster and let them fix it. (Thanks for the support) ;-)
FYI, smarthosts are usually a good idea b/c it offloads this kind of issue. They are specialized to handle mail and are usually more aware of blacklists and how to stay off them. It also limits the liability when you have a virus attack in your office that starts spamming (which is how most companies end up getting blacklisted). When your internet IP and mail IP are the same , there is a higher risk of mail getting affected.
FYI, smarthosts are usually a good idea b/c it offloads this kind of issue. They are specialized to handle mail and are usually more aware of blacklists and how to stay off them. It also limits the liability when you have a virus attack in your office that starts spamming (which is how most companies end up getting blacklisted). When your internet IP and mail IP are the same , there is a higher risk of mail getting affected.
>>FYI, smarthosts are usually a good idea b/c it offloads this kind of issue. They are specialized to handle mail and are usually more aware of blacklists and how to stay off them<<
Whilst I agree with the above in general - there are some smarthosts / ISPs that this does not apply to:
http://alanhardisty.wordpress.com/2010/11/09/demons-thus-telecom-response-about-their-mail-servers-being-blacklisted-do-they-give-a-damn/
Whilst I agree with the above in general - there are some smarthosts / ISPs that this does not apply to:
http://alanhardisty.wordpress.com/2010/11/09/demons-thus-telecom-response-about-their-mail-servers-being-blacklisted-do-they-give-a-damn/
@alanhardisty True enough. There are plenty of exceptions. Even still, I think that in most cases they are better than relying on the overworked system administrator who barely has time to maintain the network, nevermind read up on the latest spam hacks and blacklisting strategies and how to defend against them. It definitely gets to be a pain.
I guess it depends on what Anti-Spam software / Hardware you use.
We get no spam and virtually zero Administration to keep it that way.
We get no spam and virtually zero Administration to keep it that way.
@alanhardisty That's awesome if you have a solution that good. I've used a few spam solutions, but they haven't taken care of outgoing issues (usu. viruses on unprotected networks) and they don't make up for poorly configured Exchange servers. :-p-
Nothing ever makes up for badly configured Exchange Servers.
I use Forefront TMG and Vamsoft. Forefront kills lots of bad connections and Vamsoft cleans the rest up. It also has an Auto-Sender whitelist, so if you send an email to someone, when they reply, it is already whitelisted.
I use Forefront TMG and Vamsoft. Forefront kills lots of bad connections and Vamsoft cleans the rest up. It also has an Auto-Sender whitelist, so if you send an email to someone, when they reply, it is already whitelisted.