Exchange Connections Timed Out and Emails in the Queue

When I do a a Reverse DNS test, I get a Non-authoritative answer

When I do an Open relay check it says that "Our tests indicate your mail server allows open relay".  I do not understand how this could be...I only allow our domain to relay.

When I do a DNS lookup  I get an "A" record but no other records...no MX record

Help

The NSLOOKUP is correct from my computer inside the network.

On the default SMTP virtual server, on the authentication, it seem as if I have to have "anonymous" checked.

Also your article says:
To check or correct the configuration of the Default SMTP Virtual Server:

Start Exchange System manager (ESM)
Expand Servers, <your server>, Protocols, SMTP.
Right click on "Default SMTP Virtual Server" and choose Properties.
Click on the "Access" Tab.
There are four buttons, click on "Relay..." at the bottom.
Ensure that "Only the list below" is enabled and the list is empty.
If you don't have users sending email through your email server with Outlook Express or another POP3 client then you can disable "Allow all users that successfully authenticate to relay regardless of the list above".
Apply/OK until all windows are closed.

I have our domain in there...do I not need to put anything in there?

Do you have users that use SMTP / POP3 for email access or are you configured for RPC over HTTPS?

unfortunately, I have both...still some who use pop3 and outlook express.

We do...have strong passwords and lockout enforced.

Why do you think it still thinks it's an open relay?

It is good with that one...

Okay - don't worry about the Open Relay then.

Now I am on my laptop (not my iPhone), do you want to post your domain name (which I will hide) and then I can check your domain and see what is amiss and advise you accordingly?

Alan

The other relay gives me this:

>> MAIL FROM:<spammer@192.168.5.220>
<< 250 2.1.0 spammer@192.168.5.220....Sender OK
>> RCPT TO:<"spammee@xx.73.18.57">
<< 250 2.1.5 "spammee@xx.73.18.57"@mydomain.com

how do you hide it?

What would you suggest that I do from outside our network?

If you can post your domain name - I can do some digging and give you specific advice.  If you don't want to, I can give you general advice and then we can keep posting back and forth!  I appreciate that you may not want post your domain name, but I can confirm that I can obscure it so that the information is not viewable to others.

Alan

If you are not comfortable posting the info - click on my name and you will find my email address which you can use to email me if you prefer.

Alan

Thanks - Email received.  Checking now.

Alan

The thing is that it is sporadic...10 emails may go, then one gets stuck in the queue

Kind of the same with incoming email...some will come in, others will time out and drop.

Are you on Exchange 2003 SP2?

We don't use a Postfix Server...that is probably the ISP/AntiSpam

Yes Exchange 2003 SP2

Also - you say your firewall has a MIP.  Please advise what a MIP is.

Thanks

Alan

Mapped IP Address....kind of like Network Address Translation

When you send to our domain the public address hits the firewall and then is remapped through to the actual ip address inside and sent through a different port so that everything inside is hidden from the outside.

The MIP sounds fine - that is semi-standard practise and shouldn't be a problem.

Thank you!  Your assistance has been outstanding.  If I could give you more than 500 points I would.

Thanks!

Thanks for your comments - 500 points is fine - what's important is you know that your server is configured correctly and the problem seems to be external to you.

In case you are wondering - the Anti-Spam software I use which costs $239 per server is Vamsoft ORF (www.vamsoft.com) and is absolutely brilliant.

If you have any other questions - please let me know.

Best wishes

Alan