Solved

Can't email to external email addresses

Posted on 2011-02-23
8
860 Views
Last Modified: 2012-05-11
Hello Experts!

Running SBS2003 with Exchange Server 2003.
Up until last week we had T1 voice an data Internet service with Integra Telecom.
Last week we added Comcast Business Class Internet Connection for connection speed.
Last Saturday I asked Integra to modify our MX Record to point to the new IP address given to us by Comcast. 173.8.103.129 mail.zinncorp.com

I changed the settings in my firewall to reflect the new IP address.
I tested incoming mail and it worked but did not make sure emails were reaching external recipients (my bad).
On Tuesday morning I was informed that external recipients were not getting emails.
I looked on the queue and noticed there were a bunch of emails stucked there.
I was informed by Integra that I should ask Comcast to create a PTR to 173.8.103.129 mail.zinncorp.com, this was done on Tuesday at about 11am and the said it will take 24 for the DNS Server to populate.
Today, Wednesday 6:00pm and I still have messages getting stuck in the queque.
I did tests on whatsmydns.net and everything seems to be OK.
Besides messages getting stuck in the queue, one of my users is receiving the following message when sending messages to a particular recipient.
 
The following recipient (s) could not be reached:
 user@domain.com on 2/23/2011 5:01pm
You do not have permission to send to this recipient. For assistance, contact your system administrator.
<mail.zinncorp.com #5.7.1 smtp;550 5.7.1 Unable to relay for user@domain.com>

I have absolutely no more ideas on how to resolve this issue.
Your help will be greatly appreciated.

0
Comment
Question by:ernestop
  • 6
  • 2
8 Comments
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 34966180
Your configuration looks very RFC Compliant to me so there may be issues at the receiving end deliberately blocking you or expecting you to come in from your old IP not your new IP.  Some manually record your IP and if you stray from what they expect - they reject you.

As for the 5.7.1 error - that suggests a similar problem - the receiving server doesn't like you and you may need to contact them and get unblocked.
0
 

Author Comment

by:ernestop
ID: 34966253
Alan, thanks for your prompt response!


My Server name is zinnserv01 and I am using a SonicWALL Email Security device, its name zinnserv03. Don't know why it is coming up on this report.
Before the change everything was working fine.
I am calling SonicWALL as we have support agreement with them. Will keep you posted.

Here is the report from mxtoolbox.com

smtp:173.8.103.129     smtp    
220 zinnserv03.zinncorp.local ESMTP SonicWALL (7.2.1.2843)


 OK - 173.8.103.129 resolves to mail.zinncorp.com
 Warning - Reverse DNS does not match SMTP Banner
 0 seconds - Good on Connection time
 Not an open relay.
 0.320 seconds - Good on Transaction time

Session Transcript:
HELO please-read-policy.mxtoolbox.com
250 zinnserv03.zinncorp.local [48 ms]
MAIL FROM: <supertool@mxtoolbox.com>
250 2.1.0 supertool@mxtoolbox.com....Sender OK [48 ms]
RCPT TO: <test@example.com>
550 5.7.1 Unable to relay for <test@example.com> [48 ms]
QUIT
221 2.0.0 Bye [48 ms]
 
reverse lookup smtp diag port scan blacklist

Reported by mxtoolbox.com on Wednesday, February 23, 2011 at 5:35:21 PM (GMT-6)  (History)




mx:zinncorp.com     mx    

Pref Hostname IP Address TTL  
10 mail.zinncorp.com 173.8.103.129 24 hrs SMTP Test Blacklist Check
20 relay2.msp.eschelon.com 209.150.200.7 24 hrs SMTP Test Blacklist Check
dns lookup ns lookup mx lookup whois lookup

Reported by ns.fishnet.com on Wednesday, February 23, 2011 at 5:34:52 PM (GMT-6)

0
 

Author Comment

by:ernestop
ID: 34966625
Spoke with SonicWALL support.
zinnserv03 is a server that is running the email security software. It scans incoming mail before passsing it to the email server zinnserv01.

The line that concerns me from the mxtoolbox report is:
Warning - Reverse DNS does not match SMTP Banner
Don't know how to fix that.
Any suggestions?
thanks again in advance for all your input.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 34967993
Okay - the Reverse DNS does not match SMTP Banner can be resolved by changing the FQDN on your server.  (I missed that - Sorry).

Open Up Exchange System Manager and expand Protocols> SMTP> Right-Click on SMTP Virtual Server and choose Properties.

On the Delivery Tab> Advanced Button, change the FQDN fom zinnserv03.zinncorp.local to mail.zinncorp.com

The rest of your configuration looks fine.
0
 

Author Comment

by:ernestop
ID: 34970371
Alan,

The FQDN has been there all along. That was one of the first things I double checked as per a post on the mxtoolsbox.com.

So, that looks good. PrintScreen of FQDN
Was on the phone with Integra last night and they said everything looks good on their end (I have only talke to them and Comcast like 10 times!!!)
0
 

Author Comment

by:ernestop
ID: 34970519
One more clarification piece:

zinnserv03 is a server running SonnicWALL mail security software.

Inbound email gets routed from my SonicWALL firewall to server "zinnserv03" where messages are scanned and then junked or sent to my SBS2003 Server "zinnserv01".

Inbound emails are reaching the Outlook clients. It is the outbound emails that are either queued up or rejected.

Thanks.
0
 

Accepted Solution

by:
ernestop earned 0 total points
ID: 34973177
Eureka!

An old DNS entry from our previous provider in the virtual server properties.

Everything is working now!

Thanks Alan. I appreciate your input.
0
 

Author Closing Comment

by:ernestop
ID: 35005298
Digged more into the properties of the virtual server.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
This article explains how to install and use the NTBackup utility that comes with Windows Server.
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …
how to add IIS SMTP to handle application/Scanner relays into office 365.

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question