Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

New SBS Install - Unable To Send Or Recieve External Email

Posted on 2011-05-02
23
Medium Priority
?
540 Views
Last Modified: 2012-05-11
Did an install over the weekend & currently cannot send or receive any external email. I replaced a sbs 2003 server with a 2008 server. In terms of the old server, they were sending & receiving via exchange without issue.

Regarding the mx records, i thought that as long as i made the new server appear to the outside world using the same external ip then there should be no need for any changes to the mx records as i am simply replacing the box.

I logged into their control panel & i could not actually see any mx records setup apart from mx ip4 that i found strange as the old server was using exchange and worked. I decided to create a new mx & a record that is setup as follows:

Your current raw SPF record is: v=spf1 a mx ip4:64.91.253.46 a:servers.external.ip mx:mail.mydomain.com ?all

As you can see, i have the server’s external ip for the "a" record and the domain name for "mx".  
There is also an mx ip4 address that i did not set & i am wondering if i need to remove the mx i created & simply insert the server’s external ip there?

Client side i get the following error when trying to send externally:

Diagnostic information for administrators:

Generating server:
rblsmtpd.local #553 Mail blocked. Please see <http://unblock.secureserver.net/?ip=81.137.27.*> ##

Original message headers:

Received: from l ([fe80::7438:8d24:7de0:607e])
 by  ([fe80::7438:8d24:7de0:607e%10]) with
 mapi; Mon, 2 May 2011 11:51:32 +0100
From: >
To: >
CC: "" <>, "Thomas
 DavidAdmin" <>
Date: Mon, 2 May 2011 11:51:31 +0100
Subject: internal test
Thread-Topic: internal test
Thread-Index: AcwItuVtqG0bq30JQ12pxUKlsIp8mA==
Message-ID: <7c5559b2-7ea8-4d2c-998d-d4d524c7232c@THOMASDAVID-SBS.thomasdavid.local>
Accept-Language: en, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en, en-US
Content-Type: multipart/alternative;
      boundary="_000_7c5559b27ea84d2c998dd4d524c7232cTHOMASDAVIDSBSthomasdav_"
MIME-Version: 1.0

Any help is extermly appreciated guys
0
Comment
Question by:Daniel Bertolone
  • 12
  • 8
  • 3
23 Comments
 

Author Comment

by:Daniel Bertolone
ID: 35504168
I can post a screen of the cpanel configuration options if that helps
0
 

Author Comment

by:Daniel Bertolone
ID: 35504212
Emails are now being sent externally ok, it’s just receiving that remains a problem
0
 
LVL 60

Expert Comment

by:Cliff Galiher
ID: 35504392
What you've posted is an SPF record, not an MX record, and configured improperly, can actually make things worse. Since the 2003 server worked, undo what you did and then check your edge router/firewall. Sounds like you didn't update ut to forward SMTP traffic to the new server's internal IP address.

-Cliff
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:Daniel Bertolone
ID: 35504418
Thanks for the reply cliff.

I have undone the changes & this is what i have:

v=spf1 a mx ip4:64.91.253.46 ?all


Thing is that ip is not the servers ip, it points to a company that called chesternet who resold the hosting package to the client.

I take it the mail is being delivered to chesternt first & then forwarded onto the mail server?
0
 
LVL 22

Expert Comment

by:chakko
ID: 35504652

Just some info.  SPF record is for anti-spam use.  It lists which servers are the valid servers to send mail from your Domain.
With that SPF record is says the the server 64.91.253.46 is a valid server sending mail for your domain.
I recommend you just delete the DNS txt record for the SPF stuff and put it back later.
www.openspf.org has lots of info for this.

The SPF record is not related to you not being able to receive email.  It may cause a problem for you to send out email if it is not configured properly (other systems with anti-spam using SPF would think your server is sending spam).

If you can access to the internet (from outside your office/location - maybe call a friend) you can try to telnet to your IP address on port 25 and see if you get a response from Exchange.

example DOS/CMD command:  telnet ipaddress 25
If you don't get a response then your firewall/router is not configured for the new value (your old server is offline right?)

also try the website www.testexchangeconnectivity.com

0
 
LVL 60

Expert Comment

by:Cliff Galiher
ID: 35504768
You are still posting SPF records, not MX records. In short, if you don't know the difference between SPF, MX, and a records, and don't know the mail flow of the original setup, you aren't prepared to tackle this problem alone (even with EE.) I'd strongly urge you to contact a trusted advisor/consultant and pay for some support. It'll save more than it'll cost.

-Cliff
0
 

Author Comment

by:Daniel Bertolone
ID: 35506621
Thanks again guys.

I do understand the difference between a records and mx records and how they work. I did not know about SPF records until now.


I have attached a screenshot of the domain control panel & it shows that 64.91.253.46 is the main server interface that points to chesternet who resold the domain to the client.

Do you have any idea why it would be setup in this manner as surely it should send the emails directly to the exchange server?



control-panel.bmp
0
 
LVL 22

Expert Comment

by:chakko
ID: 35506651
That is SPF related stuff.  Just forget anything related to SPF for now.  

if you provide us your real domain name then we can check for you and probably get to the issue very quickly.

0
 

Author Comment

by:Daniel Bertolone
ID: 35506674
Cool...

Domain name is thomasdavid.co.uk

I tried a telnet & that was successful. I also ran test my exchange that passed with the following results:

      Test Steps
       
      Attempting to retrieve DNS MX records for domain thomasdavid.co.uk.
       One or more MX records were successfully retrieved from DNS.
       
      Additional Details
       MX Records Host thomasdavid.co.uk, Preference 0
      Testing Mail Exchanger thomasdavid.co.uk.
       This Mail Exchanger was tested successfully.
       
      Test Steps
       
      Attempting to resolve the host name thomasdavid.co.uk in DNS.
       The host name resolved successfully.
       
      Additional Details
       IP addresses returned: 64.91.253.46
      Testing TCP port 25 on host thomasdavid.co.uk to ensure it's listening and open.
       The port was opened successfully.
       
      Additional Details
       Banner received: 220-fast.chesternet.com ESMTP Exim 4.69 #1 Mon, 02 May 2011 18:39:27 +0100
      Attempting to send a test e-mail message to thomasdavidadmin@thomasdavid.co.uk using MX thomasdavid.co.uk.
       The test message was delivered successfully.
      Testing the MX thomasdavid.co.uk for open relay by trying to relay to user Admin@TestExchangeConnectivity.com.
       The Open Relay test passed. This mx isn't an open relay.
       
      Additional Details
       The open relay test message delivery failed, which is a good thing.
The exception detail:
Exception details:
Message: Mailbox unavailable. The server response was: (www.testexchangeconnectivity.com) [65.54.166.78]:55252 is currently not
Type: System.Net.Mail.SmtpFailedRecipientException
Stack trace:
at System.Net.Mail.SmtpTransport.SendMail(MailAddress sender, MailAddressCollection recipients, String deliveryNotify, SmtpFailedRecipientException& exception)
at System.Net.Mail.SmtpClient.Send(MailMessage message)
at Microsoft.Exchange.Tools.ExRca.Tests.SmtpOpenRelayTest.PerformTestReally()




0
 
LVL 60

Expert Comment

by:Cliff Galiher
ID: 35506699
The screenshot you provided is *STILL* only SPF-related, as indicated by the "SPF" at the very top of the page. Again, from the sound of things, you have several issues at play here, and I think you'll get faster and better resolution with a paid contractor. It is perfectly acceptable to ask them to work remotely or on-site while you watch, so you can see what is happening and can pick up details to fill in the blanks of your network topology, but I think your issues will require digging in-depth enough that forum/EE/newsgroup volunteer help just won't cut it.

-Cliff
0
 
LVL 22

Expert Comment

by:chakko
ID: 35506747
ok your mx record is pointing to thomasdavid.co.uk (basically looks like chesternet.com server).

So your mx record is not correct.  You need to change your MX record to be your internet IP address, then if your router/firewall is setup correctly it will connect to your exchange (Port 25).

0
 
LVL 22

Expert Comment

by:chakko
ID: 35506771
In the Chesternet control panel you need to find your MX record and make the change there.

ns1 and ns2.chesternet.com are the DNS nameservers for your domain.

I reccomend you make an A record called MAIL
Then edit the existing MX record and the setting should go to mail.thomasdavid.co.uk.   (check if the existing record has the . at the end too - make it the same as the existing MX record entry).

For testing it could take some time before the DNS becomes active.  

If you want, let use know when you fix the MX and A records and I can check if they are correct.
0
 

Author Comment

by:Daniel Bertolone
ID: 35506788
I would usually expect to be able to change the mx record from the domain control panel but i cannot see where. The only place that mentioned anything to do with mx records was the spf screens i posted earlier.

Below is a top-level screenshot of the domain.

top-level.bmp
0
 
LVL 22

Expert Comment

by:chakko
ID: 35506858
can't see the bottom of the page from your picture, but cPanel normally has an icon to edit DNS or MX record.  
0
 

Author Comment

by:Daniel Bertolone
ID: 35506904
I was expecting something along those lines too.

Here is the other half of the screen
cpanel-bottom.bmp
0
 
LVL 22

Accepted Solution

by:
chakko earned 2000 total points
ID: 35506935
you need to contact tech support at chesternet and request the DNS updates to be made.

That should solve the problem of email going directly to your exchange server.
Also, since your mail server will change to your Exchange server you should delete any SPF record.  I think the screen shot showed disabled status already?

www.openspf.org has info if you want to try and put it back again.  It is only useful for anti-spam situations - when you send email out.
0
 

Author Comment

by:Daniel Bertolone
ID: 35507126
I thought it was something along those lines but just could not figure out why the option would not be available in cpanel & why it is going to chesternet?

In addition, how was the other server then configured to receive any emails as i was expecting not to have to touch any mx records as long as i made the new server appear to the outside world on the same external ip


0
 
LVL 22

Expert Comment

by:chakko
ID: 35507189
My guess is that the old server has some POP download type of program on it.  It was downloading email from chesternet and feeding it into exchange.
Or the chesternet system has a setup like a store and forward configuration.  It will collect the mail and forward to your exchange server IP.

You need to contact their Tech support to check on that.  And look into the installed programs on the old server.

SBS 2003 has a built-in POP connector feature already.  Look in the Exchange console for it.
0
 

Author Comment

by:Daniel Bertolone
ID: 35507233
Now that you mention it I’m sure i have seen that feature in exchange on the old server.

Why setup the server via a pop connector in the first place if they have the option of exchange?

0
 
LVL 22

Expert Comment

by:chakko
ID: 35507311

I think it is still there in 2008 SBS.

Some reasons  (I have done this too in the past but not really much anymore).

Had a dynamic IP address at the office before (maybe a static IP internet package is expensive).  
Don't want to pay for Exchange based anti-virus and anti-spam - use the hosting company for this.
Worried that if Exchange or office internet is down then email will have no place to go and will not be accessible. (they can access the hosting server webmail when outside the office)




0
 

Author Comment

by:Daniel Bertolone
ID: 35507819
Thanks again for all your help!
0
 

Author Comment

by:Daniel Bertolone
ID: 35507830
Will let you know once its sorted!
0
 

Author Comment

by:Daniel Bertolone
ID: 35688848
All sorted now. Spoke with the host & he changed the mx records to point to the new server

Many Thanks
0

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article describes Top 9 Exchange troubleshooting utilities that every Exchange Administrator should know. Most of the utilities are available free of cost. List of tools that I am going to explain in this article are:   Microsoft Remote Con…
If you have come across a situation where you need to find some EDB mailbox recovery techniques, then here you will find the same. In this article, we will take you through three techniques using which you will be able to perform EDB recovery. You …
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Suggested Courses

564 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question