dsyncd
asked on
Emails and DNS
We are hosting a domain's email on a server we have that's on it's own WAN address. We also host our companies website on it as well, while our email is on another server with it's own WAN address. They are on different subnets as well. They can send and receive emails from everyone, but they can't send one to us. We can send and receive emails to/from everyone without a problem. I know it's a DNS issue but I don't know where to begin to look. Any help is appreciated. Thanks.
.
Can you post an NDR , if you have access to one?
How do you know it is a DNS issue? Does nslookup not give back the hostname? Are they able to telnet to port 25 on your mail server? Is there any internal routing or is this strictly over the internet?
Provide NSlookup details for further analysis. Seems to be a local routing issue...
ASKER
*** Can't find server name for the address 10.10.60.10: Non-existent domain
Default Server: Unknown
Address: 10.10.60.10
It shouldn't be routing locally at all. I'm getting that it's a dns issue from running smtpdiag. I can post the whole thing if needed but this is what it errors on. Changing domain name for privacy of course:
Warning: The TCP DNS query returned no results.
Checking MX records using UDP: blah.com.
Error: No MX or A records were found for the remote domain. Verify that the
remote domain is valid. Your firewall allows outbound DNS queries (Windows
NT/2000 Server requires TCP), and your DNS server can resolve external domains.
Default Server: Unknown
Address: 10.10.60.10
It shouldn't be routing locally at all. I'm getting that it's a dns issue from running smtpdiag. I can post the whole thing if needed but this is what it errors on. Changing domain name for privacy of course:
Warning: The TCP DNS query returned no results.
Checking MX records using UDP: blah.com.
Error: No MX or A records were found for the remote domain. Verify that the
remote domain is valid. Your firewall allows outbound DNS queries (Windows
NT/2000 Server requires TCP), and your DNS server can resolve external domains.
10.10.60.10 is a private internal address -- why are you doing a lookup on that IP? It doesn't appear to be the IP for blah.com, because smtpdiag says there is no A record for blah.com, so nslookup wouldn't give you the 10.10.60.10 IP to do a lookup on like you did.
If this is supposed to be internal routing only, then check out this link for server 2k3 and this for 2k8 -- if you are running something else just Google for adding DNS records to whatever version you are running.
If this is supposed to be internal routing only, then check out this link for server 2k3 and this for 2k8 -- if you are running something else just Google for adding DNS records to whatever version you are running.
Ignore that nslookup result - it just means that there's no PTR record for 10.10.60.10 and has nothing to do with this issue.
The smtpdiag results are interesting - did you run it from the other domain's mail server? It's saying that it can't find host or MX records for the blah.com domain, which is presumably your domain. Since you are able to receive mail from everyone else except for that one other domain's server, you obviously do have the correct host and MX records for your domain in the public DNS. So the problem must be that the other domain's server can't find them for some reason. Perhaps it's using a DNS server with a bogus blah.com zone on it or something like that.
An NDR would probably be very helpful.
The smtpdiag results are interesting - did you run it from the other domain's mail server? It's saying that it can't find host or MX records for the blah.com domain, which is presumably your domain. Since you are able to receive mail from everyone else except for that one other domain's server, you obviously do have the correct host and MX records for your domain in the public DNS. So the problem must be that the other domain's server can't find them for some reason. Perhaps it's using a DNS server with a bogus blah.com zone on it or something like that.
An NDR would probably be very helpful.
ASKER
The e-mail account does not exist at the organization this message was sent to. Check the e-mail address, or contact the recipient directly to find out the correct address.
That doesn't sound like a DNS problem; it sounds more like a mistyped address. Can you telnet to port 25 on your server from the other server and send a message using SMTP commands?
I am wondering if the Exchange that can not deliver to you has a recipient policy for your SMTP domain name, after all you said it does host your website so maybe the active directory domain name is the same as your smtp domain name, a contiguous namespace?
If it's exchange 2003 check the recipient policy, if it's exchange 2007/2010 Check accepted domains.
If it's exchange 2003 check the recipient policy, if it's exchange 2007/2010 Check accepted domains.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.