Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1393
  • Last Modified:

How do I fix not being able to receive emails from addresses that are outside company domain?

I've restarted my servers a few times and everything was fine, but yesterday I restarted them again, and since 1pm yesterday, nobody has been able to receive emails from addresses that are outside of the company domain.  E.g. "@hotmail.com" "@gmail.com" etc.. We can send to outside emails perfectly fine and internal sending and receiving works fine, but we cannot receive from external emails.  I've already tried telnetting and I've gotten all the right responses and IP addresses.  I have no clue what to do and this is affecting 350+ company clients which is causing major problems.  Please help!!!

One server is the Domain Controller with Active Directory and the other is running exchange, files, and apps.  We only have 2 servers here.
0
Brent Johnson
Asked:
Brent Johnson
  • 16
  • 5
  • 5
  • +3
1 Solution
 
Brent JohnsonAuthor Commented:
Please help me!!  This is mission critical!!
0
 
Viral RathodConsultantCommented:
1) Go to https://www.testexchangeconnectivity.com and Run Inbound E-mail flow TEst and post the results

2) Go to http://mxtoolbox.com/blacklists.aspx and make sure your domain is not blacklsited
0
 
Brent JohnsonAuthor Commented:
viralrathod -
The results to the exchange test:  
"The test result has expired and cannot be retrieved. Please run the test again."
That is the message that it keeps giving me when I test it.

I also want to add that when I tried telnetting to port 25, it tells me, "connect failed".  Does this have something to do with it?

0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
Brent JohnsonAuthor Commented:
"Cyberlogic" and "spamrbl" for blacklist gives a yellow mark and says both timed out, but all others show green and ok.
0
 
Viral RathodConsultantCommented:
Go to http://www.mxtoolbox.com/portscan.aspx and run port scan and make sure port 25 is open

OR you can go to "canyouseeme.org" and make sure port 25 is open

Also you need to remove your domain from above blacklist servers ,else your inbound mail flow will not work.
0
 
Brent JohnsonAuthor Commented:
Also, "emailbasura" has a yellow mark with timed out error on blacklist check.
0
 
Viral RathodConsultantCommented:
A timeout on the Blacklist Tool just means that at the time of the query that Blacklist did not answer. It does not necessarily mean you are listed on that Blacklist.
0
 
Brent JohnsonAuthor Commented:
This is what shows up when I do a port scan using portscan on mxtoolbox and blacklist checker
port25.jpg
blacklist.jpg
Untitled.jpg
0
 
Brent JohnsonAuthor Commented:
I also just tried to run a test on inbound mail using the first link you provided and it came back as "connectivity test successful" with all green checks on each item.
0
 
Viral RathodConsultantCommented:
Did you receive the e-mail which you have sent using above testexchnageconnectivity tool ?

I guess the port 25 is blocked from your server or firewall

Can you go to http://canyouseeme.org and make sure port 25 is open

letus know the results.
0
 
Brent JohnsonAuthor Commented:
I did not receive any emails using the testexchangeconnectivity too.  "Error: I could not see your service on 12.111.39.131 on port (25)
Reason: Connection timed out"  That is the message that comes up on canyouseeme.org when I check port: 25 from the exchange server.
0
 
Brent JohnsonAuthor Commented:
Could it be possible that port 25 could be blocked from the server or firewall from simply restarting the servers after updating them?  I did not do anything else, but restart them.
0
 
Brent JohnsonAuthor Commented:
Another thing to note is that the firewalls on all computers and servers are off.
0
 
Viral RathodConsultantCommented:
Can you post me the results of testexchnageconnectivity tool ?
0
 
PapertripCommented:
In that portscan pic you only put in "25" instead of your IP, so it ran checks against 0.0.0.25

Using the IP you put into the other search tools, I can connect to port 25... but it's Postini...

Are you sure 65.18.6.10 is the correct IP?

[root@broken ~]# telnet 64.18.6.10 25
Trying 64.18.6.10...
Connected to 64.18.6.10.
Escape character is '^]'.
220 Postini ESMTP 249 y6_43_0c9 ready.  CA Business and Professions Code Section 17538.45 forbids use of this system for unsolicited electronic mail advertisements.

Open in new window

0
 
Deepu ChowdaryCommented:
Once check this at Postini end.,,
 As the test exchange connectivity is sucesfull
0
 
Brent JohnsonAuthor Commented:
viralrathod:  See pic that I attached for results of test.
Untitled.jpg
0
 
Deepu ChowdaryCommented:
This attachment says that the inbound mailflow is fine, so once check wether it is reaching our exchange server or not.
If not check with the third party(Postini in this case).
0
 
Brent JohnsonAuthor Commented:
The exchange server's external ip address is:  12.111.39.131.  I used the mxtool to test that ip address and it comes back with "Timeout occurred due to inactivity."  I ran it a few times and everytime it was the same thing with the timeouts.
0
 
Brent JohnsonAuthor Commented:
exchange9, how do I do those two things that you said?
0
 
Brent JohnsonAuthor Commented:
I ran the test on the server again and this time I got a response instead of a timeout.  See pic for that.  It shows that the smtp and other ports are off.
server.jpg
0
 
PapertripCommented:
[root@broken ~]# dig mx meadowridge.com +short
10 MEADOWRIDGE.COM.S7A1.PSMTP.com.
20 MEADOWRIDGE.COM.S7A2.PSMTP.com.
30 MEADOWRIDGE.COM.S7B1.PSMTP.com.
40 MEADOWRIDGE.COM.S7B2.PSMTP.com.

Open in new window


Check Postini logs to see if the mails are even getting that far, and any logs from Postini relaying to your Exchange server.
0
 
PapertripCommented:
Stop testing with 12.111.39.131, that is not where the mail going to for your domain from the internet, it is going to Postini.
0
 
Deepu ChowdaryCommented:
Is that IP pingable..? Make sure once.. check the server is online or not..
0
 
Brent JohnsonAuthor Commented:
where do I go to check the postini logs?
0
 
PapertripCommented:
0
 
Brent JohnsonAuthor Commented:
I can access the internet and everything else on the servers and I can ping both servers.  I can't ping the "12.111.39.131" ip though because its the server's outside ip address.
0
 
PapertripCommented:
[root@broken ~]# telnet 12.111.39.131 25
Trying 12.111.39.131...
telnet: connect to address 12.111.39.131: Connection timed out

Open in new window


12.111.39.131 is not listening on port 25.  You need to start the search at Postini and forget about 12.111.39.131 for now.
0
 
Deepu ChowdaryCommented:
Check wether you have any incoming mails in queues.

Also you have message tracking center node in tools :
Check this once
http://www.msexchange.org/tutorials/Exchange-2003-Message-Tracking-Logging.html
0
 
Deepu ChowdaryCommented:
That link is for 2003 and for advanced versions check message tracking center under tool box.
0
 
Jarred PowerNetwork AdministratorCommented:
Who is your ISP? - My ISP (comcast business) blocked Port 25 on their router without notice.  Switch exchange to a different port to test.  
0
 
Jarred PowerNetwork AdministratorCommented:
Or open port 26 on your firewall and forward to port 25 on your exchange server. (what we ended up doing)
0
 
Jarred PowerNetwork AdministratorCommented:
Sorry I just read thought the other posts, since you have your mail going though Postini, it's probable set to connect with your exchange server on port 25. So you need to change this to another port so it can connect to exchange (i.e. 26).

It should look something like this:

=>Postini =>Firewall yourIP:26 = (Portforward)>exchange:25  (or you could switch this too)


0
 
nashim khanExchange AdministratorCommented:
Hi,
Please use the below given link and analyze the issue.

1) Go to https://www.testexchangeconnectivity.com and Run Inbound E-mail flow TEst and post the results

2) Go to http://mxtoolbox.com/blacklists.aspx and make sure your domain is not blacklsited

3) Go to  http://www.t1shopper.com/tools/port-scan/ and make sure the port is not blocked.
0
 
Brent JohnsonAuthor Commented:
The problem has been fixed!  Thank you to everyone who was helping me through this.  What ended up happening was that the vendor that we use for our big jobs like Postini troubleshooting and stuff logged into our Postini account and saw that the email spooler was stopped and needed to be restarted.  It stopped when I rebooted the exchange server, so the reboot actually did cause this error technically.  The guy from the vendor just rebooted the email spooler in Postini and all the external emails started flowing in like crazy.  Once again thank you all for your help!!!
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

  • 16
  • 5
  • 5
  • +3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now