Solved

Exchange 2010, Messages not going out... or are severly delayed.

Posted on 2012-04-04
9
1,077 Views
Last Modified: 2012-04-15
OVERVIEW
Have Domain Controller providing DNS
Have 1 Exchange 2010 Server on network
Authoritative DNS is Godaddy, MX records point to our Exchange server
Can receive mail from anyone, no problem.
We can send to each other inside the office from Outlook
It appears we cannot send to an external recipient or it is very delayed.

QUESTION
Where/How do start troubleshooting this?
Is it DNS or a SEND CONNECTOR config issue?
0
Comment
Question by:tech911
  • 6
  • 3
9 Comments
 
LVL 9

Expert Comment

by:Geodash
ID: 37807843
Have you looked at the event log? Also, in EMC - what do the delayed messages say, there should be a code?
0
 
LVL 3

Author Comment

by:tech911
ID: 37807885
I can see the messages in the Queue with the Queue viewer, the status is ready, there are two addresses both going to the same domain.  

I have an account on that external domain, when I login via webmail (its a godaddy POP/IMAP Account) I am receiving email from other senders.

These messages are just hanging.

What else can I tell you that will help with the diagnosis? (DNS? Send connector?)
0
 
LVL 3

Author Comment

by:tech911
ID: 37807918
Just found this in the Queue Viewer

451-4.4.0 Primary target IP address responded with a 554-p3pismtp01-024.prod.phx3.secureserver.net 554 Your access to this mail system has been rejected due to the sending MTA's poor reputation.

Our ISP is WOW Internet and we do have a business account, do you think we are on a blacklist somewhere (I will check MXToolbox now).  How can we improve our reputation, we don't send out spam, there are only 4 of us in this office.
0
 
LVL 9

Expert Comment

by:Geodash
ID: 37807997
Yes, I think you are being blacklisted. You have to make sure that your systems are clean. If your systems send SPAM without your knowledge, it can hurt your rep. I suggest an outbound host to monitor, but they are not free
0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 
LVL 3

Author Comment

by:tech911
ID: 37808133
Good news - we are not on any blacklists.

Bad news - when we go to senderbase.org and put in our IP we get a rating of POOR

Working from the server out, what settings should I be checking for; both in DNS and in Exchange.
0
 
LVL 3

Author Comment

by:tech911
ID: 37810771
Anybody...

Alan Hardisty where are you?

I need to confirm what DNS entries I should have on my local DNS server (The one that resides behind my firewall on my Domain Controller).
0
 
LVL 3

Accepted Solution

by:
tech911 earned 0 total points
ID: 37814070
So I tracked down the error.

My ISP had the wrong reverse DNS entry entered for our mail server, thus "INSERT EXPLODING NOISE HERE" everything was wacky and having issues.  Now that this egregious error has been corrected I expect everything to work correctly.

Not sure how to close this post correctly - Moderator please review info provided by geodash and advise as to correct course of action.  Should I award points or not?
0
 
LVL 9

Expert Comment

by:Geodash
ID: 37814079
I am glad you found the error. You can close the question and award no points if you found the answer yourself.
0
 
LVL 3

Author Closing Comment

by:tech911
ID: 37847957
I found the solution by digging into the config/operation of the phone itself.  See the post for the details.
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
A procedure for exporting installed hotfix details of remote computers using powershell
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now