Solved

SMTP/ MX Record issues

Posted on 2012-04-05
19
694 Views
Last Modified: 2012-04-06
So I had a user say they couldn't get to OWA, and after looking into things (and rebooting exchange, I might add- don't judge me) I've come to the conclusion that there are external MX record/ DNS issues. I can telnet to port 25/ ping/ etc from internally, but externally I can't.

Using www.testexchangeconnectivity.com, I get the following error:
     Testing inbound SMTP mail flow for domain user@domain.tld.
       ExRCA failed to test inbound SMTP mail flow.
       
      Test Steps
       
      Attempting to retrieve DNS MX records for domain domain.tld.
       ExRCA wasn't able to retrieve MX records from DNS.
        Tell me more about this issue and how to resolve it
       
      Additional Details
       No MX records were found in DNS for SMTP domain domain.tld.
(Obviously I didn't put in domain.tld)
When I do a MX lookup via mxtoolbox.com, it says no records found. Please let me know if I'm just being silly, or if there's something going on with DNS (which it clearly looks like there is.)

Thanks a million.
0
Comment
Question by:biofishfreak
  • 7
  • 7
  • 3
  • +1
19 Comments
 
LVL 25

Assisted Solution

by:DrDave242
DrDave242 earned 80 total points
ID: 37813259
Check the public DNS records for that registered domain.  If there really aren't any MX records, at least one needs to be created, or no mail will be able to reach the server from outside.
0
 
LVL 3

Assisted Solution

by:tobyweston
tobyweston earned 200 total points
ID: 37813270
What are the results of nslookup -q=mx domain.tld and nslookup -q=ns domain.tld

Sounds like the records are gone. Do you have access to the DNS records to check / change them. Are there any other records (A, TXT) on this domain that have been affected?
0
 
LVL 17

Accepted Solution

by:
WORKS2011 earned 220 total points
ID: 37813275
Check DNS by clicking on IntoDns.com and post the results.
0
 
LVL 3

Author Comment

by:biofishfreak
ID: 37813319
So the domain is girlscoutssdi.org. I just don't want the publicly viewable question to have the domain.
0
 
LVL 25

Expert Comment

by:DrDave242
ID: 37813342
I can't find any records at all for that domain.  If you can log into the website of the registrar, I'd strongly suggest looking at its DNS records.
0
 
LVL 3

Author Comment

by:biofishfreak
ID: 37813360
Again, I can't access DNS. I just want to make sure that there's nothing (at this point, at least) wrong at the exchange level. Since it is at the DNS level it is technically (and physically) out of my hands, for now. I'll keep this page updated as I find out more from my NetAdmin. Thank you all thus far for your help, and nice site, WORKS2011.
0
 
LVL 17

Expert Comment

by:WORKS2011
ID: 37813364
Your MX record is missing, the actual report is below.

MX Records      Oh well, I did not detect any MX records so you probably don't have any and if you know you should have then they may be missing at your nameservers!
0
 
LVL 3

Expert Comment

by:tobyweston
ID: 37813645
Defo a DNS problem. DNS checks are marking Name servers as "lame", which usually means the records it holds are empty.
0
 
LVL 3

Author Comment

by:biofishfreak
ID: 37813742
So my network admin just manually reloaded (re-entered) the DNS entries and hit publish- now we wait that infamous "up to 48 hours" for replication. Thanks again for the help everyone, and I'll keep this thread updated.
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 17

Expert Comment

by:WORKS2011
ID: 37813757
it already shows an ip when doing an nslookup
0
 
LVL 3

Expert Comment

by:tobyweston
ID: 37813776
MX records are also showing now.
0
 
LVL 17

Expert Comment

by:WORKS2011
ID: 37813795
keep an eye on nslookup, my first test resolved to 66.11.236.100 and now it doesn't resolve again. Is this the correct ip? Could still be the time it takes for DNS to propagate. I'm a little concerned it shows then disappears, there may be a problem with the registrars DNS but most likely still updating.

On your server you can do an ipconfig /flushdns which won't hurt to clear up old records.

Since writing this post it's now resolving the ip 9 out of 10 times, appears to be getting better.
0
 
LVL 17

Expert Comment

by:WORKS2011
ID: 37813814
report is much better now at intodns.com
0
 
LVL 3

Author Comment

by:biofishfreak
ID: 37813881
Everything is appearing better now... I'm still doing testing and not having external emails show up on my inbox. I'm going to check a few more things/ wait some more before I start freaking out again.
0
 
LVL 17

Expert Comment

by:WORKS2011
ID: 37813892
If you have a SBS run the connect to internet and fix my network wizards, SBS loves the built in wizards.
0
 
LVL 3

Author Comment

by:biofishfreak
ID: 37813901
Haha. No, I'm just running 2008 Standard.
0
 
LVL 17

Expert Comment

by:WORKS2011
ID: 37813934
Cool, just eliminating any possibilities.
0
 
LVL 3

Author Comment

by:biofishfreak
ID: 37814103
So there's a ticket open with our DNS provider, and it appears to be a routing table issue with a core router. They also said that Hong Kong and Florida can access the site fine, but California and Ukraine can't. Good to know.
0
 
LVL 3

Author Closing Comment

by:biofishfreak
ID: 37817652
The issue was resolved, apparently our DNS provider's NameServer (NS) was responding as online but had no entries in it- that's why requests weren't going to the second NS. I'm not sure why in intodns.com didn't find anything when looking at both NS, but I'm going to accept it since it's not technically my issue (it's the network admin's.) Extra points go to WORKS2011 for the intodns.com site, as that's a great tool. Otherwise points are split based on activity on the issue (more or less.)

Thanks everyone!
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

Easy CSR creation in Exchange 2007,2010 and 2013
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
In this video we show how to create a User Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Mailb…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now