Alex-Nicol
asked on
No incoming email direct to SBS 2003 Server
Hi There
I've recently taken on a client. They were running an SBS 2003 Server with exchange, on a dynamic IP. Emails coming through POPCon and going out through an SMTP connector.
They got hit with a SPAM attack, which I have cleared following the advice on here (thank you). I have organised and configured a static IP address, which is operational, and canyouseeme.org reports the relevants ports open and services working.
Now that emails flow directly to the server, they are not coming through. I can telnet locally (from the server) to port 25. But not externally. I know the service is operational, and the port is open.
I am looking for the next step please. The ultimate goal is for the emails to flow through a hosted spam filter before arriving at the server. But the service cannot be configured until emails are flowing properly.
Many thanks in advance for you help.
Alex
EE-N00b
I've recently taken on a client. They were running an SBS 2003 Server with exchange, on a dynamic IP. Emails coming through POPCon and going out through an SMTP connector.
They got hit with a SPAM attack, which I have cleared following the advice on here (thank you). I have organised and configured a static IP address, which is operational, and canyouseeme.org reports the relevants ports open and services working.
Now that emails flow directly to the server, they are not coming through. I can telnet locally (from the server) to port 25. But not externally. I know the service is operational, and the port is open.
I am looking for the next step please. The ultimate goal is for the emails to flow through a hosted spam filter before arriving at the server. But the service cannot be configured until emails are flowing properly.
Many thanks in advance for you help.
Alex
EE-N00b
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi Alan
Thanks for your help. I've now done that and restarted the server, but still no email :(
Thanks for your help. I've now done that and restarted the server, but still no email :(
What does it say SMTP test at www.mxtoolbox.com for your domain?
Do you have some NDR of mails tried to be sent to that server?
Do you have some NDR of mails tried to be sent to that server?
ASKER
Good thinking Darvorin
mx:acsxxxxxx.org.uk
10 mail.acsxxxxxx.org.uk <correct IP> 3hrs
Running and SMTP Test I get
You hung up on us after we connected. Please whitelist us
Reverse DNS FAILED! This is a problem..
Warning - Does not support TLS.
Server disconnected before banner was complete.
Session Transcript:
You hung up on us after we connected. Please whitelist us
Which reminds me of something I didnt undo after clearing the SPAM.....
I have now disabled all filtering I previously implemented. However I cant say it was receiving emails before as they used to come in through POPCon. SMTP Check still reports the above.
mx:acsxxxxxx.org.uk
10 mail.acsxxxxxx.org.uk <correct IP> 3hrs
Running and SMTP Test I get
You hung up on us after we connected. Please whitelist us
Reverse DNS FAILED! This is a problem..
Warning - Does not support TLS.
Server disconnected before banner was complete.
Session Transcript:
You hung up on us after we connected. Please whitelist us
Which reminds me of something I didnt undo after clearing the SPAM.....
I have now disabled all filtering I previously implemented. However I cant say it was receiving emails before as they used to come in through POPCon. SMTP Check still reports the above.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
If you are on a dynamic IP address it might be that inbound SMTP traffic is blocked by the ISP.
Simon.
Simon.
On the SMTP Virtual Server Properties, is the TCP Port specified as port 25?
General Tab> Advanced Button.
If not, please change it to port 25 and then restart the SMTP service.
General Tab> Advanced Button.
If not, please change it to port 25 and then restart the SMTP service.
ASKER
In reverse order:
Alan - TCP Port is set to 25
Sembee - It is a static IP address that is supplied by a "Business Telecoms Specialist" I have emailed to ask the question, but I suspect that port 25 will be fine for incoming mail.
Davorin - Where are the logs please? and what specifically am I looking for?
Thanks for your continued support.
Alex
Alan - TCP Port is set to 25
Sembee - It is a static IP address that is supplied by a "Business Telecoms Specialist" I have emailed to ask the question, but I suspect that port 25 will be fine for incoming mail.
Davorin - Where are the logs please? and what specifically am I looking for?
Thanks for your continued support.
Alex
You can enable SMTP logging and see the logs location under SMTP virtual server.
http://www.msexchange.org/tutorials/Logging_the_SMTP_Service.html
http://www.msexchange.org/tutorials/Logging_the_SMTP_Service.html
Can you telnet to your SBS server locally from a client PC?
telnet sbsservername 25
If you can - then at least locally all should be fine.
Is your firewall configured properly to forward TCP port 25 to your SBS server?
telnet sbsservername 25
If you can - then at least locally all should be fine.
Is your firewall configured properly to forward TCP port 25 to your SBS server?
ASKER
Alan
Further to Davorin's question I went clicking through Menu's and found the CONNECTION one, which set to Only the list below:- and the list was blank. Something that was part of a suggestion for clearing the spam problem. I changed this back to All except the list below. And now the emails are flowing again.
However this has only been in place for 4 hours and I already had 7 separate queues of 10 emails each of postmaster emails to spurious addresses.
I'm assuming this is people trying to send through the server, or is it responses to more spam email?
Apologies for the frenetic nature of this post, I really don't want to spend 72 hours clearing 115,000 emails again! :)
Further to Davorin's question I went clicking through Menu's and found the CONNECTION one, which set to Only the list below:- and the list was blank. Something that was part of a suggestion for clearing the spam problem. I changed this back to All except the list below. And now the emails are flowing again.
However this has only been in place for 4 hours and I already had 7 separate queues of 10 emails each of postmaster emails to spurious addresses.
I'm assuming this is people trying to send through the server, or is it responses to more spam email?
Apologies for the frenetic nature of this post, I really don't want to spend 72 hours clearing 115,000 emails again! :)
Postmaster emails is generally a sign of spammers sending emails to invalid Recipients on your server and you not having Recipient Filtering enabled.
Please have a read of my article which shows you how to enable this:
https://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/A_2556-Why-are-my-outbound-queues-filling-up-with-mail-I-didn't-send.html
Please have a read of my article which shows you how to enable this:
https://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/A_2556-Why-are-my-outbound-queues-filling-up-with-mail-I-didn't-send.html
http://support.microsoft.com/kb/823019
Specifically the "To Configure IP Address Restrictions" section.