fbanda
asked on
Exchange Server 2013 Cannot Receive External Mail?
Hi,
I have just finished a new installation of Exchange Server 2013 on Windows Server 2012.
The trouble is that though the server can send out both internal and external mail but it cannot receive external/internet emails.
Below is a result from the test exchange connectivity. I have replaced the actual name of the domian with xxxx.
Attempting to send a test email message to test@xxxx.co.zm using MX xxxx.co.zm.
Delivery of the test email message failed.
Additional Details
The server returned status code 451 - Error in processing. The server response was: Temporary local problem - please try later
Exception details:
Message: Error in processing. The server response was: Temporary local problem - please try later
Type: System.Net.Mail.SmtpExcept
Stack trace:
at System.Net.Mail.RecipientC
at System.Net.Mail.RecipientC
at System.Net.Mail.SmtpTransp
at System.Net.Mail.SmtpClient
at Microsoft.Exchange.Tools.E
Elapsed Time: 2591 ms.
I have just finished a new installation of Exchange Server 2013 on Windows Server 2012.
The trouble is that though the server can send out both internal and external mail but it cannot receive external/internet emails.
Below is a result from the test exchange connectivity. I have replaced the actual name of the domian with xxxx.
Attempting to send a test email message to test@xxxx.co.zm using MX xxxx.co.zm.
Delivery of the test email message failed.
Additional Details
The server returned status code 451 - Error in processing. The server response was: Temporary local problem - please try later
Exception details:
Message: Error in processing. The server response was: Temporary local problem - please try later
Type: System.Net.Mail.SmtpExcept
Stack trace:
at System.Net.Mail.RecipientC
at System.Net.Mail.RecipientC
at System.Net.Mail.SmtpTransp
at System.Net.Mail.SmtpClient
at Microsoft.Exchange.Tools.E
Elapsed Time: 2591 ms.
guswebb
Do the MX records for your domain point towards the correct public IP address for your Exchange server? Is your router forward traffic on port 25 to the Exchange server on your LAN? If either of these things aren't in place you would see the issue you describe. Please provide more information regarding MX records and port forwarding/firewalling so we can better assist you.
ASKER
Hi guswebb,
The router is configured to do port forwarding on 25 correctly. I need to verify if the MX record for our domain point to the correct IP address. These records are handled by our isp.
How can i verify that? I have tried doing an nslookup and the answer seems to be producing the correct IP address.
thanks.
The router is configured to do port forwarding on 25 correctly. I need to verify if the MX record for our domain point to the correct IP address. These records are handled by our isp.
How can i verify that? I have tried doing an nslookup and the answer seems to be producing the correct IP address.
thanks.
open command prompt
type nslookup and press enter
type set type=mx and press enter
type your domain name and press enter
The results will show the mx records for your domain. Is the DNS entry for your Exchange Server's IP listed there e.g. mail.mydomain.com. If so, what is its priority vs. any other MX records that might be listed.
type nslookup and press enter
type set type=mx and press enter
type your domain name and press enter
The results will show the mx records for your domain. Is the DNS entry for your Exchange Server's IP listed there e.g. mail.mydomain.com. If so, what is its priority vs. any other MX records that might be listed.
ASKER
hi see the output below:
C:\Users\Francis>nslookup
Default Server: ZXDSL831II.home
Address: 192.168.1.1
> set type=mx
> xxxx.co.zm
Server: ZXDSL831II.home
Address: 192.168.1.1
Non-authoritative answer:
xxxx.co.zm MX preference = 10, mail exchanger = customer-mail-relay1.afric
nnect.com
xxxx.co.zm MX preference = 20, mail exchanger = customer-mail-relay3.afric
nnect.com
xxxx.co.zm MX preference = 0, mail exchanger = xxxx.co.zm
C:\Users\Francis>nslookup
Default Server: ZXDSL831II.home
Address: 192.168.1.1
> set type=mx
> xxxx.co.zm
Server: ZXDSL831II.home
Address: 192.168.1.1
Non-authoritative answer:
xxxx.co.zm MX preference = 10, mail exchanger = customer-mail-relay1.afric
nnect.com
xxxx.co.zm MX preference = 20, mail exchanger = customer-mail-relay3.afric
nnect.com
xxxx.co.zm MX preference = 0, mail exchanger = xxxx.co.zm
The bottom entry (with preference = 0)...is that mail exchanger address the correct place for your mail to be flowing to? i.e. does that resolve to your Exchange Server's public IP address?
ASKER
Yes, thats the correct place for mail to flow. However, when i ping xxxx.co.zm it resolves to one of the ISP's mail servers.
And when i ping mail.xxxx.co.zm it resolves to my Exchange Server's public IP address.
And when i ping mail.xxxx.co.zm it resolves to my Exchange Server's public IP address.
You mention mail.xxxx.co.zm being the correct IP for your Exchange Server however mail.xxxx.co.zm is not the address in the bottom MX record. I assume when you ping xxxx.co.zm you are simply pinging the web server for your domain, which is hosted on your ISP's domain hosting space.
This is your problem as mail is currently being routed to xxxx.co.zm and not to mail.xxxx.co.zm where your Exchange Server actually resides. If you don't have control over this directly, you need to ask your ISP to change the DNS record for MX preference = 0 to be...
xxxx.co.zm MX preference = 0, mail exchanger = mail.xxxx.co.zm
That should fix it, assuming your firewall/router is also configured correctly. Can you run one more test? In a command prompt, run the following...
telnet mail.xxxx.co.zm 25
..you should get the SMTP banner from your Exchange Server. If so, then the above MX record change will resolve your problem. If you don't see the Exchange Sever banner, then you have a routing issue from your router/firewall to your Exchange Server.
This is your problem as mail is currently being routed to xxxx.co.zm and not to mail.xxxx.co.zm where your Exchange Server actually resides. If you don't have control over this directly, you need to ask your ISP to change the DNS record for MX preference = 0 to be...
xxxx.co.zm MX preference = 0, mail exchanger = mail.xxxx.co.zm
That should fix it, assuming your firewall/router is also configured correctly. Can you run one more test? In a command prompt, run the following...
telnet mail.xxxx.co.zm 25
..you should get the SMTP banner from your Exchange Server. If so, then the above MX record change will resolve your problem. If you don't see the Exchange Sever banner, then you have a routing issue from your router/firewall to your Exchange Server.
ASKER
Kindly see output below for the telnet from outside the network
Microsoft Windows [Version 6.2.9200]
(c) 2012 Microsoft Corporation. All rights reserved.
C:\Users\Francis>telnet mail.xxxx.co.zm 25
220 Mailserver.xxxx.local Microsoft ESMTP MAIL Service ready at Sun, 15 Dec
2013 19:59:21 +0200
Microsoft Windows [Version 6.2.9200]
(c) 2012 Microsoft Corporation. All rights reserved.
C:\Users\Francis>telnet mail.xxxx.co.zm 25
220 Mailserver.xxxx.local Microsoft ESMTP MAIL Service ready at Sun, 15 Dec
2013 19:59:21 +0200
Great, so your Exchange Server is responding correctly via its public IP address. All you have to do now is make sure the MX record is updated as per above instructions. Ask your ISP (or whoever manages your domain records) to update this if you don't have access to the DNS tools for your domain. To re-cap, this is what needs changing...
xxxx.co.zm MX preference = 0, mail exchanger = xxxx.co.zm
...needs to be...
xxxx.co.zm MX preference = 0, mail exchanger = mail.xxxx.co.zm
xxxx.co.zm MX preference = 0, mail exchanger = xxxx.co.zm
...needs to be...
xxxx.co.zm MX preference = 0, mail exchanger = mail.xxxx.co.zm
ASKER
Thanks a million guswebb!!
I shall revert to you as soon as i have these changes made by my ISP as i dont have control of this.
These changes can only take place tommorrow as the guys are not on duty as we chat.
Thanks again.
I shall revert to you as soon as i have these changes made by my ISP as i dont have control of this.
These changes can only take place tommorrow as the guys are not on duty as we chat.
Thanks again.
ASKER
Hi,
The mx records were changed and mail started flowing. However after about 4 hours mail stopped flowing again.
Now, i have left the site and i cannot even RDP into the server to check whats happening.
I can however, telnet into it fine. Am i allowed to give the actual FQDN here?
See the new changes below:
> set type=mx
> xxxx.co.zm
Server: ns1.microlink.zm
Address: 197.220.196.40
Non-authoritative answer:
xxxx.co.zm MX preference = 10, mail exchanger = customer-mail-relay1.afric
nnect.com
xxxx.co.zm MX preference = 20, mail exchanger = customer-mail-relay3.afric
nnect.com
xxxx.co.zm MX preference = 0, mail exchanger = mail.xxxx.co.zm
xxxx.co.zm nameserver = ns1.satwise.com
xxxx.co.zm nameserver = ns3.iconnect.zm
mail.xxxx.co.zm internet address = xxxxxxxxx(correct public ip address)
ns3.iconnect.zm internet address = 196.12.12.87
The mx records were changed and mail started flowing. However after about 4 hours mail stopped flowing again.
Now, i have left the site and i cannot even RDP into the server to check whats happening.
I can however, telnet into it fine. Am i allowed to give the actual FQDN here?
See the new changes below:
> set type=mx
> xxxx.co.zm
Server: ns1.microlink.zm
Address: 197.220.196.40
Non-authoritative answer:
xxxx.co.zm MX preference = 10, mail exchanger = customer-mail-relay1.afric
nnect.com
xxxx.co.zm MX preference = 20, mail exchanger = customer-mail-relay3.afric
nnect.com
xxxx.co.zm MX preference = 0, mail exchanger = mail.xxxx.co.zm
xxxx.co.zm nameserver = ns1.satwise.com
xxxx.co.zm nameserver = ns3.iconnect.zm
mail.xxxx.co.zm internet address = xxxxxxxxx(correct public ip address)
ns3.iconnect.zm internet address = 196.12.12.87
Great, so the DNS correction to your MX record resolved the initial issue as expected. If mail is not flowing now, and assuming the new DNS changes haven't been replaced by something else in the meantime, then there may be another issue that is affecting mail flow.
You can disclose the FQDN here if you like, however most people choose to redact any potentially sensitive information such as that - it's up to you!
If you are able to telnet the address mail.xxxx.co.zm on port 25 then mail to your domain should flow just fine. Do you have anything in your Exchange Server logs that might give a clue as to what is happening when inbound mail is trying to be delivered? Are internal and outbound mails still flowing ok?
You can disclose the FQDN here if you like, however most people choose to redact any potentially sensitive information such as that - it's up to you!
If you are able to telnet the address mail.xxxx.co.zm on port 25 then mail to your domain should flow just fine. Do you have anything in your Exchange Server logs that might give a clue as to what is happening when inbound mail is trying to be delivered? Are internal and outbound mails still flowing ok?
ASKER
Hi,
Right now i cannot login to the server as am not on site. RDP is not responding too.
I have been using the web interface to test mail flow but now that is not responding too for me to give you accurate information.
However am able to telnet. The FQDN is mail.farmarama.co.zm.
How do i check the logs once am on site tomorrow?
whats the time difference between your side and mine. Right now its 9:48pm my side.
Thanks.
Right now i cannot login to the server as am not on site. RDP is not responding too.
I have been using the web interface to test mail flow but now that is not responding too for me to give you accurate information.
However am able to telnet. The FQDN is mail.farmarama.co.zm.
How do i check the logs once am on site tomorrow?
whats the time difference between your side and mine. Right now its 9:48pm my side.
Thanks.
The other thing to note is that DNS changes can take up to 48hrs to propagate fully, so it may be an intermittent blip due to those changes not being reflected fully across the net. In my experience they usually propagate well within 12hrs but that may not be the case for you here.
7.55pm here.
Your mail server is responding fine on port 25 so mail should flow.
The logs I was referring to would just be in event viewer on the server.
Just ran some checks on your domain and there are a few issues to address..see here
http://mxtoolbox.com/domain/mail.farmarama.co.zm/?source=findmonitors
A couple of things you can get your ISP/DNS record manager to update tomorrow:
SPF record: Follow this link https://www.microsoft.com/mscorp/safety/content/technologies/senderid/wizard/
Reverse DNS: Ask your ISP to update the reverse DNS on your IP address to reflect mail.farmarama.co.zm
Both of the above will help with your outbound mail delivery.
Your mail server is responding fine on port 25 so mail should flow.
The logs I was referring to would just be in event viewer on the server.
Just ran some checks on your domain and there are a few issues to address..see here
http://mxtoolbox.com/domain/mail.farmarama.co.zm/?source=findmonitors
A couple of things you can get your ISP/DNS record manager to update tomorrow:
SPF record: Follow this link https://www.microsoft.com/mscorp/safety/content/technologies/senderid/wizard/
Reverse DNS: Ask your ISP to update the reverse DNS on your IP address to reflect mail.farmarama.co.zm
Both of the above will help with your outbound mail delivery.
ASKER
Thanks for the valuable information. I shall get back to you as soon as am on site tommorrow.
Thanks.
Thanks.
First of you should check received connector setting and then please check it out your MX is working well.
ASKER
Hi,
Mail is coming through but outgoing is now stuck in the draft. This is by using the web app.
Am unable to start Outlook 2013 on the client computers and shows this error
"Cannot start Microsoft Outlook. Cannot open the Outlook window. The set of folders cannot be opened. You must connect to Microsoft Exchange with the current profile before you can synchronize your folders with Outlook data file (.ost)."
Kindly note that i have not joined the client computers to the domain yet.
Mail is coming through but outgoing is now stuck in the draft. This is by using the web app.
Am unable to start Outlook 2013 on the client computers and shows this error
"Cannot start Microsoft Outlook. Cannot open the Outlook window. The set of folders cannot be opened. You must connect to Microsoft Exchange with the current profile before you can synchronize your folders with Outlook data file (.ost)."
Kindly note that i have not joined the client computers to the domain yet.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.