[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now


DNS issues causing problems with email

Posted on 2014-02-12
Medium Priority
Last Modified: 2014-05-28
OS: SBS 2011
MS Exchange 2010
aplus.net hosting
Migration from SBS 2003 to SBS 2011
Migration from Exchange 2003 to 2010

Having problems receiving and sending email. Ran mxtoolbox.com and these are the results:

Category      Host      Result      
      https      company.com       Unable to connect to the remote server (https://company.com)
      spf      company.com       A Valid TXT Record was not found
      spf      company.com       A Valid SPF Record was not found
      dns      company.com       Local NS list does not match Parent NS list
      dns      company.com       Primary Name Server Not Listed At Parent
      dns      company.com       SOA Expire Value out of recommended range
      smtp      mail.company.com       Reverse DNS FAILED! This is a problem.
      smtp      mail.company.com       12.667 seconds - Not good! on Transaction Time

Need help with the proper way to handle these issues. Where do I start?
Question by:stcomputers
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
  • 2
  • +1

Expert Comment

by:Mandeep Khalsa
ID: 39854270
Unable to connect to remote server ... Open port 443 on your firewall. Start with that first then check MXtoolbox again. Since you are migrating, you need to adjust the firewall rules to forward the request to the correct server?
LVL 23

Assisted Solution

by:Patrick Bogers
Patrick Bogers earned 750 total points
ID: 39854275
Seems your exchange server cannot be reached from the outside world. What did you do? In place upgrade from SBS2003 to 2011 or did you install a new server?

In the latter port forwarding in your router is set to the old SBS box...

If in place upgrade, please tell us more. (is port 443 enabled everywhere and does OWA work inside/outside?)
Does the new server have internet access at all?

Author Comment

ID: 39854299
SBS 2011 is a new server (SBS2003 is still in place but is turned off)
I just verified that port 443 is enabled and pointing to the SBS 2011server
We are able to access OWA inside and outside but no new emails. Can properly access shared folders in OWA.
Yes, the new server has internet access.
 [eBook] Windows Nano Server

Download this FREE eBook and learn all you need to get started with Windows Nano Server, including deployment options, remote management
and troubleshooting tips and tricks


Expert Comment

by:Mandeep Khalsa
ID: 39854318
So OWA works but you are not getting any emails would mean that your port 25 is not pointing to the right server.

Author Comment

ID: 39854400
Please forgive me, I failed to mention that everything worked properly until Friday of last week. Was able to send and receive. Worked on cell phone also.
LVL 23

Expert Comment

by:Patrick Bogers
ID: 39854424
Did you reboot the modem/router and or server?
Did you check on mxtoolbox if you are blacklisted?

Author Comment

ID: 39854442
yes, both have been rebooted.
yes, we were blacklisted and have since cleared it. my original results from mxtoolbox showed the blacklist. what I posted is the new results after making changes and removal from the blacklist. I've also scanned the server for spyware/viruses.

Accepted Solution

Mandeep Khalsa earned 750 total points
ID: 39854450
You have to check your network for spyware/viruses as well. Many times user PC's get infected and if your firewall rules are not setup correctly they become compromised and send out spam as well. One way to do this easily is to monitor outgoing packets on port 25 and if they are coming from anywhere other than your Exchange server, you know which machines are infected.

Author Comment

ID: 39854549
So that will block the emails from coming in/out? To you recommend specific software to monitor or do you just use a command?

Expert Comment

by:Mandeep Khalsa
ID: 39854592
If your network connected PC or PC's are infected you will get back on the blacklist in no time at all or never get off them. To monitor you can use packet monitor that comes with your firewall (single point of in/out traffic) or use software like Wireshark, which may or may not require further settings like configuring port mirroring on your switch.

What firewall do you have in place? If we know what we are dealing with we can tell you if packet monitor is possible at the source or not.
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39854748
Ignore this line as well:
"smtp      mail.company.com       Reverse DNS FAILED! This is a problem."

It is a false negative result.

Blacklisting would not affect your ability to receive email, and would only affect sending of some email, not all (as not everyone uses blacklists).

Anything else change around the time email flow stopped?


Featured Post

Looking for the Wi-Fi vendor that's right for you?

We know how difficult it can be to evaluate Wi-Fi vendors, so we created this helpful Wi-Fi Buyer's Guide to help you find the Wi-Fi vendor that's right for your business! Download the guide and get started on our checklist today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

One-stop solution for Exchange Administrators to address all MS Exchange Server issues, which is known by the name of Stellar Exchange Toolkit.
On September 18, Experts Exchange launched the first installment of the Help Bell, a new feature for Premium Members, Team Accounts, and Qualified Experts. The Help Bell will serve as an additional tool to help teams increase question visibility.
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question