• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 924
  • Last Modified:

DNS issues causing problems with email

OS: SBS 2011
MS Exchange 2010
aplus.net hosting
Migration from SBS 2003 to SBS 2011
Migration from Exchange 2003 to 2010


Having problems receiving and sending email. Ran mxtoolbox.com and these are the results:

Category      Host      Result      
      https      company.com       Unable to connect to the remote server (https://company.com)
      spf      company.com       A Valid TXT Record was not found
      spf      company.com       A Valid SPF Record was not found
      dns      company.com       Local NS list does not match Parent NS list
      dns      company.com       Primary Name Server Not Listed At Parent
      dns      company.com       SOA Expire Value out of recommended range
      smtp      mail.company.com       Reverse DNS FAILED! This is a problem.
      smtp      mail.company.com       12.667 seconds - Not good! on Transaction Time


Need help with the proper way to handle these issues. Where do I start?
0
stcomputers
Asked:
stcomputers
  • 4
  • 4
  • 2
  • +1
2 Solutions
 
Mandeep KhalsaCommented:
Unable to connect to remote server ... Open port 443 on your firewall. Start with that first then check MXtoolbox again. Since you are migrating, you need to adjust the firewall rules to forward the request to the correct server?
0
 
Patrick BogersDatacenter platform engineer LindowsCommented:
Seems your exchange server cannot be reached from the outside world. What did you do? In place upgrade from SBS2003 to 2011 or did you install a new server?

In the latter port forwarding in your router is set to the old SBS box...

If in place upgrade, please tell us more. (is port 443 enabled everywhere and does OWA work inside/outside?)
Does the new server have internet access at all?
0
 
stcomputersAuthor Commented:
SBS 2011 is a new server (SBS2003 is still in place but is turned off)
I just verified that port 443 is enabled and pointing to the SBS 2011server
We are able to access OWA inside and outside but no new emails. Can properly access shared folders in OWA.
Yes, the new server has internet access.
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell┬« is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
Mandeep KhalsaCommented:
So OWA works but you are not getting any emails would mean that your port 25 is not pointing to the right server.
0
 
stcomputersAuthor Commented:
Please forgive me, I failed to mention that everything worked properly until Friday of last week. Was able to send and receive. Worked on cell phone also.
0
 
Patrick BogersDatacenter platform engineer LindowsCommented:
Did you reboot the modem/router and or server?
Did you check on mxtoolbox if you are blacklisted?
0
 
stcomputersAuthor Commented:
yes, both have been rebooted.
yes, we were blacklisted and have since cleared it. my original results from mxtoolbox showed the blacklist. what I posted is the new results after making changes and removal from the blacklist. I've also scanned the server for spyware/viruses.
0
 
Mandeep KhalsaCommented:
You have to check your network for spyware/viruses as well. Many times user PC's get infected and if your firewall rules are not setup correctly they become compromised and send out spam as well. One way to do this easily is to monitor outgoing packets on port 25 and if they are coming from anywhere other than your Exchange server, you know which machines are infected.
0
 
stcomputersAuthor Commented:
So that will block the emails from coming in/out? To you recommend specific software to monitor or do you just use a command?
0
 
Mandeep KhalsaCommented:
If your network connected PC or PC's are infected you will get back on the blacklist in no time at all or never get off them. To monitor you can use packet monitor that comes with your firewall (single point of in/out traffic) or use software like Wireshark, which may or may not require further settings like configuring port mirroring on your switch.

What firewall do you have in place? If we know what we are dealing with we can tell you if packet monitor is possible at the source or not.
0
 
Simon Butler (Sembee)ConsultantCommented:
Ignore this line as well:
"smtp      mail.company.com       Reverse DNS FAILED! This is a problem."

It is a false negative result.

Blacklisting would not affect your ability to receive email, and would only affect sending of some email, not all (as not everyone uses blacklists).

Anything else change around the time email flow stopped?

Simon.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

  • 4
  • 4
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now