Solved

DNS issues causing problems with email

Posted on 2014-02-12
11
784 Views
Last Modified: 2014-05-28
OS: SBS 2011
MS Exchange 2010
aplus.net hosting
Migration from SBS 2003 to SBS 2011
Migration from Exchange 2003 to 2010


Having problems receiving and sending email. Ran mxtoolbox.com and these are the results:

Category      Host      Result      
      https      company.com       Unable to connect to the remote server (https://company.com)
      spf      company.com       A Valid TXT Record was not found
      spf      company.com       A Valid SPF Record was not found
      dns      company.com       Local NS list does not match Parent NS list
      dns      company.com       Primary Name Server Not Listed At Parent
      dns      company.com       SOA Expire Value out of recommended range
      smtp      mail.company.com       Reverse DNS FAILED! This is a problem.
      smtp      mail.company.com       12.667 seconds - Not good! on Transaction Time


Need help with the proper way to handle these issues. Where do I start?
0
Comment
Question by:stcomputers
  • 4
  • 4
  • 2
  • +1
11 Comments
 
LVL 8

Expert Comment

by:Mandeep Khalsa
ID: 39854270
Unable to connect to remote server ... Open port 443 on your firewall. Start with that first then check MXtoolbox again. Since you are migrating, you need to adjust the firewall rules to forward the request to the correct server?
0
 
LVL 19

Assisted Solution

by:Patricksr1972
Patricksr1972 earned 250 total points
ID: 39854275
Seems your exchange server cannot be reached from the outside world. What did you do? In place upgrade from SBS2003 to 2011 or did you install a new server?

In the latter port forwarding in your router is set to the old SBS box...

If in place upgrade, please tell us more. (is port 443 enabled everywhere and does OWA work inside/outside?)
Does the new server have internet access at all?
0
 

Author Comment

by:stcomputers
ID: 39854299
SBS 2011 is a new server (SBS2003 is still in place but is turned off)
I just verified that port 443 is enabled and pointing to the SBS 2011server
We are able to access OWA inside and outside but no new emails. Can properly access shared folders in OWA.
Yes, the new server has internet access.
0
 
LVL 8

Expert Comment

by:Mandeep Khalsa
ID: 39854318
So OWA works but you are not getting any emails would mean that your port 25 is not pointing to the right server.
0
 

Author Comment

by:stcomputers
ID: 39854400
Please forgive me, I failed to mention that everything worked properly until Friday of last week. Was able to send and receive. Worked on cell phone also.
0
What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

 
LVL 19

Expert Comment

by:Patricksr1972
ID: 39854424
Did you reboot the modem/router and or server?
Did you check on mxtoolbox if you are blacklisted?
0
 

Author Comment

by:stcomputers
ID: 39854442
yes, both have been rebooted.
yes, we were blacklisted and have since cleared it. my original results from mxtoolbox showed the blacklist. what I posted is the new results after making changes and removal from the blacklist. I've also scanned the server for spyware/viruses.
0
 
LVL 8

Accepted Solution

by:
Mandeep Khalsa earned 250 total points
ID: 39854450
You have to check your network for spyware/viruses as well. Many times user PC's get infected and if your firewall rules are not setup correctly they become compromised and send out spam as well. One way to do this easily is to monitor outgoing packets on port 25 and if they are coming from anywhere other than your Exchange server, you know which machines are infected.
0
 

Author Comment

by:stcomputers
ID: 39854549
So that will block the emails from coming in/out? To you recommend specific software to monitor or do you just use a command?
0
 
LVL 8

Expert Comment

by:Mandeep Khalsa
ID: 39854592
If your network connected PC or PC's are infected you will get back on the blacklist in no time at all or never get off them. To monitor you can use packet monitor that comes with your firewall (single point of in/out traffic) or use software like Wireshark, which may or may not require further settings like configuring port mirroring on your switch.

What firewall do you have in place? If we know what we are dealing with we can tell you if packet monitor is possible at the source or not.
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39854748
Ignore this line as well:
"smtp      mail.company.com       Reverse DNS FAILED! This is a problem."

It is a false negative result.

Blacklisting would not affect your ability to receive email, and would only affect sending of some email, not all (as not everyone uses blacklists).

Anything else change around the time email flow stopped?

Simon.
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

Utilizing an array to gracefully append to a list of EmailAddresses
Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
how to add IIS SMTP to handle application/Scanner relays into office 365.

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now