Solved

DNS issues causing problems with email

Posted on 2014-02-12
11
808 Views
Last Modified: 2014-05-28
OS: SBS 2011
MS Exchange 2010
aplus.net hosting
Migration from SBS 2003 to SBS 2011
Migration from Exchange 2003 to 2010


Having problems receiving and sending email. Ran mxtoolbox.com and these are the results:

Category      Host      Result      
      https      company.com       Unable to connect to the remote server (https://company.com)
      spf      company.com       A Valid TXT Record was not found
      spf      company.com       A Valid SPF Record was not found
      dns      company.com       Local NS list does not match Parent NS list
      dns      company.com       Primary Name Server Not Listed At Parent
      dns      company.com       SOA Expire Value out of recommended range
      smtp      mail.company.com       Reverse DNS FAILED! This is a problem.
      smtp      mail.company.com       12.667 seconds - Not good! on Transaction Time


Need help with the proper way to handle these issues. Where do I start?
0
Comment
Question by:stcomputers
  • 4
  • 4
  • 2
  • +1
11 Comments
 
LVL 8

Expert Comment

by:Mandeep Khalsa
ID: 39854270
Unable to connect to remote server ... Open port 443 on your firewall. Start with that first then check MXtoolbox again. Since you are migrating, you need to adjust the firewall rules to forward the request to the correct server?
0
 
LVL 20

Assisted Solution

by:Patrick Bogers
Patrick Bogers earned 250 total points
ID: 39854275
Seems your exchange server cannot be reached from the outside world. What did you do? In place upgrade from SBS2003 to 2011 or did you install a new server?

In the latter port forwarding in your router is set to the old SBS box...

If in place upgrade, please tell us more. (is port 443 enabled everywhere and does OWA work inside/outside?)
Does the new server have internet access at all?
0
 

Author Comment

by:stcomputers
ID: 39854299
SBS 2011 is a new server (SBS2003 is still in place but is turned off)
I just verified that port 443 is enabled and pointing to the SBS 2011server
We are able to access OWA inside and outside but no new emails. Can properly access shared folders in OWA.
Yes, the new server has internet access.
0
Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

 
LVL 8

Expert Comment

by:Mandeep Khalsa
ID: 39854318
So OWA works but you are not getting any emails would mean that your port 25 is not pointing to the right server.
0
 

Author Comment

by:stcomputers
ID: 39854400
Please forgive me, I failed to mention that everything worked properly until Friday of last week. Was able to send and receive. Worked on cell phone also.
0
 
LVL 20

Expert Comment

by:Patrick Bogers
ID: 39854424
Did you reboot the modem/router and or server?
Did you check on mxtoolbox if you are blacklisted?
0
 

Author Comment

by:stcomputers
ID: 39854442
yes, both have been rebooted.
yes, we were blacklisted and have since cleared it. my original results from mxtoolbox showed the blacklist. what I posted is the new results after making changes and removal from the blacklist. I've also scanned the server for spyware/viruses.
0
 
LVL 8

Accepted Solution

by:
Mandeep Khalsa earned 250 total points
ID: 39854450
You have to check your network for spyware/viruses as well. Many times user PC's get infected and if your firewall rules are not setup correctly they become compromised and send out spam as well. One way to do this easily is to monitor outgoing packets on port 25 and if they are coming from anywhere other than your Exchange server, you know which machines are infected.
0
 

Author Comment

by:stcomputers
ID: 39854549
So that will block the emails from coming in/out? To you recommend specific software to monitor or do you just use a command?
0
 
LVL 8

Expert Comment

by:Mandeep Khalsa
ID: 39854592
If your network connected PC or PC's are infected you will get back on the blacklist in no time at all or never get off them. To monitor you can use packet monitor that comes with your firewall (single point of in/out traffic) or use software like Wireshark, which may or may not require further settings like configuring port mirroring on your switch.

What firewall do you have in place? If we know what we are dealing with we can tell you if packet monitor is possible at the source or not.
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39854748
Ignore this line as well:
"smtp      mail.company.com       Reverse DNS FAILED! This is a problem."

It is a false negative result.

Blacklisting would not affect your ability to receive email, and would only affect sending of some email, not all (as not everyone uses blacklists).

Anything else change around the time email flow stopped?

Simon.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Marketers need statistics and metrics like everybody else needs oxygen. In this article we explain how to enable marketing campaign statistics for Microsoft Exchange mail.
MS Outlook is a world-class email client application that is mainly used for e-communication globally.  In this article, we will discuss the basic idea about MS Outlook, its advanced features, and types of MS Outlook File formats.
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question