General discussion

Locked

Exchange 5.5 - cannot receive messages

By Rabbit_Runner ·
Setup: I have been working with a small network which has developed a problem. It is 2k Domain and 2 DCs. DSL connection through a Linux firewall. They have small web site, ftp, and Exchange for email. They are running DNS.
Problem: Their email was working just fine last Friday. Then about noon, they stopped receiving any email. They can send just fine, but not able to receive. Internal messages work fine. After investigating, I learned...
There are no errors in the event viewer. Everything will reslove with DNS, both internally and externally. When looking at the DNS records, internally, I notice that the MX record is not correct. The correction is made and DNS is flushed and then renewed. The exchange server has been shut down and rebooted with no effect. All of the MS Exchange Services are working and startup normally. SMTP configuration is okay and all settings are correct. In addition, they are running Norton AV and their definitions are current.
Can anyone give me some ideas on what else to look for or what else to check? Any help at this point would be apprecitated.

Michael R.

This conversation is currently closed to new comments.

10 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

by Joseph Moore In reply to Exchange 5.5 - cannot rec ...

Are users on the Internet (outside of this office) getting a mail bounce back message? If so, what is the SMTP error?
And are you sure the MX records are OK?
Can you hit the mail server from the Internet, as in is TCP port 25 being blocked?
What is the domain name, if you are OK in releasing that info?

Collapse -

by Joseph Moore In reply to

"Port 25 on the Linux firewall is pointing to server2, the exchange server. Incoming would be port 110 (POP3) and outgoing would be port 25."
Wait, let me see if I understand this statement.
You have TCP port 110 open on the firewall for Inbound access from the Internet.
But, is TCP port 25 ALSO open on the firewall for Inbound access also? It seems by this statement that you have port 25 closed.
You need to open port 25 for inbound access from the Internet. This is how the SMTP servers will talk to your SMTP server. If port 25 is not open, the Yahoo.com mail servers won't be able to send e-mail to you. Mail traffic runs on port 25. POP3 mail actually is not used in mail transmittal between mail servers. They use SMTP.
At least, that is how I understand how mail servers communicate.
So, is port 25 open for inbound access from the Internet?
And the public MX record visible on the Internet is correct, right? It does NOT point to the 192.168.x.x address you posted?
If I did an NSLOOKUP for your mail server, I will get its private IP address that is live on the Internet, right?

Collapse -

by Rabbit_Runner In reply to

Poster rated this answer.
Thanks for your help. We are not certain what was causing the issue. That day, there was an interruption in the power to the building and all systems had to be shut down. Once power was restored, there was a flood of messages coming in. Because of the power outage and the time delay, further diagnostics was not possible. It is currentlly working fine at the moment and we are keeping an eye on things.

Michael R.

Collapse -

by Rabbit_Runner In reply to Exchange 5.5 - cannot rec ...

All internet users are getting this message...
Message from yahoo.com.
Unable to deliver message to the following address(es).

<user@mydomain.com>:
Sorry, I wasn't able to establish an SMTP connection. (#4.4.1)
I'm not going to try again; this message has been in the queue too
long.
The MX record is pointing directly to the exchange server. There are three records.
mail A 192.168.1.5
server2 A 192.168.1.5
(same as parent folder) MX [10] server2

All of the web sites are on the same server and these sites are working with no problems.

Port 25 on the Linux firewall is pointing to server2, the exchange server. Incoming would be port 110 (POP3) and outgoing would be port 25.

Due to secuity reasons and server owner request, the domain name is not to be released.

Any additional information? Thanks

Michael R.

Collapse -

by Rabbit_Runner In reply to Exchange 5.5 - cannot rec ...

Here is another error message from a recipient who's message bounced..

Your message did not reach some or all of the intended recipients.

Subject:
Sent: 1/30/2004 11:49 AM

The following recipient(s) could not be reached:

'administrator@<mydomain.com>' on 1/30/2004 6:26 PM
The recipient was unavailable to take delivery of the message
The MTS-ID of the original message is: c=US;a= ;p=<city name> Gr;l=SERVER-040130164846Z-2
MSEXCH:IMS:<organization name> :<domain name>:SERVER 3499 (000B09AA) Host unreachable

Collapse -

by CG IT In reply to Exchange 5.5 - cannot rec ...

I'm with Joe lemme get this straight POP3 mail for the public to send you mail SMTP for you to send mail to the public.

port 25 outbound is open [no mention of port 25 inbound open] and port 110 open open inbound for POP3 mail [no mention of port 110 open outbound.

possible problem with MX record which was corrected and YOUR dns server stale records were scavenged.

DNS resolution is to <yourdomain.com> including mail but not POP3 mail as that goes to another accoutn and domain name [yahoo.com]

IMO the problem is propogation of the correct MX record IP to Name to other internet NS servers who ask WhoIS. What was/is your TTL for those records?

If it's past the TTL for the record, you might have some authoritative NS server out there hanging on to an old record.

Collapse -

by Rabbit_Runner In reply to

Poster rated this answer.
Thanks for your help. We are not certain what was causing the issue. That day, there was an interruption in the power to the building and all systems had to be shut down. Once power was restored, there was a flood of messages coming in. Because of the power outage and the time delay, further diagnostics was not possible. It is currentlly working fine at the moment and we are keeping an eye on things.

Michael R.

Collapse -

by Rabbit_Runner In reply to Exchange 5.5 - cannot rec ...

Just did a double check. Port 25 TCP is open on the Linux firewall, as well as Port 110. I compared the settings with another firewall and they match. No changes on the firewall have been made is several weeks.
Also, I did an NSLOOKUP (from outside on the internet) for mail.mydomain.com and it resolved to the public IP for the domain. An NSLOOKUP from within the network, resolves to 192.168.1.5, the Exchange server. The DNS records provided earlier are from within the LAN. From outside on the internet, any NSLOOKUP for (mail,www,ftp).mydomain.com will resolve to the public IP address.
My thinking is that the problem is related to something within Exchange 5.5. But I am open to any suggestion for something which I may have over looked.

Collapse -

by Rabbit_Runner In reply to Exchange 5.5 - cannot rec ...

PORTS:
At this particular site, all ports on the Linux firewall are open to 'outgoing' traffic. Incoming ports which are open are 25,110,80,21. Ports 25,110, and 80 are forwarded to 'server2'. Port 21 is forwarded to 'server1'. Server2 (Exchange server) handles all incoming and outgoing messages for this organization. The Yahoo error message was from someone who also has an email account at Yahoo. This Yahoo account was used simply as a gest to see if outside messages could be received.

DNS:
The Internet (outside) DNS server points anything with ?????.mydomain.com to the IP address of this organization. This is all handled by the DNS server. Whenever an IP packet is received at the Linux firewall, it is forwarded to the appropriate server.
The DNS records that were mentioned above are only for internal DNS resolution. They are not public.
I am responsible for two similar organizations and their network setup is nearly identical. The other site has no problems at all. A comparison has been made to view all settings. This includes 1)firewall 2)port forwarding 3)Internal DNS records 4)services, etc. I am not able to see any differences between the two.
About the TTL, I will check into that later today.

Collapse -

by Rabbit_Runner In reply to Exchange 5.5 - cannot rec ...

This question was closed by the author

Back to Windows Forum
10 total posts (Page 1 of 1)  

Related Discussions

Related Forums