Can Receive Emails but can't send
I'm have a huge problem with exchange server emails. All the users can receive external and internal emails, but none of them can send emails to anything outside the organization. This has been going on for a week now, but it seemed to mysteriously fix itself on Monday, but then on Tuesday it was back to not sending emails. When I look in the message tracking properties this is what I see for any outbound emails: SMTP Store Driver: Message Submitted from Store SMTP: Message Submitted to Advanced Queuing SMTP: Started Message Submission to Advanced Queue SMTP: Message Submitted to Categorizer SMTP: Message Categorized and Queued for Routing SMTP: Message Routed and Queued for Remote Deilvery and that's where it gets stuck, it never reaches the destination. I don't know if it is a dns issue because thier website can be accessed fine (and the website is residing on the same server as the emails)(both are part of the default website in iis). The dns records and mx records were created using editdns.net and the domain records (on register.com) were updated to reflect the editdns servers. My server has a static ip of: 192.168.xx.xx ip 255.255.255.0 subnet 192.168.XX.1 default gateway 64.59.135.xx dns2 64.59.135.xx dns2 the 2 dns addresses are the dns of the ISP, should they be the ones from editdns.net or should they be something diffrent? I've tried everything I can think of to get smtp working. I have restarted SMTP, IIS, and all other services related to email, I've flushed and registered the dns. a nslookup will resolve successfully. I've checked the forward and reverse lookup zones, and as far as I can tell there is nothing wrong there. Also I can't access OWA from any computer inside or outside the network (although I could beofre), I don't know if this has anything to do with it. Please help me as this is way, way over my head. If you need anymore information I'll be glad to tell you anything you need. I just want to get this issue resolved. Thank You.
September 16th, 2009 10:26pm
As per my understanding your mailining system is Excahnge 2003..Well can u send me the smtpdiag.exe eportDownload sitehttp://www.microsoft.com/downloads/details.aspx?familyid=bc1881c7-925d-4a29-bd42-71e8563c80a9&displaylang=enSyntax:Smtpdiag.exe user@u'rdomain.com user@xternaldoamin.com /v
Free Windows Admin Tool Kit Click here and download it now
September 16th, 2009 11:19pm
Here are the results. I've changes the ip addresses and internal and external domain names (for privacy). I know that the external domain works because I have been sending and receiving email on it all day. Searching for Exchange external DNS settings. Computer name is SERVER. VSI 1 has the following external DNS servers: There are no external DNS servers configured. Checking SOA for ExternalDomain.com. Checking external DNS servers. Checking internal DNS servers. Checking TCP/UDP SOA serial number using DNS server [64.59.xxx.xxx]. TCP test succeeded. UDP test succeeded. Serial number: 12 Checking TCP/UDP SOA serial number using DNS server [64.59.xxx.xxx]. TCP test succeeded. UDP test succeeded. Serial number: 12 SOA serial number match: Passed. Checking local domain records. Starting TCP and UDP DNS queries for the local domain. This test will try to validate that DNS is set up correctly for inbound mail. This test can fail for 3 reasons. 1) Local domain is not set up in DNS. Inbound mail cannot be routed to local mailboxes. 2) Firewall blocks TCP/UDP DNS queries. This will not affect inbound mail, but will affect outbound mail. 3) Internal DNS is unaware of external DNS settings. This is a valid configuration for certain topologies. Checking MX records using TCP: InternalDomain.com. A: InternalDomain.com [70.65.xxx.xxx] Checking MX records using UDP: InternalDomain.com. A: InternalDomain.com [70.65.xxx.xxx] Both TCP and UDP queries succeeded. Local DNS test passed. Checking remote domain records. Starting TCP and UDP DNS queries for the remote domain. This test will try to validate that DNS is set up correctly for outbound mail. This test can fail for 3 reasons. 1) Firewall blocks TCP/UDP queries which will block outbound mail. Windows 2000/NT Server requires TCP DNS queries. Windows Server 2003 will use UDP queries first, then fall back to TCP queries. 2) Internal DNS does not know how to query external domains. You must either use an external DNS server or configure DNS server to query external domains. 3) Remote domain does not exist. Failure is expected. Checking MX records using TCP: ExternalDomain.com. MX: smtp.ExternalDomain.com (20) MX: mail.ExternalDomain.com (10) A: mail.ExternalDomain.com [70.65.zzz.zzz] A: smtp.ExternalDomain.com [70.65.zzz.zzz] Checking MX records using UDP: ExternalDomain.com. MX: mail.ExternalDomain.com (10) MX: smtp.ExternalDomain.com (20) Both TCP and UDP queries succeeded. Remote DNS test passed. Checking MX servers listed for tech.support@ExternalDomain.com. Connecting to mail.ExternalDomain.com [70.65.zzz.zzz] on port 25. Connecting to the server failed. Error: 10060 Failed to submit mail to mail.ExternalDomain.com. Connecting to smtp.ExternalDomain.com [70.65.zzz.zzz] on port 25. Connecting to the server failed. Error: 10060 Failed to submit mail to smtp.ExternalDomain.com.
September 17th, 2009 12:51am
If the mail has stuck in the queue, please see the additional information on that queue (Reference)
Please disable all the 3rd party software temporarily on the exchange server, including the firewall, and check the issue
Please try to Telnet the undeliverable external domains from Internet-facing exchange server, see if theres further error info
Please run the ExBPA against the exchange server for a health check
The similar symptom will occur if theres no reverse DNS record for your exchange server, please refer to answers in this thread to create the record
Free Windows Admin Tool Kit Click here and download it now
September 17th, 2009 1:00pm
My server has a static ip of: 192.168.xx.xx ip 255.255.255.0 subnet 192.168.XX.1 default gateway 64.59.135.xx dns2 64.59.135.xx dns2 the 2 dns addresses are the dns of the ISP, should they be the ones from editdns.net or should they be something diffrent? I've tried everything I can think of to get smtp working. I have restarted SMTP, IIS, and all other services related to email, I've flushed and registered the dns. a nslookup will resolve successfully. I've checked the forward and reverse lookup zones, and as far as I can tell there is nothing wrong there. Also I can't access OWA from any computer inside or outside the network (although I could beofre), I don't know if this has anything to do with it. Please help me as this is way, way over my head. If you need anymore information I'll be glad to tell you anything you need. I just want to get this issue resolved. Thank You.
Shouldn't your DNS servers on all servers point to your W2Kx DC (DNS) and then the DC in DNS have forwarders to the IP's of your ISP ? You seem to have DNS errors listed in your post from the diags results.
September 17th, 2009 3:17pm
Lord Melch, Do you mean that when I set my static IP the dns server address should be the same as the server address (192.168.xx.xx for both?) I've tried that and now I can't get Internet at all.
Free Windows Admin Tool Kit Click here and download it now
September 17th, 2009 6:52pm
JasonS134, What I meant is typically - is there ever a typical site ? - with Windows servers, and a Windows server running DNS, all the servers on that LAN (site) point their DNS settings in TCP/IP at that Windows DNS server - not directly at an external ISP. Then on the Windows DNS server in DNS settings you have forwarders - here you set the IP's of the external DNS providers.. Does that make sense ? Cheers LM
September 17th, 2009 7:28pm
Ok, After a bit of troubleshooting I have internet now using 192.168.xx.xx as my dns when I configure my static IP, but still no outgoing emails or access to OWA.
Free Windows Admin Tool Kit Click here and download it now
September 17th, 2009 7:30pm
Hi, Please check that your mail server is not in online RBL lists...... Also please try to flush the local DNS server cache on your DNS servers and Exchange server and then try to ping yahoo and gmail and check whether you gets the result. If you get the correct IP then DNS is not the problem. In you case i think that may be due to your mail server ip get listed in online RBL's your mail server connection is being terminated by other mail service providers. Thanks.
September 17th, 2009 7:44pm
What is RBL and how do I check the RBL lists?
Free Windows Admin Tool Kit Click here and download it now
September 17th, 2009 7:45pm
Hi, RBL stands for realtime Black list providers. And they provide mail servers ip that are relaying unwanted or spam mails. Please use dnsstuff.com for the same. Thanks.
September 17th, 2009 7:51pm
Well, Now I'm back to having no Internet using 192.168.xx.xx as my dns when I can do an ipconfig /flushdns and register dns fin but when I try to nslook up google.com I get a dns request time out. What's going on?
Free Windows Admin Tool Kit Click here and download it now
September 17th, 2009 8:00pm
The results of the dnsstuff.com test said there were 3 warnings and 0 blacklists. The warnings were {page:Section1;} -->
FAIL
Missing (stealth) nameservers
FAIL: You have one or more missing (stealth) nameservers. The following nameserver(s) are listed (at your nameservers) as nameservers for your domain, but are not listed at the parent nameservers (therefore, they may or may not get used, depending on whether your DNS servers return them in the authority section for other requests, per RFC2181 5.4.1). You need to make sure that these stealth nameservers are working; if they are not responding, you may have serious problems! The DNSreport will not query these servers, so you need to be very careful that they are working properly.
ns4.eu.editdns.net.
This is listed as an ERROR because there are some cases where nasty problems can occur (if the TTLs vary from the NS records at the root servers and the NS records point to your own domain, for example).
MX
FAIL
MX Category
ERROR: I couldn't find any MX records for MyDomain.com. If you want to receive E-mail on this domain, you should have MX record(s). Without any MX records, mailservers should attempt to deliver mail to the A record for MyDomian.com. I can't continue in a case like this, so I'm assuming you don't receive mail on this domain.
Mail
FAIL
Connect to mail servers
ERROR: I could not find any mailservers for myDomain.com.
September 17th, 2009 8:14pm
But I do have mx records created on editdns.net and in forward lookups. Plus they can receive email.
Free Windows Admin Tool Kit Click here and download it now
September 17th, 2009 8:15pm
I tried to telnet mx2.hotmail.com and this was the error message that came up: connecting to mx2.hotmail.com...could not open connection to the host, on port 25: Connect failed I know that I have port 25 open on my firewall but still nothing. Please help me, I've been trying to fix this for over a week, now people (including myself) are starting to get angry and frustrated.
September 18th, 2009 12:51am
Now when I look in the Queue there are a ton of messages that look like this Internet Mail SMTP Connector (Server)-various domains(SMTP Connector) SMTP Default SMTP Virtual Server Ready when I look in the additional queue information most say no additional information available but a couple say the remote server did not respond to a connection attempt. Before all would say that they did not respond to a connection attempt. Those various domains that are in the queue look like spam. How can I get rid of them. I've tried clicking on find messages then find now, to delete the messages, but nothing comes up.
Free Windows Admin Tool Kit Click here and download it now
September 18th, 2009 1:05am
I tried to telnet mx2.hotmail.com and this was the error message that came up: connecting to mx2.hotmail.com...could not open connection to the host, on port 25: Connect failed I know that I have port 25 open on my firewall but still nothing. Please help me, I've been trying to fix this for over a week, now people (including myself) are starting to get angry and frustrated.
Did you use the command telnet mx2.hotmail.com 25 ? You should get similar to: 220 col0-mc1-f31.Col0.hotmail.com Sending unsolicited commercial or bulk e-mail to Microsoft's computer network is prohibited. Other restrictions are found at h ttp://privacy.msn.com/Anti-spam/. Violations will result in use of equipment loc ated in California and other states. Thu, 17 Sep 2009 21:31:57 -0700 Back.. Is outbound Telnet allowed on your firewall ? Is DNS configured correctly on clients and servers ? Have you run a full AV scan ?
September 18th, 2009 7:34am
I feel that your Internet(External) SMTP Connector is misconfigured or has been deleted.
Another reason can be that your domain is added under RBL. If this has happened, then it is a big problem for you.
To verify this you can use www.mxtoolbox.com or www.dnsstuff.com.
If your domain is not under any RBL provider's list, then i propose you to reconfigure the External SMTP Connector again.
Good Luck.
Free Windows Admin Tool Kit Click here and download it now
September 18th, 2009 3:35pm
Lord Melch, I can now telnet mx2.hotmail.com Does this mean that dns is configured properly? And Yes, I have run a full av scan it came up clean. Suresh Chowdary Balusu, I'm not on any RBLs as I checked dnsstuff.com yesterday. Also is the External SMTP Connector the Internet Mail SMTP Connector (SERVER) under connectors in the exchange system manager? If so, How do I know if it is configured properly? Sorry for all these basic questions, but I'm not a network administrator by trade (I program websites). I was just thrown into this job, and have to learn as I go.
September 18th, 2009 5:45pm
JasonS134, re DNS. maybe re my post above what's the Network config, without that we are shooting in the dark as it were. Did you do a full AV scan on ALL machines on the network. I had a similar issue with a customer who had a "Blaster" variant ALL machines must be clean. Going back to basics, has outbound email ever worked ? Who set it t up, do you have a local support contract ? No worries re questions. That's why the forum is here ;-) Cheers, LM
Free Windows Admin Tool Kit Click here and download it now
September 19th, 2009 12:58pm
Hi,Please use this site to confirm that you have reverse dns configured correctly:http://www.emailtalk.org/PTR.aspxRegards,Johanblog: www.johanveldhuis.nl
September 20th, 2009 10:50pm
Johan Veldhuis - MVP, Thanks, It turns out that there was no ptr record for reverse look up. Once I found that out out and fixed it everything is working fine now. Again thanks to everyone for their help.
Free Windows Admin Tool Kit Click here and download it now
September 21st, 2009 5:34pm