Dear All, I really hope I am posting it in the correct forum, pardon me if I have not. We have a SBS 2003 server Exchange 2003 SP2 installed on it. Our DNS is managed at Easyspace.com. Our Exchange's static IP is set at (pref:5) the highest value for all emails to come to our Exchange. We have CA Gateway Security which filters all our SMTP emails coming to the server and it is very effective. On the other hand we have around 10 POP3 mailboxes and a catchall account on Easyspace under our domain name. For some strange reason all of our internally generated email messages (from SharePoint, Standard Time software, HP Digital Scanner) go to Easyspace and land in catchall account or other POP3 mailboxes on Easyspace. I have set-up Exchange’s builtin POP3 connector to download all messages from POP3 inboxes and deliver to user mailboxes. But it also downloads loads of junk which skips our SMTP filter and gets to user mailboxes. I contacted Easyspace but they say all is fine with our MX records and it is because of mis-configured Exchange or DNS cache. I need help to fix this. Thanks very much in advance. Please feel free to ask if you need more information. Abid

Do you run split-brain DNS? If your internal DNS Mx record lists the external IP of your Exchange server, your firewall may prevent the internal systems from accessing it. Can you telnet on port 25 to the FQDN of your Mx record (primary) from these other internal systems?

Do you run split-brain DNS? If your internal DNS Mx record lists the external IP of your Exchange server, your firewall may prevent the internal systems from accessing it. Can you telnet on port 25 to the FQDN of your Mx record (primary) from these other internal systems?

Hi Chris, Thanks for your response. I am a novice and DNS is far too complicated for me :( Could you please explain how can I check if we run split-brain DNS? An explanation to the 'internal systems' you referred to is below: Standard Time is a time sheet software installed on the SBS 2003 which also has Exchange. I can not Telnet from within Standard Time. It has below email settings: Outgoing mail server (SMTP) # sbserver.company.local Email arrives on random times. Sometimes it arrives instantly and sometimes it take 15-20 mins and sometimes it doesn't even arrive. Below is a Header line from a message which I sent from Standard Time to myself. Microsoft Mail Internet Headers Version 2.0 Received: from sbserver.company.co.uk ([192.168.16.2] RDNS failed) by company.co.uk with Microsoft SMTPSVC(6.0.3790.4675) HP Digital Scanner-to-email device is the most problematic. It sends all messages to our ISP and they land in catchall account or POP3 inboxes and later we download them using SBS builtin POP3 connector. I did Telnet the server on port 25 from a client machine and from server itself. Here is the result: C:\>Telnet sbserver.company.co.uk 25 220 sbserver.domain.co.uk SMTP service ready Then I did nslookup on the Exchange server and here is the result. C:\ >nslookup Default Server: sbserver.company.local Address: 192.168.16.2 > server 192.168.16.2 Default Server: sbserver.company.local Address: 192.168.16.2 > set q=mx > sbserver.company.local Server: sbserver.company.local Address: 192.168.16.2 company.local primary name server = sbserver.company.local responsible mail addr = hostmaster serial = 16269 refresh = 900 (15 mins) retry = 600 (10 mins) expire = 86400 (1 day) default TTL = 3600 (1 hour) C:\>nslookup Default Server: sbserver.company.local Address: 192.168.16.2 > server 192.168.16.2 Default Server: sbserver. company.local Address: 192.168.16.2 > set q=a > sbserver. company.local Server: sbserver. company.local Address: 192.168.16.2 Name: sbserver. company.local Address: 192.168.16.2 I am still not sure what's wrong with the whole system. I can post full message header if that can help. Kind regards, Abid

Try: nslookup set q=mx yourcompany.com (whatever the domain is you receive mail for) Does the Mx record returned for your internet domain (I assume the internal systems are sending to user@yourcompany.com) point to the external IP address of your domain? Are your internal name servers the DNS servers you expose to the internet for others to look up your DNS records or do you host that through another provider?

Hi Chris, Many thanks for your reply. Here are the results. This is with the domain.co.uk C:\ >nslookup Default Server: sbserver.domain.local Address: 192.168.16.2 > set q=mx > domain.co.uk Server: sbserver.domain.local Address: 192.168.16.2 Non-authoritative answer: domain.co.uk MX preference = 5, mail exchanger = sbs.stateofflux.co.uk domain.co.uk MX preference = 20, mail exchanger = smtp1c.netintelligence.com domain.co.uk MX preference = 50, mail exchanger = smtp2c.netintelligence.com sbs.domain.co.uk internet address = xxx.120.218.131 smtp1c.netintelligence.com internet address = 84.22.161.105 Here is the result with the sbs.domain.co.uk. This is the address we use for Remote Web Workplace and our SharePoint companyweb is also using this address on port 444 (https://sbs.domain.co.uk:444) C:\ >nslookup Default Server: sbserver.domain.local Address: 192.168.16.2 > set q=mx > sbs.domain.co.uk Server: sbserver.domain.local Address: 192.168.16.2 domain.co.uk primary name server = ns1.namecity.com responsible mail addr = hostmaster.namecity.com serial = 2010100800 refresh = 43200 (12 hours) retry = 5400 (1 hour 30 mins) expire = 2419200 (28 days) default TTL = 3600 (1 hour) Sorry I didn't understand the second part. My knowledge of DNS and Exchange as you can tell, is limited :( Our DNS /MX Records are hosted at Easyspace.com. Kind regards, Abid

Hi Chris, Many thanks for your reply. Here are the results. This is with the domain.co.uk C:\ >nslookup Default Server: sbserver.domain.local Address: 192.168.16.2 > set q=mx > domain.co.uk Server: sbserver.domain.local Address: 192.168.16.2 Non-authoritative answer: domain.co.uk MX preference = 5, mail exchanger = sbs.stateofflux.co.uk domain.co.uk MX preference = 20, mail exchanger = smtp1c.netintelligence.com domain.co.uk MX preference = 50, mail exchanger = smtp2c.netintelligence.com sbs.domain.co.uk internet address = xxx.120.218.131 smtp1c.netintelligence.com internet address = 84.22.161.105 Here is the result with the sbs.domain.co.uk. This is the address we use for Remote Web Workplace and our SharePoint companyweb is also using this address on port 444 (https://sbs.domain.co.uk:444) C:\ >nslookup Default Server: sbserver.domain.local Address: 192.168.16.2 > set q=mx > sbs.domain.co.uk Server: sbserver.domain.local Address: 192.168.16.2 domain.co.uk primary name server = ns1.namecity.com responsible mail addr = hostmaster.namecity.com serial = 2010100800 refresh = 43200 (12 hours) retry = 5400 (1 hour 30 mins) expire = 2419200 (28 days) default TTL = 3600 (1 hour) Sorry I didn't understand the second part. My knowledge of DNS and Exchange as you can tell, is limited :( Our DNS /MX Records are hosted at Easyspace.com. Kind regards, Abid

Hi - obfuscating your real domain name & IP address makes it very tough to help you troubleshoot. Assuming your network is properly set up & secured you have nothing to fear by posting the real info; every time you email someone you're giving that information to them, remember! Let's keep this simple. Your ISP really nothing to do with your email. If you aren't using the SBS POP connector (and you shouldn't), you should have only one MX record, which points to an A record (e.g., mail.mydomain.com) which specifies your public IP (which should be a static). Your perimeter firewall should have a rule to allow inbound TCP 25 to the *internal* IP of your Exchange/SBS server. Your ISP must not block that port (in fact, they shouldn't block any - your firewall should be the determining factor in what goes in or out). There are of course many scenarios where you might have more than one MX record, but the above is the simplest/most basic configuration, and you should start with that.Lanwench ** Do not fold, spindle or mutilate. Fill in the box completely and erase any stray marks. Use only a #2 pencil.

Hi - obfuscating your real domain name & IP address makes it very tough to help you troubleshoot. Assuming your network is properly set up & secured you have nothing to fear by posting the real info; every time you email someone you're giving that information to them, remember! Let's keep this simple. Your ISP really nothing to do with your email. If you aren't using the SBS POP connector (and you shouldn't), you should have only one MX record, which points to an A record (e.g., mail.mydomain.com) which specifies your public IP (which should be a static). Your perimeter firewall should have a rule to allow inbound TCP 25 to the *internal* IP of your Exchange/SBS server. Your ISP must not block that port (in fact, they shouldn't block any - your firewall should be the determining factor in what goes in or out). There are of course many scenarios where you might have more than one MX record, but the above is the simplest/most basic configuration, and you should start with that.Lanwench ** Do not fold, spindle or mutilate. Fill in the box completely and erase any stray marks. Use only a #2 pencil.