Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations bkrike on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Mysteriously cannot send or receive SMTP mail - DNS error?? Help!

Status
Not open for further replies.
Cat1

Cat1

Technical User
Jul 14, 2002
73
GB
Hi,
I left last night with everything working fine, came in this morning to a whole heap of trouble! My exchange 2000 server has mysteriously stopped sending or receiving emails (is sending & receiving internal okay).

It is the main Win2K DC which is also the internal DNS server. It sits behind an ISA firewall which has a separate external mail address & IP. ISA has a server rule set to route through from the external mail IP to the internal mail IP (192.168.x.x).

There is no MX record on the internal DNS for the mail server.
The default SMTP server has the external ISP's DNS servers in the Advanced Delivery>Configure external DNS Servers section.
There is an SMTP outgoing connector set up.

This has all been working absolutely fine for the last year! Suddenly this morning mail is queued up in Exchange, and no mail is coming in from the outside.....

the ONLY error message that i'm getting in the Event viewer (all diagnostic logging has been enabled) is:

EVENT ID: 4000
MESSAGE DELIVERY TO THE REMOTE DOMAIN ".DOMAIN" FAILED FOR THE FOLLOWING REASON: UNABLE TO BIND TO THE DESTINATION SERVER IN DNS.

ANY ideas to what this might be?? is it something to do with something our ISP may have changed?

any help greatly appreciated!



 
Sort by date Sort by votes
Yup - i've already been to that article and i have both of those commands (x-link2state/xexch50), so i don't THINK it's that....

What would are the ISP likely to have changed?

i just spoke to one ISP guy who verified that our external mail address/IP A record was correct in their dns - would there be a reverse or mx record that they may have buggered up??

cheers.
 
Upvote 0 Downvote
I would guess at least the MX record, although that shouldn't have an affect on outbound mail...

would you mind giving me your domain name so i can check the records? I'll understand if you don't want to...
 
Upvote 0 Downvote
I've just been talking to the ISP guy, who has been fairly helpful & checked all the records which seem to be correct...

He's been sitting on our external cisco router supplied by them (internal mailserver > ISA firewall > cisco router > internet) trying to telnet 25 to our mail server. He kept getting chucked off with 'foreign host' errors.

I was testing telneting out on port 25 from our mail server to their test mail server, but it just hangs before giving me a 'could not open connection/connect failed'.

Can telnet port 25 from any machine internally to the mail server fine.

So looks like the finger is pointing at me again!
Have checked the ISA server - The SMTP/Port 25 Rule is unchanged & is open, nothing has changed, no errors - aaaargh!

Ideas????!

ps: do you still need the domain name?
 
Upvote 0 Downvote
if you can resolve names via nslookup then i don't need the domain name, I'll assume DNS is working.
Would it be possible for you to temporarily shut down the ISA firewall and just let that box act as a router? This way we can rule out ISA as the culprit...
 
Upvote 0 Downvote
Yes i could shut down the firewall temporarily, i'll do that. excuse me for being dim, but how will it know to route the external mail ip to the internal mail ip?

With the nslookup - if i do it from the DC (the mail server & DNS server) say for - it queries itself successfully but can't find it: Server failed (i don't have any forwarders set up).

If i do nslookup from the ISA server for i get the whole shebang, as it queries the external ISP's DNS servers.

Is this right?
 
Upvote 0 Downvote
since the ISA server is the one accepting/forwarding mail, that's fine.
If you have RRAS set up on that ISA box, configure routing to forward external to internal and vice-versa....
 
Upvote 0 Downvote
RRAS wasn't set up on that box, but kinda is now! Erm, do i set up a new static route in IP Routing?

I have NO idea what's going on - when i put in the subnet mask it's going on about the IP being too specific - had a butchers at the routing table and it's got the external mail ip forwarding to it's loopback address, and then 255.255.255.255 & loads of other shite going to the external mail ip..... got an example?!
 
Upvote 0 Downvote
Static Route would probably work, but it might be easier to add NAT to the IP protocols in RRAS and configure your interfaces under NAT accordingly. You can set the IP's and ports to forward to each other.
 
Upvote 0 Downvote
That hasn't had any effect whatsover - does this mean it IS something to do with the Exchange server??
 
Upvote 0 Downvote
We can't absolutely make that determination until we know that the Exchange server simply isn't having a problem communicating/routing to the internet. What's the chances of exposing it directly as a test? Of course, you'll also need to make sure that DNS is set up properly on the exchange box...
 
Upvote 0 Downvote
No chance of exposing it directly as a test.

It's sending internal mail absolutely fine.

Would it be worth deleting & creating another smtp virtual server? but what would happen to all the mail queued?! I noticed there isn't one in ISM, not sure if this is right as the nntp virtual server is shown..

I have a vanilla Win2K box which i could swap over with the current ISA server as plain router & reconfigure everything to test.. dya think i should do this?
 
Upvote 0 Downvote
that's not a bad idea, but before you do that, turn the old ISA server back "on" and restart the Exchange Routing Engine service, just a shot. Also, try the SMTP telnet FROM the ISA box in both directions, to your exchange server and outside to some other mail server. What happens? If that doesn't work, try the new ISA box.
By the way, are there any other event log errors besides what you posted?
 
Upvote 0 Downvote
isa on & service restarted - nuffin.

the only other event log is an information one in the application log that has popped up a couple of times in the last few hours:

Source: MSExchangeMTA (Category: Configuration) - Event ID: 9307
(BASE IL OPERATOR (24) Proc 221) Address Registration failed for transport type :4 (8)

and this one which there's loads of:

Source: MSExchangeTransport (Category: Connection Manager) - Event ID: 4000
Message Delivery to the remote domain 'domain.com' failed for the following reason: Unable to bind to the destination server in DNS.

From the ISA ServerI can telnet port 25 to both the internal mail server and the external test mail server belonging to the ISP. Both using FQDNs as well as IPs.
 
Upvote 0 Downvote
yeah, then for some reason your exchange box is no longer forwarding to the ISA and not accepting from the ISA either. Double check your default SMTP virtual server settings (smart host, DNS, etc...). Reset them if you have to, if that doesn't work, try the new ISA.
 
Upvote 0 Downvote
Okeydoke.
I don't have a smarthost/masquerade domain configured on the default smtp server - should i?

what would happen if just deleted this virtual server & created a new one from scratch - what would happen to all the message that are queued up - would they get deleted with the virtual server or queue up in the new one?
 
Upvote 0 Downvote
you shouldn't be able to delete the default smtp virtual server, and you wouldn't want to anyway. Do you have a second smtp virtual server, or an smtp routing group connector set up? If so, let's try this: remove the additional smtp virtual server or routing group connector if you have one. Then, on the properties of the Default SMTP virtual server, make sure you have the following settings:
1) on the General tab, the IP address should be All Unassigned and listening on port 25
2) on the Access tab, under authentication, allow anonymous connection for now. Under Connection, make sure "all except the list below" is checked and that no entries are in the window below that.
3) On the Delivery Tab, allow anonymous outbound security for now. On the Advanced tab, enter the internal IP address of your ISA server as the SMART HOST. Don't check any other boxes and don't enter a masquerade domain.

Restart Exchange services.
 
Upvote 0 Downvote
Done that.

At least it cleared out the smtp queue!!

After doing that & deleting the connector i get a NDR whenever i try and send an mail to the outside:

Your message did not reach some or all of the intended recipients.

Subject: test
Sent: 21/11/2002 18:59

The following recipient(s) could not be reached:

'user@domain.com' on 21/11/2002 18:59
The destination server for this recipient could not be found in Domain Name Service (DNS). Please verify the email address and retry. If that fails, contact your administrator.
<server.domain.com #5.4.0>

I get this when the connector is deleted.

If i recreate the connector the outgoing message goes back to queuing up (indefinitely it seems) rather than sending a NDR.

Still no mail coming in.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

T
  • Locked
  • Question
How to use third party mail security gateway to scan internal/inter-domain mails in Exchange On-Premise?
Replies
3
Views
3K
DrB0b
DrB0b
DrB0b
  • Locked
  • Question
Moved to 365 in cloud, cannot get iPhones default mail app to connect
Replies
2
Views
3K
Priyanka_Chauhan
Priyanka_Chauhan
Satishkumar007
  • Locked
  • Question
Help needed to recover after complete site failure
Replies
0
Views
3K
Satishkumar007
Satishkumar007
BroBias
  • Locked
  • Question
mailbox databases dismounting frequently without followable reason
Replies
1
Views
3K
BroBias
BroBias
Beni Santoso
  • Locked
  • Question
pop3 account setup failed at outlook because client was not authenticated to send anonymous mail
Replies
1
Views
309
DrB0b
DrB0b

Part and Inventory Search

Sponsor

Back
Top