Troubleshooting DNS-related mail delivery problems

Recently I found that messages started getting stuck in my Exchange server's outbound SMTP queue. This started happening after I switched my ISP and received a new external IP address for the server. My users started receiving "Delivery Status Notification (Delay)" messages and I found that only certain domains were being delayed.

I could send messages to these domains using other mail services (such as Yahoo) so I concluded that the destination mail server was not at fault.

Then I tested "telnet xxxxxx.com 25" to see if I could connect to the destination mail server's SMTP port from the Exchange server. This would prove that my Exchange server's DNS was working correctly and that my firewall was not blocking this type of traffic. This test worked in some cases but in other cases it did not.

Finally, I determined that messages from my Exchange server were being rejected because my ISP forgot to set up a reverse DNS entry so that destination servers could resolve my Exchange servers name from its IP address. Many email servers use reverse lookup as a means of authentication for mail transfer.

Once my ISP made the change, the queues went away and the messages were delivered.

-----------------------------------------------------------

I did some research on the Microsoft Support site and found the following very helpful:

Support WebCast: Microsoft Exchange 2000 Server: DNS Troubleshooting in Transports
May 2, 2002

-----------------------------------------------------------

Another problem came up when I tried to forward certain messages sent to asdf@domain.com to asdf@sendmail.domain.com. sendmail.domain.com is a server on my LAN running sendmail and the Majordomo list server. I only want to expose my Exchange server to the Internet, so I wanted to use forwarding to let the messages get to where they need to go.

However, forwarding did not work and I kept getting 5.4.0 errors:

Undeliverable
The destination server for this recipient could not be found in Domain Name Service (DNS). Please verify the email address and retry. If that fails, contact your administrator. <exchange.domain.com #5.4.0>

The solution to my problem: I had an external DNS server configured in my SMTP Virtual Server. This was left over from a previous trouble-shooting session.

By having my ISP's DNS servers defined as external DNS servers, Exchange used these servers instead of my internal DNS to resolve domain names. My ISP has no knowledge of sendmail.domain.com so Exchange could never get the LAN IP address for this server.

Once I removed the external DNS servers from my SMTP Virtual Server, everything worked fine. Exchange asked my internal DNS to resolve sendmail.domain.com first and got an answer and therefore it didn't have to go out to my ISP's DNS. I didn't need any special connectors or settings other than that.