2003 SBS Exchange delivery smtp, need help

[JoshIE490]

We have installed a 2003 SBS at a small office < 25 employees. Services are up except for the connection to exchange to send mail. All that seems to happen is the messages time out in the Queue.

Am I missing a DNS entry for this outbound smtp traffic to connect? We currently are using an isp for our email / web hosting so our MX records still point to that server and mail is functioning. The POP 3 connector successfully downloads messages and routes the mail to exchange mailboxes. Yet again no outbound traffic can be established.

Can anyone please help and tell me what I am missing and how to configure this? Thanks in advance Josh

 

[markdmac]

Did you run the Internet Connection Wizard from the To Do list?

if that does not fix it then you may need to configure your ISP DNS as the external DNS on the SMTP Virtual Server.

I hope you find this post helpful.

Regards,

Mark

 

[JoshIE490]

Thanks for the reply Mark.

I did run the ICW twice while troubleshooting and that didn't solve the outgoing issue. I did define 3 external dns servers on the SMTP virtual server.

smtpdiag reports clear communication except for my external mx record pointing to our current hosting company. That's fine for now.

Any other reasons the messages would remain stuck in the message queue? Any help is greatly appreciated.

Josh

 

[markdmac]

What kind of Internet connection do you have? Do you have a static IP or dynamic one? Does your ISP block port 25 outgoing? If they do you will probably need to configure a smarthost on your Exchange SMTP server.

We have recently been battling problems with messages getting rejected to yahoo, motmail and aol for many customers because they do not have a reverse DNS entry. The smart host would probably resolve that for you.

One thing you can check is to look up the MX record for one of the sites you can not reach. Then when you have that IP try to telnet to it like this:

telnet 192.168.1.1 25
When you get to the telnet prompt, type helo yourdomainname and hit enter. You should get a reply like this 250 HELO 217.120.215.201, How can I help you?

That will show you that you have connectivity to the domain.

Also, please verify how you have your server DNS setup. On the server NIC TCP/IP properties the only DNS server listed should be the server IP. In the DNS Snap-In you should have your ISP DNS listed on the forwarders tab. Not related to the email but continuing with the DNS setup, make sure that only your server IP is listed int he DNS settings of the DHCP scope options.

I hope you find this post helpful.

Regards,

Mark

 

[JoshIE490]

Hi Mark thanks for the reply. Sorry that it has taken me so long to respond. We have a Business level dynamic IP account with Comcast. So they say, our lease time on the dynamic ip is 6 months and I believe them since it has not changed in over a year.

Comcast does not block port 25 at all. Our email seems to be working very well now. I plan to change our MX records and have incoming mail routed directly to Exchange.

I verified our DNS setup. The only DNS entry on the Server is the Server IP.

The question I have for you is in regards to listing our ISP DNS in the forwarders tab. Can you elaborate on this?

I do have external DNS servers defined in the SMTP connector and all other dns routing seems to work.

Thanks again for the post. Josh

 

[markdmac]

The DNS forwarders tab is easy to get to. Just click Start, Programs, Administrative Tools, DNS. Right click the DNS server name and click properties. Clickt he Forwarders tab. Enter your ISP DNS there if not already there.

I hope you find this post helpful.

Regards,

Mark

 

[NetworkDOC]

Some simple tests should help determine if it is DNS related. From that server can you ping for example

http://www.yahoo.com.

You should not only resolve this to an IP address but you should also get replys.

If you cannot resolve this to an IP address then your problem is DNS. If you can and get the timed out response, you may not have the gateway correct. You did say however you are able to do POP mail.

Do you have a firewall in place? Is port 25 open?

 

[JoshIE490]

Thanks for the posts. Yes the Forwarding DNS servers were already listed. I assume this from providing the DNS server information during the ICW setup for SBS2003.

thanks mark.

Yes I can ping yahoo.com and also get replies from the resolved IP address. We do have a firewall in place, a Symantec 360R and port 25 is open.

J

 

[markdmac]

Yahoo can be a bad example. Yahoo, Hotmail & AOL are all now requiring you have a Reverse DNS entry to be able to send mail to them. Being able to ping their host only means that it is responding but not that mail can get through.

Using Telnet to port 25 on an MX record would be the better test to ensure your really getting through.

I hope you find this post helpful.

Regards,

Mark

 

[DColcl]

Could you have a firewall blocking SMTP outbound?

Danny

 

[JoshIE490]

I have tested SMTP both inbound and outbound by a telnet session on port 25. I can telnet:25 outbound to yahoo.com and get a response as well as inbound to our exchange server. Telnet:25 also responds within the intranet, confirming SMTP connector is working.

SMTP is communicating in both directions, so at this moment in time it seems to be configured correctly.

We don't have any outbound rules restricting traffic right now. By default the Symantec 360R router enables all outbound traffic until I define an outbound rule. No restrictions are necessary at this point in time.

Thanks for the fast replies! J

 

[markdmac]

When you telnet to port 25, did you include your domain name in the helo?


telnet mx1.mail.yahoo.com 25
helo yourdomainname

I hope you find this post helpful.

Regards,

Mark