Unable to receive email

[handley88]

HI, I recently moved the company network so i did the normal bits

- updated DNS/MX
- changed public IP's on router

But I can't seem to receive email to my sbs 2003 box
but i can send ok

I have wiped my firewall (pix 506e) and put on the minimal config with just acl's to allow smtp and domain also port mappings to the server

and still nothing, i read in another thread to try telneting on 25 and i cant do this locally on my LAN and there is no firewall on the sbs box

Any ideas ??

Thanks

 

[ShackDaddy]

Could you clarify some things?

How many active NICs does your SBS box have?

Have you tried telnetting on 25 to your server from your local LAN? Is there a reason that you can't try, or did it fail? It should not fail, since I assume that you didn't need to readdress the internal network space. If you DID readdress the internal network space in addition to the external, you'll need to run the SBS Internet Connect wizard again before mail will work.

If you can telnet to port 25 from the LAN, then we know that your server is listening. Then you'd want to telnet to port 25 from the outside world, hitting the same FQDN that you are pointing your MX record to. Can you do that? If you can't do that, but you can from the inside, then it's a firewall issue.

Also, I noticed that you said you were allowing DNS traffic to your SBS box. That implies that you are trying to use your SBS box to host DNS traffic. Don't do that. Always use an external non-SBS box to handle your DNS. Usually your name registrar is a good one for that. This could be the root of your problem.

If you just changed your A-record/MX-record on your SBS box, that's not enough to tell the world that your IP has changed. You'd want to do that on your public DNS, wherever that is.

99.97% of the SBS servers out there are set up to use DNS only for their local network and to resolve public names for local clients, not to allow the world to contact the SBS box for DNS.

Normally an SBS installation only has these ports passed to it:

tcp 443 - for Outlook Web Access
tcp 4125 - for Remote Web Workplace
tcp 25 - for inbound mail
tcp 3389 - for remote desktop

Optionally you could enable IMAP and POP3 ports as well, but those are usually unneeded.

Dave Shackelford
Shackelford Consulting

 

[handley88]

one nic

no change to the inside address space
no connection on port 25 to telnet server.xx.co.uk.local 25

i changed the ip's at the domain reg.

i meant only to use my sbs for local dns how would i check to see if the local dns is forwarding request to the correct place eg isp dns servers ?

Thanks

 

[ShackDaddy]

Admin Tools -> DNS Admin -> get properties on your server's name -> go to the Forwarders tab and check the addresses configured there.

The SBS box should be pointed to itself for DNS in the NIC's TCP/IP properties.

If you can't telnet to your server's SMTP port from the LAN, then your server isn't listening.

Can you run the Connect to the Internet wizard again on the server and then do your telnet test again? That would simply be even opening up the cmdline on your server and typing 'telnet localhost 25'

If that still doesn't work, in the SBS Server Manager, drill down into the Exchange area, go into Server, Protocols, SMTP, Default SMTP Virtual Server. Check the IP address on the general tab. If it says All Unassigned, that's fine. Click Advanced and make sure it's listening on port 25.

Dave Shackelford
Shackelford Consulting

 

[handley88]

hey, i found the problem in one of the modems it seemed to block port 25 but allow ipsec

thanks for your help

Alex

 

[ShackDaddy]

Glad it got figured out.

Dave Shackelford
Shackelford Consulting