Helpppp! Entire company not receiving external emails!

[paintb4707]

------------------
Long version
------------------

Well, I'm the brand spanking new Network Admin for a vitamin manufacturer of about 100 users.

Let me explain a little about the job first. When I interviewed, they were specifically looking for an entry level admin that was still in school. I assume this is so that they can pay fairly lower and reimburse you with on-the-job learning. However, now that I'm hired, I'm the ONLY IT guy there. The guy that interviewed me only knew enough to get by to support the end users. Keep in mind this isn't his primary job, he's in charge of the packaging and shipping of the vitamins. So.... here I am jumping into the admin world fairly early into the game with only 7 months of HD experience.

Now its only my second day on the job and this morning everyone stopped receiving external emails. Sending/receiving internally works fine, sending externally works fine, but not receiving externally. This looks terrible for me because I got two things going against me:

1) It's my second day
2) I'm young (19 years old), so I can just imagine what's going through everyone's mind

5 hours later, I'm here at home still trying to send myself an external email and its a no-go. I honestly don't recall changing anything on the exchange server, but if I did, what could possibly be preventing external email from coming in?

We're behind a Firebox Fireguard NAT router. DNS apparently seems to be fine according to the dnsstuff.com, the MX record is being directed to the router WAN IP. Domain name is naturesvalue.com

If it matters, I've spent just about 7 out of my 8 hour work day researching this issue and the only clues lead me to believe its an issue with our ISP's DNS servers. Also considering that my interviewer claims that we have "network issues in bad weather" and that this has happened before and it was supposedly on Lightpath's end.

I'm actually scared to go into work tomorrow because I don't want to face this all day.

------------------
Short Version
------------------

Just this morning the entire company stopped receiving external emails. Sending/receiving internally works fine, sending externally works fine, receiving external does not.

Only a single NDR recieved out of the hundreds of test emails I sent.

Reason: Remote SMTP server has rejected address
Diagnostic code: smtp;550 relay not permitted
Remote system: dns;nature.naturesvalue.com

Another funny thing I noticed is, I received 2 of my test emails after a 40 minute delay but nothing after that.

I don't recall changing anything on the Exchange server but if I did, what could be preventing external emails from coming in?

We're behind a Firebox Fireguard NAT router and according to dnsstuff.com, the MX record for naturesvalue.com is pointing to our router WAN IP (as it should, correct?)

What confusing me about the whole process is, our actual domain name is nature.naturesvalue.com, however we use Network Solutions to direct traffic from www.naturesvalue.com to our webhost and webmail/mail.naturesvalue.com to our router WAN IP.

 

[TechieSooner]

How many accounts have you actually tried to send email to the server with? Have you tried sending something from a Yahoo account (you know those almost always work and are configured correctly)?
It almost sounds to me (judging by that error) like email with your ISP at your house is not configured correctly. Can you send email from your home account to another account (Yahoo account or something) fine?

The thing is- SMTP is SEND Mail Transport Protocol. Has nothing to do with receiving emails...

Almost sounds to me like your ISP's (at home) is rejecting your mail messages. But then- it would be their servers replying and not yours...

Once again- the thing is that this is an SMTP error... which is what is confusing me here. Try sending email from Yahoo account to someone on that server- see if that works and report back

Edit- I'd say I'd be 80% sure that it is because of your home client's settings- if it was confined to your home client. That's why I want you to try sending from Yahoo account... It's a good test.

 

[fluidimagery]

I'm with Techie on the issue you're seeing right now. If you're using an external mail server to send mail out you're going to need to authenticate when you send. That's the relaying error you're seeing on your home computer. LIke Techie said, send an email from a yahoo / gmail etc account to see if it gets sent.

Does the mail bounce back to the sender? If the mail isn't getting bounced, it's sitting somewhere...

Do you have spam protection? maybe somehow your companies IP got blacklisted for whatever reason .. http://member.dnsstuff.com/pages/tools.php or your spam protection is set very high.

Else it could be a problem on lightspeed's end.

 

[paintb4707]

I just tried sending a test email with a yahoo.com and mail.com account. Neither went through or received an NDR.

 

[TechieSooner]

That tells me everything is [most likely] OK- problem is 100% on your server (because Yahoo's SMTP servers are fine).

You really need to think about what settings you have changed (even if you don't think they matter... like IMF could cause this) in the past few days- maybe post them here.

Still- this is an SMTP error. You aren't trying to send mail through the server- so you shouldn't have gotten that SMTP error at all. That's what throws me off.

Like the previous poster said- if you aren't getting a bounce-back message... it's sitting somewhere. Being you are using MX records and it is entirely on your server- I'm thinking your server received them. Which means your POP settings may be messed up...

Do you have Outlook Web Access? If so, log on there... check see if anything is showing there (you log in directly to server that way- no settings on Outlook clients to mess with).

Another thing I would do is check the mailbox count. Write it down. Send that account a bunch of messages (10 or more), and see if the count is increasing at all.

Right now the question is whether it is getting to the mailbox or not (Since no errors- my guess it is).

 

[paintb4707]

That tells me everything is [most likely] OK- problem is 100% on your server (because Yahoo's SMTP servers are fine).

You really need to think about what settings you have changed (even if you don't think they matter... like IMF could cause this) in the past few days- maybe post them here.

Still- this is an SMTP error. You aren't trying to send mail through the server- so you shouldn't have gotten that SMTP error at all. That's what throws me off.

Like the previous poster said- if you aren't getting a bounce-back message... it's sitting somewhere. Being you are using MX records and it is entirely on your server- I'm thinking your server received them. Which means your POP settings may be messed up...

Do you have Outlook Web Access? If so, log on there... check see if anything is showing there (you log in directly to server that way- no settings on Outlook clients to mess with).

Another thing I would do is check the mailbox count. Write it down. Send that account a bunch of messages (10 or more), and see if the count is increasing at all.

Right now the question is whether it is getting to the mailbox or not (Since no errors- my guess it is).

How do you check the mailbox count for a particular user?

OWA is what I use to access my email. I'm not receiving anything still.

 

[TechieSooner]

How do you check the mailbox count for a particular user?

OWA is what I use to access my email. I'm not receiving anything still.

That was really only if OWA wasn't working- is where I would've checked that at (if you still want to- it's under the Server Manager or something like that- can't remember what it is called right off the bat... has all your Exchange settings in it).

So- no errors sending to the server.
No problems in configuration receiving since we are using OWA directly on the server itself.

I'm about to stay I am very close to being baffled Almost want to say it is something like IMF at this point... the server has the message, but hasn't quite reached the mailbox.

To make things worse the fact it is an SMTP error is what I keep going back to- makes no sense.

Perhaps after a night of rest- things will work, everyone has a fresh perspective to offer (by the way- while everyone is out- did you try a reboot? Might just solve the issue... It's worked only once for me in the past when dealing with Exchange). IMO it's good to do a routine reboot anyway (whenever you remember- once every couple of weeks)... Good preventative.

 

[paintb4707]

That was really only if OWA wasn't working- is where I would've checked that at (if you still want to- it's under the Server Manager or something like that- can't remember what it is called right off the bat... has all your Exchange settings in it).

So- no errors sending.
No problems in configuration receiving since we are using OWA directly on the server itself.

I'm about to stay I am very close to being baffled

To make things worse the fact it is an SMTP error is what I keep going back to- makes no sense.

Perhaps after a night of rest- things will work (by the way- while everyone is out- did you try a reboot? Might just solve the issue... It's worked only once for me in the past when dealing with Exchange). IMO it's good to do a routine reboot anyway (whenever you remember- once every couple of weeks)... Good preventative.

Yes I have tried rebooting.

I'm really leaning towards the firewall being that I can't telnet port 25. But also I don't know if this would be because of NAT.... because incoming SMTP is allowed and being forwarded to the correct internal IP of the Exchange server. Also outgoing and optional network is allowed as well.

 

[swatbat]

You haven't done anything stupid like turning on the firewall on the windows server have you?

Also have you checked the event log to see if you have any exchange errors?

 

[oakfan52]

internal mail flow uses mapi. external uses smtp connector. since you can send out fine (which i assume you tested by send an e-mail to your yahoo account) it has to be a problem with the inbound connection to smtp (port 25).

#1 check your mx record from outside your network (at home or at a hot spot)

nslookup
set type=mx
domain.com

That should return your mx record. make sure the hostname is correct and ping it to make sure it resolves to the correct external IP.

#2 if the mx record checks out. try telnet to port 25 to the ip and/or dns name.

telnet mail.domain.com 25

you should see a banner displayed for your e-mail server (it should not time out)

let us know what happens and we can go from there.

 

[Jay_2]

wow this is a really really odd one.

I have had this error before though and it was a reverse DNS issue.

 

[paintb4707]

internal mail flow uses mapi. external uses smtp connector. since you can send out fine (which i assume you tested by send an e-mail to your yahoo account) it has to be a problem with the inbound connection to smtp (port 25).

#1 check your mx record from outside your network (at home or at a hot spot)

nslookup
set type=mx
domain.com

That should return your mx record. make sure the hostname is correct and ping it to make sure it resolves to the correct external IP.

#2 if the mx record checks out. try telnet to port 25 to the ip and/or dns name.

telnet mail.domain.com 25

you should see a banner displayed for your e-mail server (it should not time out)

let us know what happens and we can go from there.

When I ping it, it doesn't reply but does resolve the WAN ip of the firebox. I also cannot telnet which would appear to be an issue with the firewall, however incoming SMTP IS ALLOWED and being forwarded to the internal ip of the exchange server.

 

[4saken]

Have you checked the SMTP Queue on the exchange server itself to see if there are "stuck" messages?

If there is there is a trick to Freeze the queue, stop SMTP start it again, unfreeze. You may not be getting NDRs because the email is actually delivering to the exchange, but its just queueing up and not going anywhere. SMTP Queue on exchange has a tendency to get frozen on certain occasions. Check the message count.

 

[shade_star]

All the answers here have been very good. If this is a business that is live, email is the most critical element. At this point you should be calling MS and/or your firebox vendor to get support so these services come back online asap.

 

[Evilot]

I don't have any suggestions..but

I just wanted to point out that the way you wrote your story (long version / short version) is very convenient, usually when its a lot of text I don't even bother reading, but this way I can just quickly look at the summary and get the point.

Good Job!

 

[Verge]

Have you checked the SMTP Queue on the exchange server itself to see if there are "stuck" messages?

If there is there is a trick to Freeze the queue, stop SMTP start it again, unfreeze. You may not be getting NDRs because the email is actually delivering to the exchange, but its just queueing up and not going anywhere. SMTP Queue on exchange has a tendency to get frozen on certain occasions. Check the message count.

check this ^^^^^^^^^^^^


need application, system error logs on exchange server


Do you only have a single server, or do you have FE-BE system, if your FE server is the only one having problems, it would explain not getting any external email.

 

[archivalbackup]

Also make sure that the Exchange SMTP service / process is running.

I had a problem almost exactly like this, and it was just because the SMTP wans't started on the exchange server.

 

[paintb4707]

Ahhhh I feel like an idiot. Apparently it was the firewall. I use a KVM switch to switch between our 2k3 server and the exchange server. Apparently the configuration on the firewall rolled back to a previous state and incoming SMTP traffic was being sent to the 2k3 server. I guess I got the IPs mixed up and thought it was being sent correctly.

Thanks for all your help guys. What's that old saying, error exists between user and keyboard? Yeah... thats me

 

[4saken]

Ahhhh I feel like an idiot. Apparently it was the firewall. I use a KVM switch to switch between our 2k3 server and the exchange server. Apparently the configuration on the firewall rolled back to a previous state and incoming SMTP traffic was being sent to the 2k3 server. I guess I got the IPs mixed up and thought it was being sent correctly.

Thanks for all your help guys. What's that old saying, error exists between user and keyboard? Yeah... thats me

Glad you figured it out.

 

[archivalbackup]

What's that old saying, error exists between user and keyboard? Yeah... thats me

The error exists between the Keyboard and the chair.

Also known as an ID 10T error.

 

[Jay_2]

lol

I have made errors like this.


I once had a rack with a few live Citrix servers and 1 backup server I used to test updates on etc. (Citrix hated windows updates)

So, i updated the server, installed the new software, rebooted the server and waited for it to come back up. While I was doing this my desk phone was ringing and ringing over and over but I ignored it the phone thinking I should finish the job at hand.

The server came back up and I logged back in. It was at this time that I noticed that there where programs on the server I hadn't installed such as Office and winzip. I took a step back and thats when it hit me, I had become mixed up and taken I live server down thinking it was my test server. The phone was ringing because a load of users had just been kicked out of their desktop!!