Announcement

Collapse
No announcement yet.

Help with Exchange 2k3 not receiving/sending External ISP email

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Help with Exchange 2k3 not receiving/sending External ISP email

    Hello All,
    im new here, advancing from NT4....to the new guys league...,
    to make long story short:
    i run sbs 2k3 r2, with exchange 2k3. and im facing something i never met before.
    i am just starting my way with 2k3 systems, so please bare with me
    the main problem is external outbound/inbound mail delivery.
    now the weird thing is, the problems oppose each other ?#?#?#?#?#?

    one important thing !!! im using Exchange in DNS Routing Emails !!!
    __________________________________________________ _______________
    1. after some searching and putting in DNS IPs, here and there...i managed to
    send out to bezeqint. but not to Gmail m0.0m ????

    Addin returned mail:
    <some.domain.com #5.5.0 smtp;550-5.7.1
    [000.000.000.000] The IP you're using to
    send mail is not authorized>

    local -> bezeqint ISP -> OK
    local -> gmail -> Fail
    __________________________________________________ _______________
    2. now comes the second thing... i can send from Gmail to my internal address, but not from Bezeqint mo.0m ????

    Addin ISP log :
    ----- The following addresses had permanent delivery errors -----
    [email protected]
    Reporting-MTA: dns; mail.bezeqint.net
    Arrival-Date: Tue, 22 Jul 2008 07:53:09 +0300 (IDT)
    Final-Recipient: rfc822; [email protected]
    Action: failed
    Status: 5.1.1
    Remote-MTA: DNS; 192.115.106.15
    Diagnostic-Code: SMTP; 550 5.7.1 <[email protected]>: Recipient address rejected: Spammers Not Allowed
    Last-Attempt-Date: Tue, 22 Jul 2008 07:53:11 +0300 (IDT)

    bezeqint -> local -> Fail
    gmail -> local -> OK
    __________________________________________________ _______________

    What am i doing wrong that causes the server behave like that ?
    Last edited by baracuda; 22nd July 2008, 07:00.

  • #2
    Re: Help with Exchange 2k3 not receiving/sending External ISP email

    Your ISP is on a blacklist.
    http://www.robtex.com/rbl/192.115.106.15.html

    If you want to send email by DNS then you are going to have to change ISP.

    Otherwise you are going to have to use another service to send email through, look for a Mail Hop service. That will of course cost you money.

    Simon.
    --
    Simon Butler
    Exchange MVP

    Blog: http://blog.sembee.co.uk/
    More Exchange Content: http://exchange.sembee.info/
    Exchange Resources List: http://exbpa.com/
    In the UK? Hire me: http://www.sembee.co.uk/

    Sembee is a registered trademark, used here with permission.

    Comment


    • #3
      Re: Help with Exchange 2k3 not receiving/sending External ISP email

      Sembee thanks for the response,

      i need you to be little more clear about that, because changing ISP's isnt that
      easy when a whole org. is based on most of their comms.

      i understand what your saying about the blacklist, what i dont understand is,
      if indeed my ISP is black listed why do i can do halp on one mail service , and half on another mail service ?

      besides of that, i would be happy if you could help me with the information of how does my Exchange gets the blacklist, and how do i fool it, or how can i make do with what i have without adding more costly services ?

      why is that, because i assume that however i get the blacklist, if i cut the comms right there i maybe able to send by DNS routing ?

      another question, if i am using the Exchange DNS routing , wasnt it suppose to go to my DNS ask for routing and go out thourgh my SMTP ?

      thanks again.

      Comment


      • #4
        Re: Help with Exchange 2k3 not receiving/sending External ISP email

        It isn't your server that is on the blacklist.
        It is your ISP.

        The blacklist operators have blacklisted your entire ISP. Their logic is that legitimate customers complain to the ISP about being blacklisted and the ISP is forced to do something about - ie kick the spammers of the network or make changes to their network configuration to stop compromised machines from being used to send spam. There is nothing that you as an individual can do about it.

        You will find that you can send some email because not everyone uses blacklists. I don't use them at all for example as I don't like the idea of someone else deciding what email I can receive. However other admins will say that they are the best thing since sliced bread.

        Simon.
        --
        Simon Butler
        Exchange MVP

        Blog: http://blog.sembee.co.uk/
        More Exchange Content: http://exchange.sembee.info/
        Exchange Resources List: http://exbpa.com/
        In the UK? Hire me: http://www.sembee.co.uk/

        Sembee is a registered trademark, used here with permission.

        Comment


        • #5
          Re: Help with Exchange 2k3 not receiving/sending External ISP email

          thank you again for clearing that up bit more.
          i got the main idea of the use of it , and it does sound fair.

          but the wierd thing is....
          i cant send mail from my mailbox in the ISP's server - into my domain internal mbox, i would say its fair if someone blacklisted my ISP, but this is not the case.... if i send to the same addresses from my ISP's mbox - it goes all so well...but not from exchange....hence...correct me if im wrong the problem is my server. for example:

          [email protected] -> [email protected] : works good mail is accepted by ISP
          [email protected] -> [email protected] : fails to receive - Recipient address rejected: Spammers Not Allowed
          ---------------------------------------------------------------------------------------------------
          [email protected] -> [email protected] : fails to send - The IP you're using to send mail is not authorized
          [email protected] -> [email protected] mail received OK

          i mean if im understanding the situation - the isp itself is blocking part of its own address pool for mail , or my exchange is blocking the ISP incoming/outgoing mail by DNS routing....

          or another thing is maybe there is double blacklist..means from each side of the different mail suppliers each is blacklisting the other ?.....
          gmail blacklists my isps IP pool ... ?
          someone blacklists my IP/Domain in specific ... ?
          if so how come i can get incoming from gmail but not from my own ISP ????
          or if so how come my ISP says my own IP is disallowed for spamming ?

          from my side i did call the ISP up and explained my issue
          they dunno anything about it but they xfered my case to abuse check
          for my opinion there is some kind of filtering on my exchange which causes this thing to happen.
          the question is what ?

          ...im so lost , and all confused now... lol
          Last edited by baracuda; 22nd July 2008, 16:58.

          Comment


          • #6
            Re: Help with Exchange 2k3 not receiving/sending External ISP email

            There is no filtering in Exchange natively.
            The only way that email can be filtered is via third party tools that you may have installed on the server, or in your firewall if it does SMTP filtering. Exchange cannot block email on its own - and those messages that you are getting are not Exchange NDRs.

            You may also find that while you have set your server to use DNS, the ISP might be redirecting all SMTP traffic to go through their own servers, in an attempt to block spam from their client networks.

            I am pretty sure it isn't Exchange that has the problem, but it is outside of Exchange.

            Simon.
            --
            Simon Butler
            Exchange MVP

            Blog: http://blog.sembee.co.uk/
            More Exchange Content: http://exchange.sembee.info/
            Exchange Resources List: http://exbpa.com/
            In the UK? Hire me: http://www.sembee.co.uk/

            Sembee is a registered trademark, used here with permission.

            Comment


            • #7
              Re: Help with Exchange 2k3 not receiving/sending External ISP email

              thanks for the info, been following your lead so far and
              while at it i found something isnt suppose to be...

              i haev MX records on my DNS but when i try to lookem up from another dns
              i get timed out, when i check for mx localy i getem localy, but when i check from external dns - i get none! so i played some more with dns adding my routers external ip as another MX, now i see in internal dns both MX's internal and then one that i added as external routers IP.
              now i need to find out if they replicate upstream...

              i think this maybe one of the problems...cause im using dynamic IP and my IP
              changes on my router constantly, so do you know of any way to update
              server 2k3 dns automatically with external routers IP ?

              Comment


              • #8
                Re: Help with Exchange 2k3 not receiving/sending External ISP email

                Your external IP address should not be in any of the internal DNS Servers. It isn't required.
                Furthermore your MX record isn't required internally. If you want an MX record internally then add one but enter the internal IP address of your Exchange server.

                However you should have said that you were using a dynamic IP address.
                You will never get 100% successful email delivery when you are on a dynamic IP address. Many sites will block email from dynamic IPs. You will need to stop using DNS for delivery and use a smart host - your ISPs SMTP Server for example.

                For public MX record updates you will need to use a dynamic DNS service and client.

                Simon.
                --
                Simon Butler
                Exchange MVP

                Blog: http://blog.sembee.co.uk/
                More Exchange Content: http://exchange.sembee.info/
                Exchange Resources List: http://exbpa.com/
                In the UK? Hire me: http://www.sembee.co.uk/

                Sembee is a registered trademark, used here with permission.

                Comment


                • #9
                  Re: Help with Exchange 2k3 not receiving/sending External ISP email

                  well regarding my dynamic ip , i do use dyndns.com,
                  and my router does the update by its own with no problems. in another external network computer
                  i check the a record of that domain and it exists, when i check up for an MX record - i get reply "NO MX RECORD"
                  though it is defined to update also an MX record.

                  and i have a lil correction about filtering in exchange, it is natively in exchange simple but it exists
                  i looked in every place possible and came up with this:
                  +domain name
                  .+global settings
                  ...+message delivery
                  .....-3. sender filtering
                  .....-4. connection filtering
                  .....-5. recipient filtering
                  .....-6.
                  .....-7. intelligent message filtering
                  .....-8. sender id filtering

                  or maybe it is some addon of SBS 2003 R2 ???

                  but i checked it out and its all empty and without limitations....
                  i talked with isp tech supp. and they say i must have mx rec.
                  but i have been reading since this issue started - and exchange can get mail without mx rec. on dns....like you said its not mandatory.
                  that explains why i can receive mail from gmail with no problem.

                  i even did follow you suggestion and work in Smart host mode with my isp as relayer with my isps user/pass as cardantials.
                  same effect as before , but with different reject message:

                  <myhost.exchange.net #5.7.1 smtp;554 5.7.1 <[email protected]>: Relay access denied>

                  i even decided to find out if the rejction is connected somehow to the blacklist
                  so i send mail from my isp to gmail back and forth accepted with no problem.

                  one thing though, once i did install server 2k3 r2 ent with exchange ent. and also with dyn. ip and no mx rec. , and it worked some how...
                  only difference is that now its sbs 2k3 r2.... and i just dont remember how i made it work that time about 2 years ago... :/

                  so i guess now more than ever its must be my exchange server doing the rejection. because there is nothing else that does the rejection.
                  im sure it must be some petty lil definition that i have overlooked...but heck i dunno what... ://

                  anyways i appriciate you trying to help me out here, but im thinking of kicking this machine to hell and back, lol, any other ideas before i do that ???
                  Last edited by baracuda; 23rd July 2008, 01:07.

                  Comment


                  • #10
                    Re: Help with Exchange 2k3 not receiving/sending External ISP email

                    i went back to the RTFM logics and took a glance back at the release nots of SP2.
                    walla i found that since SP2 they integrate filtering V2.
                    so after lots of wasted time now its a fact the my own server blocks my in/out
                    coms with outer world. and now i know it has nothing to do with SBS 2003 R2 at all.

                    moreover now i feel less stupid than yesterday, since i know my hunch was right,
                    that i never had this type of behave from my 3 older exchange servers.
                    although im coming from NT4 / Exchange 5 world, the logics looked same for me as in configuration of the systems.
                    now i know surely i lack the knowledge regarding this filters issue in e2k3sp2.

                    here is part of the release notes of Exchange 2003 Server Service Pack 2:
                    __________________________________________________ _____________
                    Microsoft Exchange Intelligent Message Filter Version 2

                    Microsoft Exchange Intelligent Message Filter is integrated with the Sender ID feature in the Exchange Server 2003 Service Pack 2 (SP2). Note that, for Exchange Server 2003 SP2, Intelligent Message Filter is built into the product and is considered to be version 2. Version 1 of the Intelligent Message Filter was a stand-alone tool.
                    Intelligent Message Filter helps companies reduce the amount of unsolicited commercial e-mail (UCE), also know as spam, that can be received by users.
                    Installation Tips

                    If Intelligent Message Filter version 1 is detected as being on the target server computer when you start the upgrade to SP2, a flag is raised and you must uninstall version 1. After the SP2 upgrade, Intelligent Message Filter version 2 is automatically installed on the server. However, the administrator still must enable version 2 on the Virtual Server Instance (VSI).
                    Note: Do not install Intelligent Message Filter version 1 after the upgrade to Exchange Server 2003 SP2. Version 2 has been installed automatically with SP2.
                    During the upgrade to Exchange Server 2003 SP2, the server will not be available. When the server becomes available again, the administrator must enable Intelligent Message Filter immediately. Or, the server must be taken offline and Intelligent Message Filter enabled, if more time is required. Otherwise the server will be subject to spam attacks.
                    The Intelligent Message Filter is not cluster-aware and cannot be enabled on an Exchange server that is a member of a server cluster. However, it can run on front-end servers and Exchange Simple Mail Transfer Protocol (SMTP) gateways that are members of a network load-balanced cluster. It can also run on non-clustered Exchange Server 2003 computers.

                    Intelligent Message Filter Updates

                    Included with Exchange Server 2003 SP2 is an update process for the Intelligent Message Filter version 2. You can now visit Try Microsoft Update today to obtain the latest update to the filter. New updates have been published two times a month on a first and third Wednesday. For complete information about schedule and availability, enabling updates, and much more, see the Microsoft Exchange Server Intelligent Message Filter v2 Operations Guide at http://go.microsoft.com/fwlink/?linkid=47582.
                    __________________________________________________ _____________
                    then docs are in this location for download :
                    http://www.microsoft.com/downloads/i...%2fIMF_SP2.doc
                    __________________________________________________ _____________
                    I THINK I FOUND MY ANSWER !!! YEA !!!
                    Message flow with Intelligent Message Filter and Exchange filtering
                    As shown in the figure, filters are applied in the following order:
                    1. An SMTP server connects to Exchange and initiates an SMTP session.
                    2. During the SMTP session, Exchange applies connection filtering using the following criteria:
                    a. Connection filtering checks the global accept list. If an IP address is on the global accept list, no other connection, recipient, or sender filtering is applied, and the message is accepted.
                    b. Connection filtering checks the global deny list. If the IP address of the sending server is found on the global deny list, the message is automatically rejected and no other filters are applied.
                    c. Connection filtering checks the real-time block lists of any providers that you have configured. If the sending server's IP address is found on a block list, the message is rejected and no other filters are applied.
                    3. After connection filtering is applied, Exchange checks the sender address (the P1 information specified in the SMTP conversion by the RFC2821 MAIL FROM command) against the list of senders that you configured in sender filtering. If a match is found, Exchange rejects the message and no other filters are applied.
                    4. Exchange checks the recipient against the recipient list that you have configured in recipient filtering. If the intended recipient matches an e-mail address that you filter, Exchange rejects the message and no other filters are applied.
                    5. After this action (if enabled), Exchange checks and filters recipients who are not in the directory (Directory Lookups).
                    6. After recipient filtering is applied, Exchange checks the resolved sender address (the P2 data from RFC2822 headers) against the Blank Sender. If a match is found, Exchange filters the message based on the options that you configured and no other filters are applied.
                    7. Sender ID filter is applied (if enabled) before Intelligent Message Filter.
                    8. If a message is not filtered by connection, recipient, or sender filtering, Intelligent Message Filter is applied, and one of two actions occurs at the gateway:
                    If Intelligent Message Filter assigns the message an SCL rating that is greater than or equal to your gateway threshold, Intelligent Message Filter takes the appropriate gateway action.
                    If Intelligent Message Filter assigns the message an SCL rating that is lower than to your gateway threshold, the message is passed to the Exchange server that has the user's mailbox store.
                    9. If a user is using Outlook 2003 or Outlook Web Access with Exchange 2003, the user's mailbox store compares the message's SCL rating with the store threshold you configured, and one of two things occurs:
                    If the message rating is lower than or equal to the store threshold, the mailbox store checks the user's blocked senders list configured in Outlook or Outlook Web Access, and one of two things occurs:
                    If the sender of the message is not on a blocked senders list configured in Outlook or Outlook Web Access, or if a blocked senders list is unavailable or defined, the message is delivered to the recipient's Inbox.
                    If the sender appears on the blocked senders list configured in Outlook or Outlook Web Access, the message is delivered to the user's Junk E-mail folder.
                    If the message rating is greater than the store threshold, the mailbox store checks the user's safe senders list configured in Outlook or Outlook Web Access, and one of two things occurs:
                    If the sender appears on the safe senders list, the message is delivered to the recipients Inbox.
                    If the sender does not appear on the safe senders list, or if a safe senders list is unavailable or defined, the message is delivered to the recipient's Junk E-mail folder.
                    Important:
                    If users are using versions of Outlook earlier than Outlook 2003, the mailbox store thresholds have no effect and messages that are filtered in step 9 are instead delivered to the users' Inboxes. However, if clients can access e-mail using Outlook Web Access 2003, the store thresholds are applied as described in step 9.
                    __________________________________________________ _____________
                    Last edited by baracuda; 23rd July 2008, 07:55.

                    Comment

                    Working...
                    X