My Exchange server is running Exchange 2000 on a Windows 2000 server which resides on a DMZ on our firewall. We are able to send and receive e-mail within the company, but when someone tries to send an e-mail outside of our domain, it is immediately rejected with the response that "none of your e-mail accounts could send to this recipient". Likewise, when someone tries to send us e-mail from outside of our domain, the message is returned as undeliverable. I have contacted technical support for the firewall and they have stated that it is an internal DNS configuration problem. I am able to Telnet directly to the Exchange server, so I guess the firewall technical support is right. Any ideas on how I can configure the DNS on the Exchange server so people can send e-mail outside of our domain? Please help!!

Recommended Answers

All 8 Replies

Member Avatar for TKSS

You probably have an internal IP assigned to the Exchange Server.

What I would do is clear the DNS cache on your DNS servers, or, delete the cached entry for that domain you have the server set up for. Restart the DNS server service, and client service. On the exchange server, run ipconfig /flushdns, and then retry the messages.


Or...another quick fix might be to delete the IMS connection and recreate it.

Thank you for replying. I modified a few settings on the server and am now able to send e-mail successfully both inside and outside of our domain; I still cannot receive incoming e-mail from outside of the domain. (Yes, the exchange server has an internal IP assigned to it). I have tried the /flushdns, stopping and starting the netlogon and /registerdns. Nothing seems to work, and I have a feeling it's still a DNS configuration problem...... :sad:

Member Avatar for TKSS

I think you're right.


I'm thinking that external mail servers cannot see your mail server from the outside. When they are attempting to locate you, they are bumping into your firewall and can't get through. So we need to think about what needs to take place so that they can see your server. Do you run a static IP address?

Yes. All servers and workstations have static IP's. I have 2 internal servers and 18 workstations on the "trusted" network interface on the firewall; the Exchange server and Web servers are on the "optional"/DMZ interface, and the "external" interface is all by itself. All 3 interfaces are treated as separate networks. I have NAT set up on the firewall for the exchange server and the web server. All configurations on the firewall were set up by tech support for the firewall.

Some more information that is leaving me stumped (but perhaps someone else will understand): I tried tracking incoming messages for myself on the server. Quite a few messages showed up for non-delivery reports, and properties for all said "SMTP store driver: Message delivered locally to queue" as the second to last entry in the chain of events.
There was one event following the local delivery, which stated "SMTP: started outbound transfer of message". Properties for this message stated that both myself and the sender of the message received a NDR from exchange. I never received these NDR's. Also, I tried sending myself e-mails from my hotmail account and these never showed up when I tracked messages. :cry:

I have finally solved the problem; it was a combination of DNS and firewall settings. Everything appears to be functioning correctly now. Thank you, TKS, for your assistance. :)

Member Avatar for TKSS

I have finally solved the problem; it was a combination of DNS and firewall settings. Everything appears to be functioning correctly now. Thank you, TKS, for your assistance. :)

Glad to hear it! ;) :cheesy:

I have finally solved the problem; it was a combination of DNS and firewall settings. Everything appears to be functioning correctly now. Thank you, TKS, for your assistance. :)

Hello,

I am going crazy trying to figure out a simpler problem, I moved our exchange server into the dmz and everything works except inbound mail. what problems did you have with dns and exchange 2003? Please help, I am running out of solutions.

Thanks
Doreen

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.