none
recieveing mail

    Question

  • Hi all

    Im having problems setting up my mail system. I might be making a mountain out of a mole hill here but, Im totally confused.

    To start off with I have sbs2007 with exchange 2007 SP3. I have a static Ip from my IPS ,and  I have a domain name registered with a dns provider.

     I ran the exchange remote connection analyser and found that I can recieve mail from my ISP addresses but sending on my ISp address gives me blacklist errors, and sending on my DNS address gives me an spf error.

    I do have an spf text file listed on my dns site but appairently it's not acknowledging it.

    Ok, to recieve and send mail to and from my exchange server do I use my isp's address or do I use my dns providers address.

    such as setting up my dns A record to point to my isp address or my DNS providers address.

    as I stated Im confused!!

    Thursday, April 05, 2012 5:24 PM

Answers

  • If depends if Exch is responsible for sending/receiving email or if you use your ISP/Service provider. 

    If Exch, then setup PTR/SPF/MX for Exch, if ISP/Service Provider then they will help you setup the appropiate records and all you have to do is configure exch to use a smarthost to send emails and accept emails (can restrict to IP's if you have the information from the ISP/Service Provider).


    Sukh

    • Proposed as answer by Castinlu Monday, April 09, 2012 1:42 AM
    • Marked as answer by Castinlu Friday, April 13, 2012 7:48 AM
    Sunday, April 08, 2012 5:05 PM
  • hi,

    You should set your public ip address that your isp assign to you in your dns provider,  Your A/MX record should point to the IP. The purpose is let the client can resolve your exchange server.

    If you point the record to your isp address, it means that you want to use the isp as your smtp smart host. If your isp reject some mail, you will not receive the mail.

    hope can help you

    thanks,


    CastinLu

    TechNet Community Support

    • Marked as answer by Castinlu Friday, April 13, 2012 7:48 AM
    Tuesday, April 10, 2012 9:46 AM

All replies

  • Your configuration may depend on how you perform your spam filtering.  If you have an internal spam filtering solution in place, your MX DNS record(s) should point to your static public IP that is assigned to you by your ISP.  If you have a hosted spam filtering service, your MX DNS record(s) should point to that service's IP address and then that service would forward to your static public IP address.  You will need the proper firewall rules to allow SMTP through to your Exchange server or spam filtering solution.

    Friday, April 06, 2012 1:08 AM
  • If depends if Exch is responsible for sending/receiving email or if you use your ISP/Service provider. 

    If Exch, then setup PTR/SPF/MX for Exch, if ISP/Service Provider then they will help you setup the appropiate records and all you have to do is configure exch to use a smarthost to send emails and accept emails (can restrict to IP's if you have the information from the ISP/Service Provider).


    Sukh

    • Proposed as answer by Castinlu Monday, April 09, 2012 1:42 AM
    • Marked as answer by Castinlu Friday, April 13, 2012 7:48 AM
    Sunday, April 08, 2012 5:05 PM
  • hi,

    If the answer can fix your problem, please remember to mark as answer.

    If you have any update, please feel free to tell us.

    hope can help you

    thanks,


    CastinLu

    TechNet Community Support

    Monday, April 09, 2012 1:45 AM
  • Still Not sure there, PS Cl

    let me clarify a few things.

     RCA is the Remote Connection Analyser in the exchange tools

    I have a domain name provider, I have a website provider and I have an ISP provider. the mx record is set up as XXXCCCSSS.com .Im not sure where that one points to, Proberly my website provider.

    On my router I have an ip address of xxx.123.456.789. my dns number is 255.255.255.255

    when i go to my dns provider and type in my isp address into the A record, and i run the test outgoing mail command on the RCA using my isp address, i get spamhaus telling me that my isp is blocking my mail.

    After discussing with my ISP about the problem they tell me to enter  SMTP- before my outgoing mail and everything will work. Not, after four days the mail is still in the query and some has returned undelerverable.

    when I enter my DNS address into my A record and run the test outgoing mail command with my dns address in the RCA it works, but otherwise when I send mail it gets kicked back as undelerverable.

    Do I need to be put on a whitelist?

    as far as antispam goes

    I am appairently recieving the msexchange antispam updated and it runs the scan, I also have exchange set up for the ip block list from zen=spamhaus. Im not sure how to tell if thats working.

    Tuesday, April 10, 2012 3:10 AM
  • Still Not sure there, PS Cl

    let me clarify a few things.

     RCA is the Remote Connection Analyser in the exchange tools

    I have a domain name provider, I have a website provider and I have an ISP provider. the mx record is set up as XXXCCCSSS.com .Im not sure where that one points to, Proberly my website provider.

    On my router I have an ip address of xxx.123.456.789. my dns number is 255.255.255.255

    when i go to my dns provider and type in my isp address into the A record, and i run the test outgoing mail command on the RCA using my isp address, i get spamhaus telling me that my isp is blocking my mail.

    After discussing with my ISP about the problem they tell me to enter  SMTP- before my outgoing mail and everything will work. Not, after four days the mail is still in the query and some has returned undelerverable.

    when I enter my DNS address into my A record and run the test outgoing mail command with my dns address in the RCA it works, but otherwise when I send mail it gets kicked back as undelerverable.

    Do I need to be put on a whitelist?

    as far as antispam goes

    I am appairently recieving the msexchange antispam updated and it runs the scan, I also have exchange set up for the ip block list from zen=spamhaus. Im not sure how to tell if thats working.

    A couple of other things, while preforming these tests I change my dns A records accordingly and wait 24 hours to do the next test.

    As far as my PTR record it points to my servers domain .com and not the .local

    my servers .com A record I have set up with my DNS address.

    Tuesday, April 10, 2012 3:30 AM
  • hi,

    You should set your public ip address that your isp assign to you in your dns provider,  Your A/MX record should point to the IP. The purpose is let the client can resolve your exchange server.

    If you point the record to your isp address, it means that you want to use the isp as your smtp smart host. If your isp reject some mail, you will not receive the mail.

    hope can help you

    thanks,


    CastinLu

    TechNet Community Support

    • Marked as answer by Castinlu Friday, April 13, 2012 7:48 AM
    Tuesday, April 10, 2012 9:46 AM
  • Still Not sure there, PS Cl

    let me clarify a few things.

     RCA is the Remote Connection Analyser in the exchange tools

    I have a domain name provider, I have a website provider and I have an ISP provider. the mx record is set up as XXXCCCSSS.com .Im not sure where that one points to, Proberly my website provider.

    On my router I have an ip address of xxx.123.456.789. my dns number is 255.255.255.255

    when i go to my dns provider and type in my isp address into the A record, and i run the test outgoing mail command on the RCA using my isp address, i get spamhaus telling me that my isp is blocking my mail.

    After discussing with my ISP about the problem they tell me to enter  SMTP- before my outgoing mail and everything will work. Not, after four days the mail is still in the query and some has returned undelerverable.

    when I enter my DNS address into my A record and run the test outgoing mail command with my dns address in the RCA it works, but otherwise when I send mail it gets kicked back as undelerverable.

    Do I need to be put on a whitelist?

    as far as antispam goes

    I am appairently recieving the msexchange antispam updated and it runs the scan, I also have exchange set up for the ip block list from zen=spamhaus. Im not sure how to tell if thats working.

    Your public domain name is XXXCCCSSS.com.

    Your public IP address for your network is XXX.123.456.789

    Assuming your ISP is not acting as your smarthost and you on-premise Exchange environment is performing outbound and inbound message routing, consider the following:

    1. In DNS, create an A record for mail.XXXCCCSSS.com and point it to XXX.123.456.789.
    2. In DNS, create an A record for autodiscover.XXXCCCSSS.com and point it to XXX.123.456.789.
    3. In DNS, create an MX record for XXXCCCSSS.com and point it to mail.XXXCCCSSS.com.
    4. Optionally, if you need to setup a Sender Policy Framework (SPF) DNS record, refer to this link.
    5. On your external firewall, create a rule to allow SMTP port 25 traffic from XXX.123.456.789 to your Exchange HT server.
    6. On your external firewall, create a rule to allow HTTPS port 443 traffic from XXX.123.456.789 to your Exchange CAS.

    These are the basic settings to get inbound and outbound message routing to work with your Exchange servers.  The ExRCA will also test Exchange configurations, so you will need to ensure the proper Exchange configurations are in place.

    
    
    • Proposed as answer by PS CL Thursday, April 19, 2012 3:09 PM
    Tuesday, April 10, 2012 5:25 PM
  • Hi PS

    Tried that under boath the .com domain and the .local domain on my server but its still ending up on an RBL listing. 

    Should I have put that in my DNS providers listing? 

    Saturday, April 14, 2012 12:57 AM
  • Yes, these DNS records should be created in your public DNS through your DNS provider.

    As far as the black-listing, do you have your firewalls limited to only allow outbound SMTP from your Exchange servers or is it open to allow all traffic from internal to external?  I would suggest blocking all outbound SMTP port 25 from your internal network so that only your Excahnge servers are allowed to send outbound SMTP.

    Saturday, April 14, 2012 3:58 AM
  • Ok, I tried that, it seamed to help. I found other problems though, After sending mail to a client I found my send address was incorrect, changed that and everything seams fine but, after viewing the query file I found this message.

    Email from XXX.123.456.789 is currently blocked by verizon online antispam system. the email sender or service provider may visit http://verizon.net/whitelist to request removal of the block.

    Now do I have to do this to all the service providers that my clients have, or is there just one form I can fill out?

     

    Monday, April 16, 2012 4:25 PM
  • Each Service Provider.

    Sukh

    Monday, April 16, 2012 6:26 PM