DNS & exchange problem

Shiva Shankar .S · Oct 10, 2003

HI,

Am Unable to send the mail to one domain but they are able to send mail to
my server.
If i send mail to that domain it will be Q in my exchange 2000 server.
what's the cause
am using my internal DNS server to forwarder to my ISP dns server.
when i do nslookup for that domain in internal server first it will be
request time out then it will resolve the domain name. ( what should be the
cause ??)
but in my external DNS serve if i resolve the that domain it will resolve
immeditaly here was no problem
there was no event error in server.

Please help me to figure out the problem

:-)

shiva

Kevin D. Goodknecht · Oct 10, 2003

In

Shiva Shankar .S said:
HI,

Am Unable to send the mail to one domain but they are able to send
mail to my server.
If i send mail to that domain it will be Q in my exchange 2000
server. what's the cause
am using my internal DNS server to forwarder to my ISP dns server.
when i do nslookup for that domain in internal server first it will be
request time out then it will resolve the domain name. ( what should
be the cause ??)
but in my external DNS serve if i resolve the that domain it will
resolve immeditaly here was no problem
there was no event error in server.

Please help me to figure out the problem

shiva

This could be cache polution on your internal server.
Clear the cache on your internal server to see if it clears it up.

Shiva Shankar .S · Oct 10, 2003

Kevin,

Kevin hope u remember am shiva u only help me out to setup my internal
server :-)

thanks for u r fast response

I clear the cash in DNS consel. after of that how to clear the cash any idea
please.

how to clear cash in dns.

Thanks & regards,
Shiva

Kevin D. Goodknecht · Oct 10, 2003

In

Shiva Shankar .S said:
Kevin,

Kevin hope u remember am shiva u only help me out to setup my internal
server thanks for u r fast response

I clear the cash in DNS consel. after of that how to clear the cash
any idea please.

Hi Shiva,
Yes, I remember haven't seen you around here in a while.
You can clear the DNS cache also just by restarting tne DNS service, then
run ipconfig /flushdns to clear the DNS resolver cache.

Shiva Shankar .S · Oct 10, 2003

Kevin,

I clear the cache using below command still have same problem.

C:\> ipconfig /flushdns

any solution please.
waiting for u r replay

Thanks & Regards,
Shiva

Shiva Shankar .S · Oct 10, 2003

Kevin,
I followed u r instruction still have same problem.

please figure out the problem.

Thanks & Regards,
Shiva

Kevin D. Goodknecht · Oct 10, 2003

In

Shiva Shankar .S said:
Kevin,
I followed u r instruction still have same problem.

please figure out the problem.

In DNS server properties, on the advanced tab "Secure cache against
pollution"
checked?
Is this the only domain doing this?
What is the domain name?
Can you post your output?

Shiva Shankar .S · Oct 10, 2003

Kevin,

Note:- all the beolow IP address and domain was dume :-)

when i do Nslook up from my internel DNs server getting below result.

c:\>nslookup

default server:- shiva.shiva.com.sg
address: 10.56.7.2

mail.boss.com.sg

default server:- shiva.shiva.com.sg
address: 10.56.7.2

DNS request time out
timeout was 2 seconds
non-authoritative answer:
Name: mail.boss.com.sg
address: 234.67.12.67

when i do nslookup from internal clinet computer it's resolves without any
DNS time out

c:\>nslookup

default server:- shiva.shiva.com.sg
address: 10.56.7.2

mail.boss.com.sg

default server:- shiva.shiva.com.sg
address: 10.56.7.2

non-authoritative answer:
Name: mail.boss.com.sg
address: 234.67.12.67

What should be the cause please figuer out and ride me out from this issue.
I cleared all cash in my server

because of this issue am unable to send out mail to that domain

eagerly waiting for u r replay.

Thanks & Regards,
Shiva

Shiva Shankar .S · Oct 10, 2003

Kevin,

Note:- all the beolow IP address and domain was dume :-)

when i do Nslook up from my internel DNs server getting below result.

c:\>nslookup

default server:- shiva.shiva.com.sg
address: 10.56.7.2

mail.boss.com.sg

default server:- shiva.shiva.com.sg
address: 10.56.7.2

DNS request time out
timeout was 2 seconds
non-authoritative answer:
Name: mail.boss.com.sg
address: 234.67.12.67

when i do nslookup from internal clinet computer it's resolves without any
DNS time out

c:\>nslookup

default server:- shiva.shiva.com.sg
address: 10.56.7.2

mail.boss.com.sg

default server:- shiva.shiva.com.sg
address: 10.56.7.2

non-authoritative answer:
Name: mail.boss.com.sg
address: 234.67.12.67

What should be the cause please figuer out and ride me out from this issue.
I cleared all cash in my server

because of this issue am unable to send out mail to that domain

eagerly waiting for u r replay.

Thanks & Regards,
Shiva

Kevin D. Goodknecht · Oct 10, 2003

In

Shiva Shankar .S said:
Kevin,

Note:- all the beolow IP address and domain was dume

when i do Nslook up from my internel DNs server getting below result.

c:\>nslookup

default server:- shiva.shiva.com.sg
address: 10.56.7.2

default server:- shiva.shiva.com.sg
address: 10.56.7.2

DNS request time out
timeout was 2 seconds
non-authoritative answer:
Name: mail.boss.com.sg
address: 234.67.12.67

when i do nslookup from internal clinet computer it's resolves
without any DNS time out

c:\>nslookup

default server:- shiva.shiva.com.sg
address: 10.56.7.2

default server:- shiva.shiva.com.sg
address: 10.56.7.2

non-authoritative answer:
Name: mail.boss.com.sg
address: 234.67.12.67

What should be the cause please figuer out and ride me out from this
issue. I cleared all cash in my server

because of this issue am unable to send out mail to that domain

Is this the actual domain name?
There may be other problems which may cause this so please give the actual
name if this is not it.

mail.boss.com.sg does not resolve
boss.com.sg has an MX record but no reverse lookup on the mail server IP
here is my results.

W:\>nslookup
Default Server: kjweb.lsaol.com
Address: 192.168.0.2

set type=mx
boss.com.sg

Server: kjweb.lsaol.com
Address: 192.168.0.2

Non-authoritative answer:
boss.com.sg MX preference = 10, mail exchanger = boss.com.sg

boss.com.sg internet address = 202.148.162.80

set type=a
mail.boss.com.sg

Server: kjweb.lsaol.com
Address: 192.168.0.2

*** kjweb.lsaol.com can't find mail.boss.com.sg: Non-existent domain

mail.boss.com.sg

Server: kjweb.lsaol.com
Address: 192.168.0.2

DNS request timed out.
timeout was 2 seconds.
*** kjweb.lsaol.com can't find mail.boss.com.sg: Non-existent domain

set type=cname
mail.boss.com.sg

Server: kjweb.lsaol.com
Address: 192.168.0.2

*** kjweb.lsaol.com can't find mail.boss.com.sg: Non-existent domain

set type=all
boss.com.sg

Server: kjweb.lsaol.com
Address: 192.168.0.2

Non-authoritative answer:
boss.com.sg internet address = 202.148.162.80
boss.com.sg nameserver = ns.webcraftsg.com
boss.com.sg
primary name server = ns.webcraftsg.com
responsible mail addr = root.ns.webcraftsg.com
serial = 2003020502
refresh = 3600 (1 hour)
retry = 600 (10 mins)
expire = 86400 (1 day)
default TTL = 3600 (1 hour)
boss.com.sg MX preference = 10, mail exchanger = boss.com.sg

ns.webcraftsg.com internet address = 202.148.162.80
boss.com.sg internet address = 202.148.162.80

And here is the reverse lookup on their IP
How I am searching:
Asking h.root-servers.net for 80.162.148.202.in-addr.arpa PTR record:
h.root-servers.net says to go to ns3.apnic.net. (zone:
202.in-addr.arpa.)
Asking ns3.apnic.net. for 80.162.148.202.in-addr.arpa PTR record:
ns3.apnic.net says to go to dns2.infoserve.com.sg. (zone:
162.148.202.in-addr.arpa.)
Asking dns2.infoserve.com.sg. for 80.162.148.202.in-addr.arpa PTR record:
Reports that no PTR records exist.

Answer:
No PTR records exist for 202.148.162.80. [Neg TTL=3600 seconds]

Details:
dns2.infoserve.com.sg. (an authoritative nameserver for
162.148.202.in-addr.arpa., which is in charge of the reverse DNS for
202.148.162.80)
says that there are no PTR records for 202.148.162.80.

Shiva Shankar .S · Oct 10, 2003

Kevin,

This problem was only from my server .
from other domain there was no problem am able to send and receive the mail
from yahoo, hotmail etc....

The issue was am unable to send mail to that domain but able to receive the
mails.

if u don't mind u can give your personal e-mail so i can send u actual
domain name boz here lot of spamer's are there :-)

Thanks & Regards,
Shiva

Kevin D. Goodknecht said:
In

Shiva Shankar .S said:

Kevin,

Note:- all the beolow IP address and domain was dume

when i do Nslook up from my internel DNs server getting below result.

c:\>nslookup

default server:- shiva.shiva.com.sg
address: 10.56.7.2

default server:- shiva.shiva.com.sg
address: 10.56.7.2

DNS request time out
timeout was 2 seconds
non-authoritative answer:
Name: mail.boss.com.sg
address: 234.67.12.67

when i do nslookup from internal clinet computer it's resolves
without any DNS time out

c:\>nslookup

default server:- shiva.shiva.com.sg
address: 10.56.7.2

default server:- shiva.shiva.com.sg
address: 10.56.7.2

non-authoritative answer:
Name: mail.boss.com.sg
address: 234.67.12.67

What should be the cause please figuer out and ride me out from this
issue. I cleared all cash in my server

because of this issue am unable to send out mail to that domain

Click to expand...

Is this the actual domain name?
There may be other problems which may cause this so please give the actual
name if this is not it.

mail.boss.com.sg does not resolve
boss.com.sg has an MX record but no reverse lookup on the mail server IP
here is my results.

W:\>nslookup
Default Server: kjweb.lsaol.com
Address: 192.168.0.2

set type=mx
boss.com.sg

Click to expand...

Server: kjweb.lsaol.com
Address: 192.168.0.2

Non-authoritative answer:
boss.com.sg MX preference = 10, mail exchanger = boss.com.sg

boss.com.sg internet address = 202.148.162.80

set type=a
mail.boss.com.sg

Click to expand...

Server: kjweb.lsaol.com
Address: 192.168.0.2

*** kjweb.lsaol.com can't find mail.boss.com.sg: Non-existent domain

mail.boss.com.sg

Click to expand...

Server: kjweb.lsaol.com
Address: 192.168.0.2

DNS request timed out.
timeout was 2 seconds.
*** kjweb.lsaol.com can't find mail.boss.com.sg: Non-existent domain

set type=cname
mail.boss.com.sg

Click to expand...

Server: kjweb.lsaol.com
Address: 192.168.0.2

*** kjweb.lsaol.com can't find mail.boss.com.sg: Non-existent domain

set type=all
boss.com.sg

Click to expand...

Server: kjweb.lsaol.com
Address: 192.168.0.2

Non-authoritative answer:
boss.com.sg internet address = 202.148.162.80
boss.com.sg nameserver = ns.webcraftsg.com
boss.com.sg
primary name server = ns.webcraftsg.com
responsible mail addr = root.ns.webcraftsg.com
serial = 2003020502
refresh = 3600 (1 hour)
retry = 600 (10 mins)
expire = 86400 (1 day)
default TTL = 3600 (1 hour)
boss.com.sg MX preference = 10, mail exchanger = boss.com.sg

ns.webcraftsg.com internet address = 202.148.162.80
boss.com.sg internet address = 202.148.162.80

And here is the reverse lookup on their IP
How I am searching:
Asking h.root-servers.net for 80.162.148.202.in-addr.arpa PTR record:
h.root-servers.net says to go to ns3.apnic.net. (zone:
202.in-addr.arpa.)
Asking ns3.apnic.net. for 80.162.148.202.in-addr.arpa PTR record:
ns3.apnic.net says to go to dns2.infoserve.com.sg. (zone:
162.148.202.in-addr.arpa.)
Asking dns2.infoserve.com.sg. for 80.162.148.202.in-addr.arpa PTR record:
Reports that no PTR records exist.

Answer:
No PTR records exist for 202.148.162.80. [Neg TTL=3600 seconds]

Details:
dns2.infoserve.com.sg. (an authoritative nameserver for
162.148.202.in-addr.arpa., which is in charge of the reverse DNS for
202.148.162.80)
says that there are no PTR records for 202.148.162.80.

Kevin D. Goodknecht · Oct 10, 2003

In

Shiva Shankar .S said:
Kevin,

This problem was only from my server .
from other domain there was no problem am able to send and receive
the mail from yahoo, hotmail etc....

The issue was am unable to send mail to that domain but able to
receive the mails.

if u don't mind u can give your personal e-mail so i can send u actual
domain name boz here lot of spamer's are there

Thanks & Regards,
Shiva

Shiva,
Just remove the nospam. from my email.
Sorry for not getting back sooner I drank a cold beer and my eyelids turned
to lead weights. My day starts at 5am, I have a twelve year old son that
requires a lot of time to get going in the morning before he goes to school.

Michael Johnston [MSFT] · Oct 10, 2003

The mail.boss.com.sg has no relevance here. The MX record for the domain boss.com.sg resolves to box.com.sg which resovles to 202.148.162.80. From
your mail server, open a command prompt and type "telnet 202.148.162.80 25". You should receive a banner similar to "220 ns.webcraftsg.com ESMTP
Sendmail 8.11.1/8.11.1;". If you don't then you don't have connectivity to their mail server. Also, there is no PTR record registered for 202.148.162.80. If your
mail server requires this, this too could explain why you can't send them mail. Lastly, check to make sure your PTR record exists for you mail server.

Thank you,
Mike Johnston
Microsoft Network Support
--

This posting is provided "AS IS" with no warranties, and confers no rights. Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm

Note: For the benefit of the community-at-large, all responses to this message are best directed to the newsgroup/thread from which they originated.

Ace Fekay [MVP] · Oct 11, 2003

In

Shiva Shankar .S said:
HI,

Am Unable to send the mail to one domain but they are able to send
mail to my server.
If i send mail to that domain it will be Q in my exchange 2000
server. what's the cause
am using my internal DNS server to forwarder to my ISP dns server.
when i do nslookup for that domain in internal server first it will be
request time out then it will resolve the domain name. ( what should
be the cause ??)
but in my external DNS serve if i resolve the that domain it will
resolve immeditaly here was no problem
there was no event error in server.

Please help me to figure out the problem

shiva

What domain is it?
Maybe change the forwarder to 4.2.2.2.

Your mail server could also be the brunt of relaying, even if relaying is
turned off because the spammers are now tring to crack user/passwords to
authenticate to relay. Check your mail server SMTP queues. If you see
hundreds of domains in there, then that's what's going on and causing
network slowdown because of it.

Read these articles:

HOW TO: Block Open SMTP Relaying and Clean Up Exchange Server SMTP Queues on
SBS (but it works for Exchange 2000 too):
http://support.microsoft.com/default.aspx?scid=kb;en-us;324958

Mail Relaying - new ways they are getting through your security:
http://www.sbsfaq.com/news/getArtic...40A459B27C5FF7E6840000B1E572030000&path=News/

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

Shiva Shankar .S · Oct 13, 2003

Fack,

Both server located in different country and remotel setup and administrated
by me only

from fast four day's unable to send mail only for this domain for other
domain am able to send and receive. But that can send mail's to me no issue

why am unable to send mail's for that pecific domain.??

:-)

shiva

"Ace Fekay [MVP]"

Ace Fekay [MVP] · Oct 13, 2003

Shiva Shankar .S said:
Fack,

What is Fack?

Both server located in different country and remotel setup and administrated
by me only

from fast four day's unable to send mail only for this domain for other
domain am able to send and receive. But that can send mail's to me no issue

why am unable to send mail's for that pecific domain.??

I believe Michael Johnston already explained to you why.

Apparently your mail server DOES NOT have a reverse PTR entry for it.

The domain you are trying to send to is *probably* using Reverse DNS to
*stop* mail coming in where the domain name does not match the IP address
for that mail session because many spammers use servers with IP addresses
that do not have a Reverse entry.

Reverse DNS is one way to stop most of spammed emails.

Please re-read Michael's response.

Thank you

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
--
=================================

shiva

"Ace Fekay [MVP]"

In Shiva Shankar .S <[email protected]> posted their thoughts, then I offered

What domain is it?
Maybe change the forwarder to 4.2.2.2.

Your mail server could also be the brunt of relaying, even if relaying is
turned off because the spammers are now tring to crack user/passwords to
authenticate to relay. Check your mail server SMTP queues. If you see
hundreds of domains in there, then that's what's going on and causing
network slowdown because of it.

Read these articles:

HOW TO: Block Open SMTP Relaying and Clean Up Exchange Server SMTP

Click to expand...

Queues

on
SBS (but it works for Exchange 2000 too):
http://support.microsoft.com/default.aspx?scid=kb;en-us;324958

Mail Relaying - new ways they are getting through your security:

Click to expand...

http://www.sbsfaq.com/news/getArtic...40A459B27C5FF7E6840000B1E572030000&path=News/

DNS & exchange problem

Shiva Shankar .S

Kevin D. Goodknecht

Shiva Shankar .S

Kevin D. Goodknecht

Shiva Shankar .S

Shiva Shankar .S

Kevin D. Goodknecht

Shiva Shankar .S

Shiva Shankar .S

Kevin D. Goodknecht

Shiva Shankar .S

Kevin D. Goodknecht

Michael Johnston [MSFT]

Ace Fekay [MVP]

Shiva Shankar .S

Ace Fekay [MVP]