Tuesday, February 26, 2008

Troubleshooting MX Host Connectivity

Recently I had an issue arise that is pretty common in today's industry where one domain is unable to send email to another one (or so we think). We need a way to test this and after seeing a buddy of mine do it a couple of years ago I decided to track down how it is done. Plus it makes me feel like an über admin when I do it :-)

To elaborate on the issue, say DomainA cannot seem to send email to DomainB and DomainB returns undeliverables and error messages etc. DomainB states that their MX Host is up and running and they are receiving mail from other domains. DomainA then feeling like a red-headed stepchild calls you (the Mail Admin) asking WTF is going on. You know you are able to send to other domains just fine and want to know what is going on with the relationship between you (DomainA) and DomainB. You need to test a connection from one email address @DomainA to an address @DomainB and you want their MX Host to tell you it's kosher...

Down to business, first thing you need to do is make sure you can get out of the corp firewall over port 25. You won't get anywhere without this ability. Sweet talk your Network folks, whatever just give em your IP and ask to get out over port 25 for a bit of testing. After that, you'll need to find the actual MX Hostname of DomainB. I recommend MXToolBox. Sure NSLOOKUP will do this as well but what if your DNS has the wrong records in the first place? Uh huh, betcha didn't think about that :-) Just go there and put in DomainB's name into the box and whammy! You have their MX Hostnames there in order starting with the primary.

Take the primary MX Hostname and open up a telnet session (hyperterm or command line). Make sure you enable localecho and logging if you want to save the output (set localecho ENTER and then set logfile (path) ENTER) Now open a connection to the MX Host...

This is a very crucial thing to remember, you MUST not have any errors while connected to the MX Host, you will get a syntax error, no backspaces, misspells, and case must be correct. You want to play it slow and easy with the typing here.

Once you are connected to the host, issue the following commands:

helo (your domain here)
Response should be 'OK'

mail from: (your email address here)
Response should be 'OK - (your email address)'

rcpt to: (recipient email address here)
Response should be 'OK - (recipient email address)'

data
Response should be 'Send data. End with CRLF.CRLF'

To: (recipient's display name)(enter)
From: (your display name)(enter)
Subject: (Subject field of Email message)(enter)
(Enter you body text)(enter)(enter) . (enter)
response should be 'OK'

quit

This basically tests DomainB's ability to receive email from your domain without any problems. If you get syntax errors, start over, you mistyped something. It happens alot. Other errors are self-explanatory. If you can't talk to DomainB, then they need to address the issue. You might be blacklisted. Otherwise, if everything else is ok, you may need to do an NSLOOKUP to make sure the MX Host is correct. If it is different than what you get when you do an external MX lookup like with the above website, then you need to change your DNS records to match the current one.

I got most of this information from the following websites:

http://exchange.mvps.org/smtp_frames.htm

and

http://technet.microsoft.com/en-us/library/bb123686(EXCHG.80).aspx