Ok…for whatever reason you break your Exchange servers secure channel to the domain and you have exhausted all avenues to get it back (Netdom/NLTest), your last resort might be to remove the Exchange server from the domain and rejoin it. Well…that just sounds like I want to shoot myself in the foot.
This happened to me and I thought Microsoft was nuts in recommending it. But after we tried everything…we figured that we had nothing to lose. The Exchange server could see the domain but no machines in the domain could connect to the Exchange. When you tried to browse the Exchange server, you would get a message “The target account name is incorrect”.
So…here…we…go…
I made sure that all the stores were stopped. Set all the Exchange services to disabled and just for the fun of it ran an eseutil /mh against the databases. Lo and behold, they were all in a “Dirty Shutdown” state. Great!!
Anyway…we removed it from the domain, rebooted, logged in with local administrator, rejoined the domain, rebooted and logged in with domain admin rights. (Took much less time to write than actually do).
Then we opened Services and started the SA. Its good!! Then the IS. Its good too. (Geez…this is awesome). Then the MTA, Management, and all the others. Its all good!! Well I’ll be a monkey’s uncle. We tested to see if mail was flowing internally and externally and its all good.
Another great save!!!!
Over and out from Bermuda…
Wednesday, September 20, 2006
How to check if a mail server is on a Blacklist
Have you ever had to check a domain name to see if its on a blacklist? I like to use www.dnsstuff.com . It works great but reports back on every blacklist available. And sometimes if the server is busy, it could take up to a day to report back. Well that does you no good if you need a report right now.
What if you are using SPAM software that you get to list specific blacklist. There is an easy way to check…here are the steps.
1. Get the Internet header from the message that bounces back.
2. Locate the IP address of each mail server that the message has passed through.
3. Once you have a list of all the IP addresses of mail servers the mail has passed through, you need to check whether any of these are listed as blocked by one or more of the DNS blacklists you have enabled in your configuration. This can be checked using one of the following procedures:
Using Ping: At the command prompt type ping (reversed IP).(relay blacklist)
Example: If the mail server address is 24.222.0.10 and you are checking it against the blacklist relays.ordb.org the command would be:
ping 10.0.222.24.relays.ordb.org
Good Results: Ping request could not find host 10.0.222.24.relays.ordb.org. Please check the name and try again would indicate that the IP address being checked is not in relays.ordb.org. You can proceed to check the IP address with the other DNS Blacklists enabled, or check the other IP addresses found in the email header.
Bad Results: Pinging 10.0.222.24.relays.ordb.org [127.0.0.2] with 32 bytes of datawould indicate that the IP address is found on the DNS Blacklist being check. Note that you do not need to check that you get a reply to your ping request. You just need to check that the host (10.0.222.24.relays.ordb.org) resolves to an IP address (127.0.0.2 in this case). Note also that the IP address to which it resolves is not important either.
Using NSLOOKUP: At the command prompt type nslookup (reversed IP).(relay blacklist)
Example: If the mail server address is 24.222.0.10 and you are checking it against the blacklist relays.ordb.org the command would be:
nslookup 10.0.222.24.relays.ordb.org
Good Results: DNS Server can’t find 10.0.222.24.relays.ordb.org: Non-existent domain: indicates that the IP address is not in relays.ordb.org. You can proceed to check the IP address with the other DNS Blacklists enabled or check the other IP addresses found in the email header.
Bad Results: Would be as follows:
Non-authoritative answer:Name: 10.0.222.24.relays.ordb.orgAddress: 127.0.0.2indicates that the IP address is found on the relays.ordb.org blacklist
Hope that helps your search…
What if you are using SPAM software that you get to list specific blacklist. There is an easy way to check…here are the steps.
1. Get the Internet header from the message that bounces back.
2. Locate the IP address of each mail server that the message has passed through.
3. Once you have a list of all the IP addresses of mail servers the mail has passed through, you need to check whether any of these are listed as blocked by one or more of the DNS blacklists you have enabled in your configuration. This can be checked using one of the following procedures:
Using Ping: At the command prompt type ping (reversed IP).(relay blacklist)
Example: If the mail server address is 24.222.0.10 and you are checking it against the blacklist relays.ordb.org the command would be:
ping 10.0.222.24.relays.ordb.org
Good Results: Ping request could not find host 10.0.222.24.relays.ordb.org. Please check the name and try again would indicate that the IP address being checked is not in relays.ordb.org. You can proceed to check the IP address with the other DNS Blacklists enabled, or check the other IP addresses found in the email header.
Bad Results: Pinging 10.0.222.24.relays.ordb.org [127.0.0.2] with 32 bytes of datawould indicate that the IP address is found on the DNS Blacklist being check. Note that you do not need to check that you get a reply to your ping request. You just need to check that the host (10.0.222.24.relays.ordb.org) resolves to an IP address (127.0.0.2 in this case). Note also that the IP address to which it resolves is not important either.
Using NSLOOKUP: At the command prompt type nslookup (reversed IP).(relay blacklist)
Example: If the mail server address is 24.222.0.10 and you are checking it against the blacklist relays.ordb.org the command would be:
nslookup 10.0.222.24.relays.ordb.org
Good Results: DNS Server can’t find 10.0.222.24.relays.ordb.org: Non-existent domain: indicates that the IP address is not in relays.ordb.org. You can proceed to check the IP address with the other DNS Blacklists enabled or check the other IP addresses found in the email header.
Bad Results: Would be as follows:
Non-authoritative answer:Name: 10.0.222.24.relays.ordb.orgAddress: 127.0.0.2indicates that the IP address is found on the relays.ordb.org blacklist
Hope that helps your search…
Subscribe to:
Posts (Atom)