Home > Ask the Microsoft Exchange Experts > David Sengupta: Server Administration Questions & Answers > Still receiving inbound SMTP e-mail at a defunct domain
Ask The Exchange Expert: Questions & Answers
EMAIL THIS

Still receiving inbound SMTP e-mail at a defunct domain

David Sengupta EXPERT RESPONSE FROM: David Sengupta

Pose a Question
Other Exchange Categories
Meet all Exchange Experts
Become an Expert for this site


Exchange Server tips, tutorials and expert advice
Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us    Add to Google


>
QUESTION POSED ON: 13 February 2006
I have a client running Microsoft Exchange 2000 and they've changed their company name and DNS domain name. They are receiving inbound SMTP e-mail to the new domain fine. Even though I've removed the MX record from the old domain (two weeks ago) and removed the domain from the recipient policy, I can still connect to the SMTP server and send to bob@olddomain.com.

I've also removed the old e-mail address from all users, groups, etc. No matter what I try, I can still connect to the old server via telnet (IP address) 25 and send to bob@olddomain.com. I've rebooted the server as well. Do you have any ideas?


>
EXPERT RESPONSE
VIEW MEMBER FEEDBACK TO THIS ASK THE EXPERT Q&A.

The first thing I'd do is spend some time drilling in the public-facing DNS record associated with the "olddomain.com" domain. Make sure you are (1) on the Internet when you do this and (2) are looking specifically at the authoritative DNS record.

If public clients can send mail to your old SMTP address, then they are getting an MX record from somewhere, which means that the MX record still exists. Once you've found the MX record, determine exactly which IP address corresponds to the server accepting Internet mail, and telnet into that server.

Then use the banner to confirm that this is indeed the server that you are assuming is your Internet gateway, and not an intermediary firewall or other rogue (or forgotten/overlooked) SMTP gateway.

Between those steps I think you'll figure out what's going on.

Bottom line: I think something is wrong in your assumptions … and some deeper digging will turn something up.

MEMBER FEEDBACK TO THIS ASK THE EXPERT Q&A:

In this reply, you suggested that the user had likely missed finding an old MX record when e-mail for a retired domain was continuing to flow into their e-mail server. There is another explanation -- spammers. (And that's probably one of the reasons they wanted to change their domain name in the first place.)

Spammers remember the IP address of the e-mail server for a LONG time. I have one domain that I retired from e-mail service more than five years ago. It still advertises its presence with NS records, but there are no A or MX records in it. None of the NS records points to the same IP address as the old mail server. But when I go check logs, there they are -- messages pointed to the server using the old domain name just like it was yesterday, and every single one is spam. (I've even tried pointing the MX record to 127.0.0.1, but it doesn't help.)

The best solution is to insure that the Exchange server doesn't recognize that domain name and it will just drop the messages on the floor. (Look in Recipient Policies and Recipient Update Services in Exchange System Manager.) They'll still pay the price for handling the initial transaction, but at least they won't have to handle the entire message.

It would also help to reassign the IP address for the mail server for the new domain and not use the old address for anything related to inbound e-mail. At least then the packets won't have anywhere to go.
—Greg M.

Do you have comments on this Ask the Expert Q&A? Let us know.
Related information from SearchExchange.com:

  • Tutorial: A primer on DNS and MX records
  • Learning Guide: How to fight spam on Exchange Server
  • Reference Center: DNS tips and resources
  • Reference Center: SMTP tips and resources

    		•

    Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us    Add to Google


    RELATED CONTENT
    David Sengupta: Server Administration
    Editing Exchange Server public folder permissions
    Search and index Microsoft Outlook 2007 public folders
    Troubleshooting Microsoft Exchange Server Event ID error 6009
    Can't delete old Microsoft Outlook public folders
    Can't create mailboxes after virtualizing Microsoft Exchange Server
    Recovering an Exchange Server 2003 store on a disaster recovery box
    Creating disk space for an Exchange Server 2003 priv1.edb database
    Sharing a user's Outlook calendar with a public folder calendar
    Error message: 'ID no: 8004100e Exchange System Manager'
    Exchange public folder calendar can't be opened in Microsoft Outlook

    Microsoft Exchange Server and DNS
    Why can't POP3 clients receive Exchange Server email?
    How to configure DNS records for Exchange Server on Windows SBS 2003
    OWA stops working from external network connection
    Locate 'missing' SPF record on an external DNS domain
    Receiving 'failed MX lookup' delivery status notification
    IP address changes for an Exchange 2000 recovery server
    0xC103FC93 error with Exchange 2003 setup and install
    Set up FQDN and bridgeheads for POP3 and IMAP4 email
    Reverse DNS mismatches mark Exchange email as spam
    New Exchange Server installation not receiving SMTP or POP3 email

    SMTP
    Troubleshooting Microsoft Exchange Server Event ID error 6009
    How to lock down an SMTP relay to prevent spam in Exchange Server 2003
    Tool helps identify inbound Exchange Server email flow issues
    Configure SMTP relay restrictions in Exchange Server 2003 to stop spam
    Exchange email sent to a domain using SPF authentication is returned
    Why can't POP3 clients receive Exchange Server email?
    Exchange event sink scripting error when configuring email disclaimer
    Configure SMTP connection limits in Exchange Server 2003 and SBS
    Reconfigure an existing Exchange Server user account for a new user
    Improve Exchange 2003 Internet connectivity, mail flow and performance

    RELATED GLOSSARY TERMS
    Terms from Whatis.com − the technology online dictionary
    SMTP  (SearchExchange.com)

    RELATED RESOURCES
    2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
    Search Bitpipe.com for the latest white papers and business webcasts
    Whatis.com, the online computer dictionary



    Search and Browse the Expert Answer Center
    Search and browse more than 25,000 question and answer pairs from more than 250 TechTarget industry experts.
    Browse our Expert Advice



    Outlook Web Access (OWA) Tips and Advice
    HomeNewsTopicsITKnowledge ExchangeTipsAsk the ExpertsMultimediaWhite PapersIT Downloads
    About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
    SEARCH 
    TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines.

    TechTarget Corporate Web Site  |  Media Kits  |  Reprints  |  Site Map




    All Rights Reserved, Copyright 2004 - 2008, TechTarget | Read our Privacy Policy     		  TechTarget - The IT Media ROI Experts