Home > Ask the Microsoft Exchange Experts > David Sengupta: Server Administration Questions & Answers > Still receiving inbound SMTP e-mail at a defunct domain
Ask The Exchange Expert: Questions & Answers
EMAIL THIS

Still receiving inbound SMTP e-mail at a defunct domain

David Sengupta EXPERT RESPONSE FROM: David Sengupta

Pose a Question
Other Exchange Categories
Meet all Exchange Experts
Become an Expert for this site


Exchange Server tips, tutorials and expert advice
Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us    Add to Google


>
QUESTION POSED ON: 13 February 2006
I have a client running Microsoft Exchange 2000 and they've changed their company name and DNS domain name. They are receiving inbound SMTP e-mail to the new domain fine. Even though I've removed the MX record from the old domain (two weeks ago) and removed the domain from the recipient policy, I can still connect to the SMTP server and send to bob@olddomain.com.

I've also removed the old e-mail address from all users, groups, etc. No matter what I try, I can still connect to the old server via telnet (IP address) 25 and send to bob@olddomain.com. I've rebooted the server as well. Do you have any ideas?


>
EXPERT RESPONSE
VIEW MEMBER FEEDBACK TO THIS ASK THE EXPERT Q&A.

The first thing I'd do is spend some time drilling in the public-facing DNS record associated with the "olddomain.com" domain. Make sure you are (1) on the Internet when you do this and (2) are looking specifically at the authoritative DNS record.

If public clients can send mail to your old SMTP address, then they are getting an MX record from somewhere, which means that the MX record still exists. Once you've found the MX record, determine exactly which IP address corresponds to the server accepting Internet mail, and telnet into that server.

Then use the banner to confirm that this is indeed the server that you are assuming is your Internet gateway, and not an intermediary firewall or other rogue (or forgotten/overlooked) SMTP gateway.

Between those steps I think you'll figure out what's going on.

Bottom line: I think something is wrong in your assumptions … and some deeper digging will turn something up.

MEMBER FEEDBACK TO THIS ASK THE EXPERT Q&A:

In this reply, you suggested that the user had likely missed finding an old MX record when e-mail for a retired domain was continuing to flow into their e-mail server. There is another explanation -- spammers. (And that's probably one of the reasons they wanted to change their domain name in the first place.)

Spammers remember the IP address of the e-mail server for a LONG time. I have one domain that I retired from e-mail service more than five years ago. It still advertises its presence with NS records, but there are no A or MX records in it. None of the NS records points to the same IP address as the old mail server. But when I go check logs, there they are -- messages pointed to the server using the old domain name just like it was yesterday, and every single one is spam. (I've even tried pointing the MX record to 127.0.0.1, but it doesn't help.)

The best solution is to insure that the Exchange server doesn't recognize that domain name and it will just drop the messages on the floor. (Look in Recipient Policies and Recipient Update Services in Exchange System Manager.) They'll still pay the price for handling the initial transaction, but at least they won't have to handle the entire message.

It would also help to reassign the IP address for the mail server for the new domain and not use the old address for anything related to inbound e-mail. At least then the packets won't have anywhere to go.
—Greg M.

Do you have comments on this Ask the Expert Q&A? Let us know.
Related information from SearchExchange.com:

  • Tutorial: A primer on DNS and MX records
  • Learning Guide: How to fight spam on Exchange Server
  • Reference Center: DNS tips and resources
  • Reference Center: SMTP tips and resources

    		•

    Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us    Add to Google


    RELATED CONTENT
    David Sengupta: Server Administration
    Error message: 'ID no: 8004100e Exchange System Manager'
    Exchange public folder calendar can't be opened in Microsoft Outlook
    Microsoft Exchange information store service stops responding
    IMAP list command only returns a list of Exchange public folders
    Remove Exchange 5.5 servers from a mixed mode Exchange environment
    A network connection problem or an offline server prevented delivery of the message
    Export Exchange public folder calendar to Outlook .PST file
    Reconfigure an existing Exchange Server user account for a new user
    Create Exchange user and mailbox accounts on a Windows 2000 PDC
    Can a deleted transaction log be restored in Exchange Server 2003?

    Microsoft Exchange Server and DNS
    How to configure DNS records for Exchange Server on Windows SBS 2003
    OWA stops working from external network connection
    Locate 'missing' SPF record on an external DNS domain
    Receiving 'failed MX lookup' delivery status notification
    IP address changes for an Exchange 2000 recovery server
    0xC103FC93 error with Exchange 2003 setup and install
    Set up FQDN and bridgeheads for POP3 and IMAP4 email
    Reverse DNS mismatches mark Exchange email as spam
    New Exchange Server installation not receiving SMTP or POP3 email
    Exchange Server user unable to send email to a specific domain

    SMTP
    Reconfigure an existing Exchange Server user account for a new user
    Improve Exchange 2003 Internet connectivity, mail flow and performance
    Troubleshoot Exchange 2003 email that gets stuck in the SMTP queue
    Perform an SMTP Telnet to test an outgoing Exchange server connection
    A primer on SMTP and ESMTP servers and commands
    How to use SMTP queues to troubleshoot mail flow
    SMTP greylisting problem on Exchange Server 2003 SP2
    How to retrieve email from an SMTP server using POP3
    SMTP 550 relay error when sending large attachments
    Sending email to an Exchange distribution list containing SMTP and EX addresses

    RELATED GLOSSARY TERMS
    Terms from Whatis.com − the technology online dictionary
    SMTP  (SearchExchange.com)

    RELATED RESOURCES
    2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
    Search Bitpipe.com for the latest white papers and business webcasts
    Whatis.com, the online computer dictionary



    Search and Browse the Expert Answer Center
    Search and browse more than 25,000 question and answer pairs from more than 250 TechTarget industry experts.
    Browse our Expert Advice

    HomeNewsTopicsITKnowledge ExchangeTipsAsk the ExpertsMultimediaWhite PapersIT Downloads
    About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
    SEARCH 
    TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines.

    TechTarget Corporate Web Site  |  Media Kits  |  Reprints  |  Site Map




    All Rights Reserved, Copyright 2004 - 2008, TechTarget | Read our Privacy Policy     		  TechTarget - The IT Media ROI Experts