Background
NSLookup is a great tool that comes with Windows that allows you to search DNS for information.  It is especially useful to troubleshoot particular issues with Exchange.  Exchange is reliant upon DNS to know where to send outbound messages.  When Exchange has problems getting messages to a particular domain, it's time to open the toolbox.
The best place to run NSLookup is on the server which sends out your SMTP traffic.  This will show you the same information that your SMTP engine uses when determining where to send mail to a particular domain.
Open a command prompt window
At the prompt, type nslookup
Type the command set type=mx
Type the registered domain name (e.g. domain.com)
You will receive a response similar to:
Non-authoritative answer:
domain.com MX preference = 10, mail exchanger = mail1.domain.com
domain.com MX preference = 20, mail exchanger = mail2.domain.com
domain.com MX preference = 30, mail exchanger = mail3.domain.com
Interpreting the NSLookup results
Your SMTP engine will attempt to use the MX records in ascending order according to their value.  The name associated with the MX record is what your engine will use.  You can simulate what the engine does by using the Telnet command.  In other words, the FQDN associated with the lowest numbered MX value would be the one that your SMTP engine would attempt to connect with.
Using the NSLookup results to test connectivity
In the simulated response shown above, you can test the readiness for receiving SMTP communications by using the Telnet command.  In a command-prompt window, type telnet mail1.domain.com 25.  If the system connected to the FQDN is accepting SMTP communications, you’ll receive a response.
Subscribe to:
Post Comments (Atom)
7 comments:
Thanks for a great article. Minor point, when I use nslookup to look for type, the syntax is 'set type=mx'. You can't have spaces around the equal sign.
You are absolutely correct - thanks for pointing that out.
What can be the problem if it doesn't connect?
If the Telnet session doesn't get a response, it means either that TCP 25 isn't open between the two computers. That could mean that a router or firewall between is not allowing port 25, or the recipient system isn't listening for port 25.
Did you mean the NSLookup doesn't respond or the Telnet session doesn't respond?
Hi nice article, im new here being an exchange guy can you help with this.. SCENARIO: In our mail server outgoing messaging always fail but the incoming mail works fine.
Nslookup can also be used to check up on your OWN network from a security perspective.
Nslookup
Post a Comment