Friday, June 8, 2007

Using NSLookup to determine an SMTP receiving system

Background
NSLookup is a great tool that comes with Windows that allows you to search DNS for information. &nbspIt is especially useful to troubleshoot particular issues with Exchange. &nbspExchange is reliant upon DNS to know where to send outbound messages. &nbspWhen Exchange has problems getting messages to a particular domain, it's time to open the toolbox.

The best place to run NSLookup is on the server which sends out your SMTP traffic. &nbspThis will show you the same information that your SMTP engine uses when determining where to send mail to a particular domain.

Open a command prompt window
At the prompt, type nslookup
Type the command set type=mx
Type the registered domain name (e.g. domain.com)

You will receive a response similar to:

Non-authoritative answer:
domain.com MX preference = 10, mail exchanger = mail1.domain.com
domain.com MX preference = 20, mail exchanger = mail2.domain.com
domain.com MX preference = 30, mail exchanger = mail3.domain.com

Interpreting the NSLookup results
Your SMTP engine will attempt to use the MX records in ascending order according to their value. &nbspThe name associated with the MX record is what your engine will use. &nbspYou can simulate what the engine does by using the Telnet command. &nbspIn other words, the FQDN associated with the lowest numbered MX value would be the one that your SMTP engine would attempt to connect with.

Using the NSLookup results to test connectivity
In the simulated response shown above, you can test the readiness for receiving SMTP communications by using the Telnet command. &nbspIn a command-prompt window, type telnet mail1.domain.com 25. &nbspIf the system connected to the FQDN is accepting SMTP communications, you’ll receive a response.

7 comments:

Anonymous said...

Thanks for a great article. Minor point, when I use nslookup to look for type, the syntax is 'set type=mx'. You can't have spaces around the equal sign.

Dean T. Uemura said...

You are absolutely correct - thanks for pointing that out.

Chitinuta said...

What can be the problem if it doesn't connect?

Dean T. Uemura said...

If the Telnet session doesn't get a response, it means either that TCP 25 isn't open between the two computers. That could mean that a router or firewall between is not allowing port 25, or the recipient system isn't listening for port 25.

Dean T. Uemura said...

Did you mean the NSLookup doesn't respond or the Telnet session doesn't respond?

Pap0tZ said...

Hi nice article, im new here being an exchange guy can you help with this.. SCENARIO: In our mail server outgoing messaging always fail but the incoming mail works fine.

Unknown said...

Nslookup can also be used to check up on your OWN network from a security perspective.
Nslookup