Link to home
Start Free TrialLog in
Avatar of Joemt
Joemt

asked on

SBS2011 - suddenly can't receive external emails, internal ok and can send ok.

Help currently on site

Suddenly can't  receive external emails. Can send ok and internal email is fine. Cell phones out in the filed cannot get email.

- 71 gb of space on drive c:

- Ran the remote connectivity analyzer and it had one error (see pic)
- Have one LSAsvr error in event logs - about no authentication protocol available. Seems to be ok at this point
- Ran exchange mail flow troubleshoot assistance:  Mail acceptance test failed: service not available, closing transmission channel Server response 4.3.2 service not available....2nd message Server does not support secure connections.
- EX Mail submission service is running.

Need some advice...not sure where to look from here?  Not sure what changed today.......Q: is the exchange stor included in the Drive C: total used space?   if the Ex DB stor is over 71 GB's is that the issue?

Question: I have 71 GB of space on drive C:.

User generated imageremote-connectivity-error.jpg
Avatar of David Johnson, CD
David Johnson, CD
Flag of Canada image

smtp       mail.beallawfirm.com       Warning - Reverse DNS does not match SMTP Banner       
smtp       mail.beallawfirm.com       Warning - Does not support TLS.

you have a certificate error
Avatar of Joemt
Joemt

ASKER

How did you determine that?   (for learning purposes)

How do I go about fixing it.........what would suddenly cause that to take place on a server?
SOLUTION
Avatar of David Johnson, CD
David Johnson, CD
Flag of Canada image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Joemt

ASKER

Could you please point me to a "how to" ?

I see two entries in the server DNS Reverse lookup zones.
Avatar of Joemt

ASKER

Is there anyone who can help me create this reverse dns entry?
Avatar of Joemt

ASKER

I'm seeing an expired certificate on the server (2014)User generated image
I'm not sure on which choices to choose to create just the IIS certificate.

Can some one help
Avatar of Joemt

ASKER

Ok Ran "Fix my network": It found a certificate error. told it to fix it.  
 It added 2 certificates and now I can't get to owa or remote any longer (could prior)
........just the "There is a problem with this website’s security certificate"
 

Please can someone help me get this straightened out.
Exchange-experts-certifcates-2newl.jpg
did your purchased certificate expire and what is the certificate error you are getting
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Joemt

ASKER

I ran the "fix my network". It created 2 new certificates.  I'm not sure why. Is it common for certificates to break?

I can acccess the owa and remote with IE - had to delete old certicate from IE. I tried to import the certificate to IE, appeared to work but is not listed in the "Trusted root cert auth".

New issue:  

1. is the certifcate not be a root certificate? The certificate distribution package has the old certificate.  Is there an easy way to update this?
 
2. The clients cell phones are no longer getting email as of this morning. was working late last night. They use their exchange account.
Avatar of Joemt

ASKER

Here is a screen shot of the certificates
experts-new-cert-marked.jpg
Avatar of Joemt

ASKER

Questions:

1. Should I delete the old certificate?
2. the services are different on the new certificates - is this whats causing trouble with the iphones?
ASKER CERTIFIED SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Joemt

ASKER

- Drive. c: 63.7 GB of space - Data drive over 764 gb free

- Queues are empty

- restarted the two services  -  One phone started working.......other phone attempted to add email account failed - could not authenticate....I have asked for exact error message

Question for mobile device access:  
EMC > Organization Config > Hub Transport > Accepted Domains    <domain>.local is not the default - should it be?
the default is the .com

As for port 25 - not sure
Avatar of Joemt

ASKER

Phones once soft reset are working.........thank you.  I'm going to give it a couple hours and see if all is good.
Ok let us know.  

The accepted domains is fine.

Have you got the latest Exchange Service Pack and rollups installed?
Avatar of Joemt

ASKER

Revisions:

User generated image