lmalloy
asked on
smtp;530 5.7.0 Must issue a STARTTLS command first
Hi
I am running Exchange 2003 enterprise version on a Win2k3 Enterprise R2 computer. All security patches and service packs are up-to-date for both the OS and Exchange. Email for the most part is working fine but I have one domain that I am unable to send to when addressing message in the normal format of user@domain.com if I address an email using the ip address such as: user@192.0.0.0 mail is delivered
The NDR users are getting is smtp;530 5.7.0 Must issue a STARTTLS command first.
This questions has been asked by other users in this forum running the same OS that I have and the same version of exchange BUT the "accepted answers" only applies to Exchange 2000. Does anyone have any ideas on how to resolve this issue for Exchange 2003?
Lmalloy
I am running Exchange 2003 enterprise version on a Win2k3 Enterprise R2 computer. All security patches and service packs are up-to-date for both the OS and Exchange. Email for the most part is working fine but I have one domain that I am unable to send to when addressing message in the normal format of user@domain.com if I address an email using the ip address such as: user@192.0.0.0 mail is delivered
The NDR users are getting is smtp;530 5.7.0 Must issue a STARTTLS command first.
This questions has been asked by other users in this forum running the same OS that I have and the same version of exchange BUT the "accepted answers" only applies to Exchange 2000. Does anyone have any ideas on how to resolve this issue for Exchange 2003?
Lmalloy
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
i think you should first find out if the folks on the other end do indeed have TLS turned on(you can call).....folks who turn on TLS DO NOT WANT unsecured email communication.....and that should be respected.....
if they do not have TLS turned on then the problem is on ur end.......
as far as sending directly to an IP address utlizing exchange server ...the only option is SMTP connector with IP address in brackets.....or maybe dns conditional forwarding and secondary zone( i am not sure if that will help)...
one more thing u did not mention... is 192( i know this is an example) what u get through NSlookup?...
if they do not have TLS turned on then the problem is on ur end.......
as far as sending directly to an IP address utlizing exchange server ...the only option is SMTP connector with IP address in brackets.....or maybe dns conditional forwarding and secondary zone( i am not sure if that will help)...
one more thing u did not mention... is 192( i know this is an example) what u get through NSlookup?...
Telling someone to install a service pack isn't really a good answer. It may well have fixed the problem due to the refresh of the system.
You can force email to a certain server, but you have to be very careful about doing so. It puts the onus on you to keep the IP address up to date. You simply create an SMTP Connector, put the domain in the address space tab and then set a smart host, entering the IP address or host name in the connector as the smart host. If you are entering a smart host as an IP address then it needs to be in [ ].
Simon.
You can force email to a certain server, but you have to be very careful about doing so. It puts the onus on you to keep the IP address up to date. You simply create an SMTP Connector, put the domain in the address space tab and then set a smart host, entering the IP address or host name in the connector as the smart host. If you are entering a smart host as an IP address then it needs to be in [ ].
Simon.
ASKER
Ok, I've called and left detailed information with the helpdesk, they will forward on to the Admin so I don't really have any answers about TLS yet, but they did say they are using Lotus Notes, not sure if that makes a difference.
when I do a nslookup on the domain name the return information does not list an IP address it only repeats the domain name back to me. This seemed strange so I went to DNSStuff and ran an email test and it returned the mx record and said it connect correctly.
Now, not to confuse this issue but I now have a second company I am unable to send emails to and the NDRs are identical. so I'm suspecting the problem might be at my end but nothing is showing up in event viewer and I don't seem to be having any DNS issues. All other mail seems to be sending and recieving without issue.
-lm
when I do a nslookup on the domain name the return information does not list an IP address it only repeats the domain name back to me. This seemed strange so I went to DNSStuff and ran an email test and it returned the mx record and said it connect correctly.
Now, not to confuse this issue but I now have a second company I am unable to send emails to and the NDRs are identical. so I'm suspecting the problem might be at my end but nothing is showing up in event viewer and I don't seem to be having any DNS issues. All other mail seems to be sending and recieving without issue.
-lm
OK we maybe on to something....first turn on diagnostic logging....and make sure TLS is not turned on on ur end......
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SMTP is loaded correctly, as far as I can see.
ehlo
250-pc-manden.net Hello [192.168.35.35]
250-TURN
250-SIZE
250-ETRN
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-8bitmime
250-BINARYMIME
250-CHUNKING
250-VRFY
250-TLS
250-STARTTLS
250-X-EXPS GSSAPI NTLM
250-AUTH GSSAPI NTLM
250-X-LINK2STATE
250-XEXCH50
250 OK
ehlo
250-pc-manden.net Hello [192.168.35.35]
250-TURN
250-SIZE
250-ETRN
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-8bitmime
250-BINARYMIME
250-CHUNKING
250-VRFY
250-TLS
250-STARTTLS
250-X-EXPS GSSAPI NTLM
250-AUTH GSSAPI NTLM
250-X-LINK2STATE
250-XEXCH50
250 OK
As I read is from http://support.microsoft.com/kb/257569/, if I turn off ESMTP I will loose some funtionality when connecting to other Exchange servers - is that a wise move?
Besides that I cant understand why my setup should be this special that I had to do that kind of editing, it simply doesn't make sense to me.
Besides that I cant understand why my setup should be this special that I had to do that kind of editing, it simply doesn't make sense to me.
Sorry, wrong discussion... :-(
ASKER
I realize Exchange 2000 and Exchange 2003 are very similiar but the only solution was to install SP1 for Exchange 2000 and since I'm at a different level and have all my SPs installed it wasn't a good answer for me and I didn't want to be re-directed back to the KB article that told me to do this.
Linda