One of the most common problems with co-existing Exchange Servers (an organization consisting of an Exchange 2003 server and Exchange 2007 or 2010 server) is mail flow between the servers.
When Exchange 2007 or 2010 is installed in an existing Exchange 2003 organization a Routing Group Connector (RGC) is configured during the installation of the Exchange 2007 / 2010 Exchange server to allow mail flow between the legacy server and the new one.
The way Exchange 2003 servers communicate with other Exchange 2003 servers or Exchange 2007 and 2010 servers is by utilizing the Default SMTP Virtual Server.
One of the most common causes of disrupted mail flow is that the Default SMTP Virtual Server has been modified. Either the default port has been changed from the port 25 or a smart host has been added (Delivery Tab / Advanced Button).
There are 2 places where the port number can be changed on the SMTP Virtual Server. The first is for Incoming Mail and this is located on the General tab, click Advanced here we can specify the inbound port that Exchange will listen to for SMTP Connections. And the second is for Outbound Connections and this is located under the Delivery tab, click Outbound Connections then in the Outbound Connections box should be the port number. These should both be port 25.
The smart host configuration in Exchange 2003 should be performed using an SMTP Connector rather than modifying the Default Virtual SMTP Server. The general rule of thumb is to create a new Virtual Server rather than modify the existing one if a different port is required to send to a smart host or a SPAM/Virus Appliance.
All of these actions can be performed using the Send Connectors in Exchange 2007/2010 so these settings should all be returned to default. This means that the Default SMTP Virtual Server should be using port 25 and should not have a smart host configured.
If TLS Encryption is configured on the Default SMTP Virtual Server then any Exchange 2007 or 2010 server will force this to be used. So if it is incorrectly configured, certificate expired or corrupt then mail flow will fail.
To prevent this simply turn off the TLS Encryption requirement. For inbound communication this is found under the properties of the Default SMTP Virtual Server > Access > Authentication and uncheck the box for TLS Authentication. For outbound communication this is found under the properties of the Default SMTP Virtual Server > Delivery > Outbound Security.
Once you have made changes to the Default SMTP Virtual Server you will need to restart the Simple Mail Transfer Protocol for the changes to take effect.
If you have a question about something within an article, you can receive help directly from the article author. Experts Exchange article authors are available to answer questions and further the discussion.