incoming mail fails but outgoing mail succeeds in exchange 2003

I have Windows Server 2003 and Microsoft Exchange Server 2003

I have set up a couple test accounts in exchange. One of those is alvinfong@ct021.homelinux.org.

I have a dynamic IP which is redirected using ct021.homelinux.org using dynamic dns (http://www.dyndns.org)

So far it has worked for my website, ftp etc.

I am able to use Outlook Web Access and send mail out to peopel with exhange 2003.

it is trying to send mail to the exchange account (alvinfong@ct021.homelinux.org) where i get the following error:

The original message was received at Wed, 29 Oct 2003 19:01:51 -0700 from 250.89.252.64.snet.net [64.252.89.250]

   ----- The following addresses had permanent fatal errors ----- <alvinfong@ct021.homelinux.org>
    (reason: 550 access denied)

   ----- Transcript of session follows ----- ... while talking to ct021.homelinux.org.:
<<< 550 access denied
554 5.0.0 Service unavailable

I have tried going to Message Delivery properites, SMTP properties, and POP3 properties to make sure that it is not denying anything from any IP addresses, and also allowed anonymous SMTP access as well as any IP to Relay. I have checked the box for allowing any computer which succesfully authenticates to relay, regardless of any IP restrictiosn (which there are none).

i am using ct021.homelinux.org as my fully qualifed domain name, and have no masquerade domain name, do not have perform reverse DNS lookup in SMTP settings, nor do i have any external DNS set up.

I use Windows Server 2003 as a DNS server and it does the DHCP etc. my router (I have DSL hense the dynamic IP) so i can also get my acutal DNS settings and my actual IP if needed (but dyndns.org redirects my IP to ct021.homelinux.org anyway).

outbound security is also anonymous.

i am completely stumbled on what further action to take or check or if my settings are correct. I am using my exchange server mainly to provide web based e-mail to ROTC cadets that dont' normally have e-mail.
utelit3Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

VahikCommented:
make sure in ur iis default web site annonymous is set fror authentication.On ur virtual directories in ur exchange system manager make sure u have basic authentication and for domain just
put \ and nothing more.It wont hurt to give ur owa users log on local right to the exchange server(if it is domain controller u may want to think twice about it).
0
David WilhoitSenior Consultant, ExchangeCommented:
"also allowed anonymous SMTP access as well as any IP to Relay"

Remove that before you get blocklisted, and then you WILL have issues.
"ct021.homelinux.org "===Is this your SMTP domain? Is it in the default recipient policy, and is the policy set to be responsible for all email to this domain? Is this address on the user object in question? This is something small, just recheck all the stuff...

D
0
David WilhoitSenior Consultant, ExchangeCommented:
nevermind, just checked your dns records, and you forgot to create an MX record. Create one, like "mail.ct021.homelinux.org" or whatever you want it to be, point it to your IP address, and have some fun...:)

D
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

utelit3Author Commented:
ct021.homelinux.org is my smtp domain. when i send out mail to say alvinfong@ncccommunications.com i receive mail from alvinfong@ct021.homelinux.org just fine.

it is in the default recipient policy, and the policy is set to be responsible for all email in this domain. the e-mail account alvinfong@ct021.homelinux.org is set for user alvinfong@headquarters.ncc.

For Mail Exchanger, i put in ct021.homelinux.org. When i tried to put in mail.ct021.homelinux.org in my dyndns.org account it gives me the error message: "The MX entered ("mail.ct021.homelinux.org") did not resolve or resolved to a CNAME." so i assume i can only use ct021.homelinux.org cause it made the changes.

Still getting the error message:

The original message was received at Wed, 29 Oct 2003 22:04:01 -0700 from 250.89.252.64.snet.net [64.252.89.250]

   ----- The following addresses had permanent fatal errors ----- <alvinfong@ct021.homelinux.org>
    (reason: 550 access denied)

   ----- Transcript of session follows ----- ... while talking to ct021.homelinux.org.:
<<< 550 access denied
554 5.0.0 Service unavailable

when i try to send e-mail from alvinfong@ncccommunications.com to alvinfong@ct021.homelinux.org
0
David WilhoitSenior Consultant, ExchangeCommented:
you need a server name, an FQDN. create an (A) record in your dyndns for mail.ct021.homelinux.org. Point it at your Ip address. then create the MX record, and use the (A) record you created as the source. that's about it. Allow your SMTP to be routed to your internal IP address, it will then find your SMTP virtual server, and you're receiving mail :)

D
0
utelit3Author Commented:
The name of my server on my network is DELL1ghz. On active directory it is dell1ghz.headquarters.ncc, but ct021.homelinux.org refers to my IP. So i am using that as my FQDN. Is that oK? i am an exchange newbie, so thanks for bearing with me. I don't think i can create any records in dynamic dns. all i can do is put in something for mail exchanger, and i have put in ct021.homelinux.org. I have enabled wildcard extensions which means if you do mail.ct021.homelinux.org it will just redirect to ct021.homelinux.org. Is that all i have to do for the MX? or is there a seperate place where i register my MX? Thanks a lot for your help so far!

just some info if you need it: ct021.homelinux.org is my actual dyanmic IP address
my server though is 192.168.0.1 on my "internal network"
Relay restrictions on my SMTP virtual server are set to only allow 192.168.0.1 & 192.168.0.2 (my other network computer) but i have checked "allow all computers which successfully authenitcate to relay, regardless of the list above" - is this a problem?
on every other restriction, it is set to "all except listed below" and there are non listed below.
0
VahikCommented:
utelit3 sorry i misunderstood ur question.I thought u dont have owa .
Allow all computers to relay regardless of list above only affects ur pop3 clients that try to send through ur smtp server and should have no
affect on ur setup.Ur recipient policy is also correct and u dont have tp worry about it.As far as adding ur two computers for allowed relay u could but that would also make no diff.
The rest just follow kidegoes suggestion and u will be ok.
0
utelit3Author Commented:
Would you be able to clarify setting up the MX record through www.dyndns.com's dynamic dns?

when i click on hostname (ct021.homelinux.org), i have the option of changing the following:

IP address?
Enable Wildcard (for ct021.homelinux.org so that *.ct021.homelinux.org will direct to ct021.homelinux.org)
Mail Exchanger(optional): ct021.homelinux.org

Backup MX? enabled.

I am new to exchange server, and any help would be greatly appreciated.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.