Solved

Troubleshooting Exchange

Posted on 2003-11-07
11
828 Views
Last Modified: 2008-03-10
I'm trying to finish up my exchange environment and have run into a couple of problems.
  We basicly brought our e-mail inhouse, never using the domain name we now have for exchange.  We used @qwest pop3 accounts.  We're trying to move over and still continue to receive our existing e-mail.  Here's my problems.

It appears something is wrong with the way we relay e-mail.  A number of people were getting error messages because locally our priority order of sending e-mail was set up to send to exchange, then exchange remote transport and then the pop server hosted by our ISP.  If I change this around and put the pop server first our undeliverables are minimized, but still occur.  Based on the information I have told you and assuming we want to keep our existing accounts what is the best way to set this up and respond very detailed.  

1)  Please tell me if the accounts should be set up locally on each machine or can the pop server account be created on the exchange server?
2)  What order should the outlook client be set up on to send messages?
3)  On the exchange server exactly how does the SMTP virtual server need to be set up?
4)  On the exchange server exactly how many and what kinds of smtp connectors need to be set up?
5)  Do any other connectors need to be set up to work?

Thanks guys I know there are a lot of questions and they may be related, but I'm offering the maximum amount of points to get this resolved.

I'm getting all kinds of messages that are undeliverable for various reasons.  For instance I have intermittent problems sending to a qwest account in  
0
Comment
Question by:MortgageGuy
  • 7
  • 4
11 Comments
 
LVL 35

Accepted Solution

by:
Bembi earned 500 total points
ID: 9703974
First at all, a detailed descriptions need a clear question. But as you described, I assume a EX2K Server. Second, for what to you run an exchange server, as your clients are doing the work?

A usual configuration of an exchange is, that all clients are connected directly to the exchange server, no SMTP, no POP3, no remote trasnsport or whatever you have configfured there. All communication will be done by exchange.

(All description translated, may be not 100% excactly)

On exchange server, you have a virtual SMTP server, which has the following (usual) settings.
Tab1: "General"
Leave everything as default, you can enable SMTP LOG here, but take care of disk space

Tab2: "Access".
Click on "authentification" and enable "windows integrated". I you want to get mails from the internet directly (MX Records at your providers DNS instead of POP3), you may also enable "Anonymous".
Click on "relay" and check the box "All computers in the list" and keep the list empty. Also mark the checkbox at the botton "Every computer, which have successfuly authenticated...".
Others leave as they are.

Tab 3: "Messages"
Provide a email address for a copy of non delivery reports of undelivery mails
and / or
Provide a servername to deliver all undeliverable mails to another server (i.e. a second EXCH server)

Tab4: "Transmission"
Leave the settings there at default.
Click on "enhanced" and set an server name (fully qualified domain name), which is set for outgoing mails. This may be useful, if the servername is different from a MX record at your provider. Some ISP makes a reverse DNS lookup and may reject mails, if the name is not resolvable. This name should be a public resolvable name. If you do not have a static public IP address, set this name to servername.emaildomain , ie. "myserver.mycompanydomain.com".
Provide a "smarthost" server, which the exchange server should use for the delivery of all external mails. Note that you may need an User-ID and Pasword (Button "Outgoing security")for this server. Alternatively, you can use DNS instead of a smarthost, leaving the field blank.
0
 
LVL 35

Expert Comment

by:Bembi
ID: 9704031
Part II:
As you have properly configured your SMTP server, note, that you must have access to a public DNS Server, if you want use DNS for the delivery. You should have an own DNS-Server, open the DNS-MC, right click your server - properties, theree you can setup "forwarders", add one or more IP Addresses of DNS servers of your provider. IF you have decided to use a smarthost instead of DNS, there is no need for EXCH for DNS forwarders.

How to get the mails from yopur providers POP3 boxes.
One option is, to keep a POP3 connection at your clients and use Exchange for sending. Better may be to use a mail poll program to poll all POP3 accounts on your providers' server and deliver the mails to your exchange. There are two freeware programs to do so:

Pullmail
http://www.swsoft.co.uk/index.asp?page=freesoftware
or
PopRoute
http://www.inboxrules.com/old/exchange/poproute.shtml (may be more reliable)

also a good program - if you use mail-poller - is magic mail, to check the mailboxes of your provider from time to time
http://www.geeba.org/magic
0
 
LVL 35

Expert Comment

by:Bembi
ID: 9704078
Part III:
Now, your queations:
1.) see mail poll program
2.) Exchange server first
3.) as described
4.) nothing more that the default virtual SMTP server
5.) No

What I am not clear about is, when did you get NDS's, if you send messages to the internet or if your get them from? To resolve this, it is important to know, who rejects mails for what reason. All this you can find within the NDR message. This must not be an EXCH issue.

Now, I have bloody fingers, hope I will get a cold beer for the story...
0
 

Author Comment

by:MortgageGuy
ID: 9704268
Excellent information, you get most of the points already for the effort.  We get NDS's when we sent messages to the internet.  We appear to receive everything from the outside world.  For example, I can't send myself an e-mail to my old qwest account which is stored in my same Outlook mailbox.  I used to be able to.  One problem that I resolved today was apparently I didn't have any licenses installed on my exchange server and we expired the temporary mark.  Now most people can send, but some including myself cannot.  On older Outlook clients (2000), you can choose the priority order of how you want to send whether that be through the Internet account or exchange using whatever e-mail address necessary.  I have the Outlook 2002 client and to the best of my knowledge all you can is say is my default address is Internet or Exchange and I want to use that account.  I can send out using my Internet account, but not my exchange.  I did everything that you said and there were a couple things that changes, but not much.  I do have an smtp connector set up, you had mentioned that I wouldn't need one.  Should I get rid of it and have my virtual smtp server standing alone?

I'd send you a beer, buy by the time you go it I'm sure it wouldn't be cold.
0
 
LVL 35

Expert Comment

by:Bembi
ID: 9704816
> I can't send myself an e-mail to my old qwest account
You mean, you have a POP3 account at quest and an exchange mailbox with the same name? Note the way, how exchange routes a message. You send a meesage to somebody@somedomain.com. First at all, you client tries to resolve the name, either against the Global Address List of exchange or against your contacts folder or against the outlook name cache. Usually in this order by default. If the address can be resolved, the name is changed to the sceen name (including the smtp address behind). This mail is now sent, and forwarded to the first configured transport server, we assume exchange. Exchange first checks, if this SMTP address is assigned to any mailbox, if yes, exchange put it into the mailbox. If not, exchange searches for a route to deliver the mail. If you have a connector, the namespace of the connector is checked and if it fits, the connector give the mail to the configured bridgehead server (which is usually your default SMTP server). If no connector exists, the virtual SMTP server get the mail directly (means, you can delete the connector). Now the virtual SMTP server is responsible for the further delivery. If you have configured a smarthost, your mail is sent directly to the smarthost, if the server can make a connection (usually authentication on the remote system is necessary, as it is relay). If the filed smarthost is empty, the server will make a MX record request to your own DNS server (or, if configured against DNS servers, which are configured within the virtual SMTP server, what not should be). That means, your DNS server has to respond to the MX request. Your DNS server usually can not resolve it, so the request will be forwarded to a "Forwarder" DNS server (if you have told your DNS, which to use), and this forwarder sends back the result to your DNS, and your DNS back to your EXCH. Now EXCH knows the target server and tries to initiate a connection to the target system to deliver the mail.

This connection request may fail for some reasons, i.e. if you have a dial up connection, dynamic external IP, you are blacklisted or whatever.
0
Shouldn't all users have the same email signature?

You wouldn't let your users design their own business cards, would you? So, why do you let them design their own email signatures? Think of the damage they could be doing to your brand reputation! Choose the easy way to manage set up and add email signatures for all users.

 
LVL 35

Expert Comment

by:Bembi
ID: 9704883
How to solve it.

Make sure, either the smarthost accepts the connection request (enable SMTP log to see, what happens), or your DNS name resolution is not working properly. Try NSLOOKUP www.denic.de (or any other external server) to check your system, if it resolves external names. This should work anyway.

Make sure, you are not using external dynamic IP addresses this will not work anymore for the most ISPs. Otherwise use a smarthost (your ISP with usually User-ID and Password of one of your POP boxes).

If some of your users can send, try to send to the same email address. If it will not work, there is either a configuration problem on your client, or you have problems with licensing. Recall all licenses within the license manager to free up licenses and/or add yours. (Also note, that this service is not really working in my mind). Dependend on your license mode, EXCH may block clients, esp. if server licensing was choosen.

Make sure, you have not blocked or restricted anything, this is usually necessary, if you have to allow a limited relay. As all of your clients are directly connected to EXCH, there is no need for any relay. Relay means sending a message from an external email to another external email address.
0
 

Author Comment

by:MortgageGuy
ID: 9704962
First, no my qwest account is not the same as my domain account.  I check for messages on mortgageguy@domain.com and mortgageguy@qwest.net.  I cannot send mail from my mortgageguy@domain.com to my mortgageguy@qwest.net account.  Make sense?

0
 
LVL 35

Expert Comment

by:Bembi
ID: 9705275
Can you send to any (or a few) other targets? Have you tried to send to this address using a different client (as it might be a client problem?). Have you added the quest email address to your emails addresses, you can see within active directory. Can you send to any other quest postbox?
0
 

Author Comment

by:MortgageGuy
ID: 9711440
Everything seems intermittent.  Is there a way to flush the DNS so it will use the DNS servers that I assign it to use?  No, I haven't added these qwest e-mail addresses to my contact list within Active Directory, only locally through Outlook.  How do I do that?  The qwest post box that I'm sending through is pop.dnvr.qwest.net.  After thinking about this over the weekend.  I think I have it set up wrong.  As you suggested I had already set it up to send through my DNS server which has two forwarders that are ip addresses.  Now as an alternative as you suggested I have put in the transmission tab my single local DNS server's fully qualified name which is server.domain.local.  The world doesn't know about it, so it needs to be exchange.domain.com.  per your instructions you said "myserver.mycompanyname.com".  Correct?
0
 
LVL 35

Expert Comment

by:Bembi
ID: 9717047
> Setting up an external mail recipient within ADS:
Just add a "contact" and assign any email address to it.

> Now as an alternative as you suggested I have put in the transmission tab
May be, my description was not clear: If the filed "smarthost" is empty, exchange searches for an MX record and uses the DNS, configured on your NIC. Your NIC should point to your own internal DNS server, as the resolving is made by the DNS forwarders.

Try NSLOOKUP against an external domain and IP-Address, also test an internal server by NetBios-Name, FQDN-Name and IP-Address. If all tests come back promt without any error, your name resolution works fine. What is often forgotten, configure WINS-Forward-Lookup (forward zone --> points to IP of your WINS server) and also WINS-Reverse-Lookup (reverse zone --> points to your internal (windows) domain name).

DO NOT setup any additional DNS servers within Exchange virtual SMTP server. If your DNS name resolution is working properly, there is no need for that, this produces only irritations.

>that I'm sending through is pop.dnvr.qwest.net
Usually, your exchange should be responsible for the transport. As long as exchange is the first entry within the transport list on your client, the configuration of POP3/SMTP on your client should nothing have to do with sending mails. Nevertheless, the most ISP has two servers, one for sending, one for pop polling. If your pop box comes from pop.dnvr.qwest.net, the server for sending is often smtp.dnvr.qwest.net or something similar. But just for testing, remove the Internet Mail configuration from your client and see, if something is different.

For Outlook, if you experience that you can reach your quest box not from your machin, but from other machines, it may be the Name Cache of outlook which makes trouble. Have a look here:
http://support.microsoft.com/default.aspx?scid=kb;en-us;292928&Product=ol2002
http://support.microsoft.com/default.aspx?scid=kb;en-us;287623&Product=ol2002
0
 

Author Comment

by:MortgageGuy
ID: 9717244
Thanks again for your help, the problem ended up being the smtp connector that I had set up.  It was being routed through that pop.dnvr.qwest.net server rather than my internal DNS server.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

"Migrate" an SMTP relay receive connector to a new server using info from an old server.
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
how to add IIS SMTP to handle application/Scanner relays into office 365.

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now