?
Solved

Having problems with outgoing mail utilizing alternate port smtp with no-ip.com

Posted on 2006-05-29
23
Medium Priority
?
1,538 Views
Last Modified: 2008-01-09
I am running a test lab in my home.  I have an ISA server 2004 running as a edge firewall with three network adapters. one on 192.168.0.0, one on 192.168.1.0 and one with a static public IP address (external).  In the 192.168.1.0 network i am running a windows 2003 ADI domain network with an exchange server loaded on a box which is also a DC.  My ISP (Bellsouth) blocks SMTP port 25 for incoming and outgoing mail.  I have setup my exchange to utilize a mail reflector from NO-IP.com and alternate SMTP port.  I have established a mail server publishing rule on the isa box which redirects my incoming smtp traffic from NO-IP.com correctly and I have also configured the appropriate access rules to allow the smtp outgoing traffic thru my ISA box.

my problem.

I can recieve incoming traffic and send / receive traffic internally without a problem.  My issues are when sending traffic externally.  When i had my exchange server setup just using the default smtp connector, the messages would just be stuck in the queue and i would see the note (specifiy an auth failure).  I since setup an SMTP connector and now am receiving a (connection was dropped by the romote host).  What is really confusing is that if i access my exchange server via OWA mail i can send without a problem.  I have reviewed my isa logs and as far as i can tell ISA is allowing the outgoing connection.

thanks in advance for the help.

Izzy
0
Comment
Question by:israelanta
  • 11
  • 9
21 Comments
 
LVL 104

Expert Comment

by:Sembee
ID: 16787292
Can you telnet to the alternative port from your Exchange server?

Usually I would post this...

telnet servername.domain.com 25

Change the 25 to the alternative port.
If you can, complete a full telnet test to see if it is being delivered. http://www.amset.info/exchange/telnet-test.asp

Simon.
0
 

Author Comment

by:israelanta
ID: 16789194
I completed the telnet test and these were the responses.  I OK's were slightly different than the response the telnet-test.asp said i would get.  The one clear difference is the send test at the bottom of the posting.  It didn't give me a sent response but a queued.  I assume the email should com to the last email account i tested?  I have not received anything in the form of an email to hotmail from the test as of yet.

220 smtp-auth.no-ip.com ESMTP
ehlo socso.southcom.mil
250-smtp-auth.no-ip.com
250-PIPELINING
250-SIZE 33554432
250-ETRN
250-STARTTLS
250-AUTH LOGIN PLAIN CRAM-MD5
250-AUTH=LOGIN PLAIN CRAM-MD5
250 8BITMIME
mail from:antai@socso.southcom.mil
250 Ok

ehlo aol.com
250-smtp-auth.no-ip.com
250-PIPELINING
250-SIZE 33554432
250-ETRN
250-STARTTLS
250-AUTH LOGIN PLAIN CRAM-MD5
250-AUTH=LOGIN PLAIN CRAM-MD5
250 8BITMIME
mail from:MissJ521@aol.com
250 Ok

ehlo aol.com
250-smtp-auth.no-ip.com
250-PIPELINING
250-SIZE 33554432
250-ETRN
250-STARTTLS
250-AUTH LOGIN PLAIN CRAM-MD5
250-AUTH=LOGIN PLAIN CRAM-MD5
250 8BITMIME
mail from:MissJ521@aol.com
250 Ok

rcpt to:antai@affordable-computer-solutions.com
250 Ok
250 Ok
data
354 End data with <CR><LF>.<CR><LF>
subject: test message

this is a second test sent via telnet
.
250 Ok: queued as 2D9B542AE0

thanks
0
 
LVL 104

Expert Comment

by:Sembee
ID: 16794119
The queued message is normal. You are directly connecting to the server, so the message is now queued for delivery by their server. Did you receive a message? That is key.

Simon.
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 

Author Comment

by:israelanta
ID: 16794183
Yes i did receive the message
0
 
LVL 104

Expert Comment

by:Sembee
ID: 16794237
That was from the Exchange server and the traffic went through the ISA?
Can you bypass the ISA as a test?

What method are you using for the port change? Have you used the ISA to port translate, or have you changed Exchange to use another port number?

Simon.
0
 

Author Comment

by:israelanta
ID: 16794693
I logged on as the administrator to the XP machine which is part of the domain.  The email is in the inbox administrators email inbox.  It shows it as from: "Grace     MissJ521"@aol.com
To: undisclosed-recipients

I think I miss understood when reading the prior posting because I conducted the telnet test from another computer that was not the exchange server.  

As far as I could tell the test went through my ISA 2004 box and out to no-ip.com relay server.

The way I set it up is as follows:

Incoming:  I first set the service up with no ip and selected an alternate SMTP port to receive email from.  I then went to the exchange server, opened Exchange system manager and navigated to the default SMTP Virtual Server Properties.  I then click on the advanced tab and edited the ip address and port to reflect the port number I setup as the incoming port for email.  I then setup a mail server rule on the isa server and configured the same port as the alternative port to relay messages to for my exchange server.  I then went back to the no-ip.com site and conducted a test to see if the server set it up correctly and I was successful.

Outgoing mail: I established the service on no-ip.com and went back to the exchange server and conducted the following setup.  On the default SMTP virtual server, I went to the delivery tab and clicked on the outgoing tab, selected basic authentication and entered the username and password in accordance with the instructions on the no-ip site. I then went to the outbound connections tab and configured the TCP port to match what the no-ip site specified as the TCP port that it would use to receive traffic from my exchange server. I then click on the advanced delivery options and verified my FQDN and added the smart host: smtp-auth.no-ip.com (in accordance with the no ip site).  Lastly, I went to the ISA server and configured a firewall rule to allow traffic out on that port.

I am able to receive with out an issue, but can't send.  I am not an exchange guy so I apologize up front for my lack of knowledge on exchange 2003.  I am working on exchange to become a more well rounded MCSE.

Thanks in advance

izzy
0
 
LVL 104

Expert Comment

by:Sembee
ID: 16810946
I would not have set the outbound authentication etc in the way that you have done so.
Instead I would have set it on an SMTP Connector. The default SMTP VS should be left alone where possible, particularly with smart host and authentication settings. http://www.amset.info/exchange/smtp-connector.asp

Simon.
0
 
LVL 1

Expert Comment

by:spinkas
ID: 16873932
i have the exact same setup. Bellsouth DSL, exchange 2003 sp2.  Here is what I did:
1.  No smtp connector.
2. go to exchange system manager - server- protocols-smtp right click "default virtual smtp server" properties.  On the Delivery tab go to advanced and in the fully qualified domain name put in the A record of the email domain.  example:
email is test@email.com  then there should be an A record soemthing like mail.email.com.  Once I put that in i was able to send.

However sending to aol and to hotmail seems to be very slow, but sending to any other domains works fine.

spinkas
0
 

Author Comment

by:israelanta
ID: 16878814
I have deleted the smtp connector and have tried setting up the default smtp connector but i have one question.

My fully qualified domain name for the exchange box is dc2.affordable-computer-solutions.com.  I have a MX record on Register.com DNS servers with mail1.no-ip.com and mail2.no-ip.com.  

Which FCDN do i use?  I have set up both (one at a time) and attempted to send email out to both bellsouth and hotmail and have failed.  

I have checked and monitored ISA during the attempted communication and ISA 2004 is allowing the attempt.  It shows connection initiated and repeats it several times before coming back connection closed then connection denied.  It doesn't say connection denied default rule just connection denied.

I then check the exchange system and when i highlight hotmail.com and bellsouth.net in the queue it has a comment of "The connection was dropped by the remote host".

I have changed the password on the no-ip.com alternate smtp service and varified that the correct password was setup by on the default smtp.

any ideas or suggestions.

izzy
0
 
LVL 104

Expert Comment

by:Sembee
ID: 16879136
The name dc2.affordable-computer-solutions.com resolves. That is a good start. Unfortunately it doesn't have a reverse DNS to match.

However if you are using an alternative SMTP service, then what the name resolves to at your end shouldn't really matter. The recipient server will only be looking at the configuration of the server that is actually making the connection - which isn't yours. It is the alternative SMTP server.

Simon.
0
 

Author Comment

by:israelanta
ID: 16879209
having said that, could it be something at the relay side (no-ip.com) or at the hotmail / bellsouth / etc side that is going the "The connection was dropped by the remote host". That the part that puzzles me is where the break is.  I have check and rechecked the authentication setup and password on both the exchange server and no-ip and still same error.


Izzy
0
 
LVL 104

Expert Comment

by:Sembee
ID: 16880481
If you have got the connector configured to send all email via the alternative SMTP service and you are seeing the dropped connection report on your server, then that would indicate that the server you are trying to send email through has dropped the connection.

Simon.  
0
 

Author Comment

by:israelanta
ID: 16880870
Thanks for the clarification.  I will log on to no-ip and recheck everything.
0
 

Author Comment

by:israelanta
ID: 16880888
Sembee,

would the exchange log show anything that might fix this mystery.  I have opened the log located in "C:\Program Files\Exchsrvr\DC2.log".  It tells me sender, intended receiver, etc..." however, with my untrained eye I might not be seeing something critical. Last question, am i opening the correct log, is their another log i should be opening.
0
 
LVL 104

Expert Comment

by:Sembee
ID: 16880995
There is a log for the SMTP virtual server. Whether that will actually show you what is happening is difficult to say.
You have to enable the log - as it isn't enabled by default. ESM, Servers, <your server>, Protocols. Right click on the SMTP VS and choose Properties. Log is on the first tab.

Simon.
0
 

Author Comment

by:israelanta
ID: 16881020
Sembee,

I enabled logging a few weeks ago.  I just set all "additonal logging options" to see if it will record something worth while.
0
 

Author Comment

by:israelanta
ID: 16881044
Simon,

Last night while still trying to troubleshoot this i saw an error in the queue stating "SMTP error" or something very similar.  I went to and  reviewed the usage log forthe No-Ip alternate-port smtp on the no-ip site and i noticed that the usage log was at 150 messages relayed.  I am only allow 150 messages per day becuase thats all the service i purchaced offered.  It is saying it relayed 150 messages, no sure if that means it got to the No-ip site and was past on and then rejected or just that it received a message from my exchange and then dropped the connection.

Lastly,  will the results of the logging be located in the log file located at C:\Program Files\Exchsrvr\DC2.log.  I have not changed the default location.  Just wanted to make sure i was lookin at the right file.

Izzy
0
 
LVL 104

Expert Comment

by:Sembee
ID: 16881055
You should look at the logging properties, that will show you where the log is being stored.
For the SMTP VS I would expect it to be C:\WINDOWS\System32\LogFiles\SMTPSVC or something very similar.

Have you got message tracking turned on? http://www.amset.info/exchange/message-tracking.asp
If not, I would turn it on so that you can see how many messages are going through your server.

Simon.
0
 

Author Comment

by:israelanta
ID: 16881064
Simon,

These are the instructions on the no ip site on how to set up the service.

Outbound server: smtp-auth.no-ip.com, port 3325.
Username: yourdomain.com@noip-smtp where yourdomain.com is the domain for which you bought the service. To set your password, you must log in to No-IP.com and click Mail in the left hand navigation. Find your domain in the list with type smtp and click Modify. Change your password there.

This is a walk thru on how to setup exchange with smart host for their site.

http://www.no-ip.com/support/guides/email/quick_start_alternate_port_smtp.html

The ISA rule i setup allows outbound traffic on port 3325 from my Exchange server to the no ip site.

Izzy
0
 
LVL 104

Accepted Solution

by:
Sembee earned 1000 total points
ID: 16881590
Which method did you use?
Modifying the SMTP Virtual Server or the SMTP Connector?

That isn't the way that I would have done it.

What I would have done is change the SMTP Port on the SMTP Virtual server. You do that on the first tab of the of SMTP VS, clicking the Advanced button, then Edit... and adjusting the port.

Then I would have setup the SMTP Connector to use this SMTP Virtual Server.

No authentication settings on the SMTP VS and no changes to the "Outbound Port" that they have indicated in their instructions.

Simon.
0
 

Author Comment

by:israelanta
ID: 16882421
Simon,

I set it up on the SMTP VS.  On the general tab - advanced tab of the SMTP VS i had to set up the incoming port that the server was going to use.  I then went to the delivery tab and set it up in accordance with the instructions.  I am going to try you suggestions and migrate all the changes to a smtp connector and undue the changes i did to the VS.

I will let you know how it goes.

Izzy
0

Featured Post

Upgrade your Question Security!

Add Premium security features to your question to ensure its privacy or anonymity. Learn more about your ability to control Question Security today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The main intent of this article is to make you aware of ‘Exchange fail to mount’ error, its effects, causes, and solution.
This month, Experts Exchange sat down with resident SQL expert, Jim Horn, for an in-depth look into the makings of a successful career in SQL.
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
Suggested Courses

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question