I'm having an odd problem with my Exchange server. Here's the setup:
Windows 2003 native domain, two internal DCs running AD DNS, DHCP, etc.
Exchange 2003 front-end server
Exchange 2003 back-end server
Firewall DMZ between them, but opened wide for testing purposes
Multiple sites configured, with all subnets in their correct sites.
Front end server is on the DMZ subnet with a 192.168.100.x IP address Back end server is on a corporate subnet with a 192.168.1.x IP address. This is the subnet I'm trying to get rid of, so I'm moving all of my servers and users to a new one 10.1.0.x I moved the back end exchange server to 10.1.0.x, rebooted, made sure it was correct in DNS, restarted SMTP on the front-end server, made sure that both servers could ping each other by name, and removed all firewall rules on the DMZ temporarily to make sure nothing there was blocking anything. With the back-end server on the new network, outgoing mail fails with the "cannot relay for <user>.domain.org" error. Incoming mail works fine, Outlook client connects fine, internal mail works fine, and exchange services are all running. I rebooted both servers a couple of times, but still no outgoing mail. I have one domain controller on the new network and one on the old network--both are global catalog servers, and both are also the internal DNS servers. When I move the back-end server back to the old network everything works fine. Both DCs can ping the Exchanger server by name.
This seems like some kind of authentication issue, but I have no idea what it might be. I have Outlook Web Access running on the front-end server, and it has the same problem--it can see the internal mailbox but if you try to send from OWA the mail bounces with the same error. The mail is bouncing from the back-end server in all cases.
Any idea what's going on here?