?
Solved

Cant Send External Emails after SSL Certificate Update (Receive is fine)

Posted on 2006-10-27
13
Medium Priority
?
305 Views
Last Modified: 2010-08-05
Can't send emails from exchange.  We just changed our SSL certificate.  Does anyone know if this would effect send emails?

We can send and receive internally.  We can receive from the outside. Internet access is fine.

Event log is not showing any obvious errors.
0
Comment
Question by:Dennis_Atkins
  • 7
  • 6
13 Comments
 
LVL 104

Expert Comment

by:Sembee
ID: 17819751
Did you attempt to put the certificate on to the SMTP virtual server? An SSL certificate should have nothing to do with email delivery - they are on separate virtual servers.

Simon.
0
 

Author Comment

by:Dennis_Atkins
ID: 17819823
Certificate was only applied to the Default Web Site under IIS.  I have contacted our provider to check.

Also getting a token 80090308 error on the Public Folders directory in ESM.  Is this related?

Dennis
0
 
LVL 104

Expert Comment

by:Sembee
ID: 17819866
Public Folders access through ESM is done through ESM, so that could be causing a problem.
Ensure that REQUIRE SSL is not enabled on /exchange, /exadmin, /exchweb and /public virtual directories in IIS Admin. If it is enabled, disable it and then close the IIS manager. Drop in to a command prompt and type

iisreset

That ensures the change is written to the IIS metabase.

When you try to send email what happens?

Simon.
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 

Author Comment

by:Dennis_Atkins
ID: 17820296
Check SSL on the Virtual Directories.  All were fine.  Ran iisreset anyway.  Stop and Restart OK.

When a user sends a message it seems to go OK.  Email moves to the sent folder and no errors are reported or bounced back.  Our service provider (BellSouth) was able to test our domain and send emails from it.

It definitally seems to be our Exchange box.

How about a reboot????

Dennis
0
 
LVL 104

Expert Comment

by:Sembee
ID: 17820691
Are the messages sitting in the queues?
What does message tracking say?

Simon.
0
 

Author Comment

by:Dennis_Atkins
ID: 17826279
Did a reboot just in case - no change

Messages are sitting in the queues.  

Tracking on a sample message indicates these events:
SMTP submittal, advance queue, categorizer, queued for routing, queued for remote delivery at 12: 30pm
The whole process shows repeated again at 12:40 pm

User are now getting delayed deliver notices.
0
 

Author Comment

by:Dennis_Atkins
ID: 17826773
Also getting "smtp could not connect to any DNS server" for each queue.  Our provider did just change DNS hosts.  I corrected the DNS under the SMTP virtual directory.

Is there any place else it needs to be changed?
0
 
LVL 104

Expert Comment

by:Sembee
ID: 17826944
You shouldn't have DNS settings on the SMTP virtual server. Remove them from there.
Check the DNS settings in the DNS Server applet on your domain controllers. The best practise configuration is to use forwarders set in the DNS server applet.

Simon.
0
 

Author Comment

by:Dennis_Atkins
ID: 17833305
Forwarders are already set in the DNS Server.  I found the "old" DNS numbers hidden under the SMTP virtual server.  They have been there since the Exchange server was setup a few years ago by a contracted data company.

Since changing the numbers under the SMTP Virtual server, all is working fine.  I would like to avoid this in the future.

If I remove the DNS info from the SMTP Virtual Server will it default to using the info from our DNS server?

Dennis
0
 
LVL 104

Accepted Solution

by:
Sembee earned 2000 total points
ID: 17833407
If you remove the DNS servers from the SMTP virtual server, then Exchange asks its host machine to find the DNS information that it needs...

So the DNS request will be local machine, domain controllers, forwarders, internet.

That is how Exchange is designed to work - I never configure DNS servers on the SMTP virtual server.

Simon.
0
 

Author Comment

by:Dennis_Atkins
ID: 17833555
Thanks for the info.  I will give it a try today and let you know.

Any thoughts on why Exchange would have been set this way to begin with?
0
 
LVL 104

Expert Comment

by:Sembee
ID: 17833576
No idea. However I see lots of stupid things done to Exchange that nothing surprises me any more. There are lots of people out there who think they know Exchange but don't have a clue. They can get it to work, but it comes back and bites them (or more often, their client) later on.

Simon.
0
 

Author Comment

by:Dennis_Atkins
ID: 17893467
Finally removed the embedded DNS info in Exchange.  All is working fine.  Thanks for the help!!!
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

You can use the network upload option and the Office 365 Import service to bulk-import PST files to user mailboxes. Network upload means that you upload the PST files a temporary storage area in the Microsoft cloud.
Lotus Notes is the most prominent choice of all users due to its advance email management. It provides email features along with contact management, appointments, task, calendar etc. Many users rely on its service to carry out electronic communicati…
how to add IIS SMTP to handle application/Scanner relays into office 365.
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

568 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question