Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Cant Send External Emails after SSL Certificate Update (Receive is fine)

Posted on 2006-10-27
13
Medium Priority
?
295 Views
Last Modified: 2010-08-05
Can't send emails from exchange.  We just changed our SSL certificate.  Does anyone know if this would effect send emails?

We can send and receive internally.  We can receive from the outside. Internet access is fine.

Event log is not showing any obvious errors.
0
Comment
Question by:Dennis_Atkins
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 6
13 Comments
 
LVL 104

Expert Comment

by:Sembee
ID: 17819751
Did you attempt to put the certificate on to the SMTP virtual server? An SSL certificate should have nothing to do with email delivery - they are on separate virtual servers.

Simon.
0
 

Author Comment

by:Dennis_Atkins
ID: 17819823
Certificate was only applied to the Default Web Site under IIS.  I have contacted our provider to check.

Also getting a token 80090308 error on the Public Folders directory in ESM.  Is this related?

Dennis
0
 
LVL 104

Expert Comment

by:Sembee
ID: 17819866
Public Folders access through ESM is done through ESM, so that could be causing a problem.
Ensure that REQUIRE SSL is not enabled on /exchange, /exadmin, /exchweb and /public virtual directories in IIS Admin. If it is enabled, disable it and then close the IIS manager. Drop in to a command prompt and type

iisreset

That ensures the change is written to the IIS metabase.

When you try to send email what happens?

Simon.
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 

Author Comment

by:Dennis_Atkins
ID: 17820296
Check SSL on the Virtual Directories.  All were fine.  Ran iisreset anyway.  Stop and Restart OK.

When a user sends a message it seems to go OK.  Email moves to the sent folder and no errors are reported or bounced back.  Our service provider (BellSouth) was able to test our domain and send emails from it.

It definitally seems to be our Exchange box.

How about a reboot????

Dennis
0
 
LVL 104

Expert Comment

by:Sembee
ID: 17820691
Are the messages sitting in the queues?
What does message tracking say?

Simon.
0
 

Author Comment

by:Dennis_Atkins
ID: 17826279
Did a reboot just in case - no change

Messages are sitting in the queues.  

Tracking on a sample message indicates these events:
SMTP submittal, advance queue, categorizer, queued for routing, queued for remote delivery at 12: 30pm
The whole process shows repeated again at 12:40 pm

User are now getting delayed deliver notices.
0
 

Author Comment

by:Dennis_Atkins
ID: 17826773
Also getting "smtp could not connect to any DNS server" for each queue.  Our provider did just change DNS hosts.  I corrected the DNS under the SMTP virtual directory.

Is there any place else it needs to be changed?
0
 
LVL 104

Expert Comment

by:Sembee
ID: 17826944
You shouldn't have DNS settings on the SMTP virtual server. Remove them from there.
Check the DNS settings in the DNS Server applet on your domain controllers. The best practise configuration is to use forwarders set in the DNS server applet.

Simon.
0
 

Author Comment

by:Dennis_Atkins
ID: 17833305
Forwarders are already set in the DNS Server.  I found the "old" DNS numbers hidden under the SMTP virtual server.  They have been there since the Exchange server was setup a few years ago by a contracted data company.

Since changing the numbers under the SMTP Virtual server, all is working fine.  I would like to avoid this in the future.

If I remove the DNS info from the SMTP Virtual Server will it default to using the info from our DNS server?

Dennis
0
 
LVL 104

Accepted Solution

by:
Sembee earned 2000 total points
ID: 17833407
If you remove the DNS servers from the SMTP virtual server, then Exchange asks its host machine to find the DNS information that it needs...

So the DNS request will be local machine, domain controllers, forwarders, internet.

That is how Exchange is designed to work - I never configure DNS servers on the SMTP virtual server.

Simon.
0
 

Author Comment

by:Dennis_Atkins
ID: 17833555
Thanks for the info.  I will give it a try today and let you know.

Any thoughts on why Exchange would have been set this way to begin with?
0
 
LVL 104

Expert Comment

by:Sembee
ID: 17833576
No idea. However I see lots of stupid things done to Exchange that nothing surprises me any more. There are lots of people out there who think they know Exchange but don't have a clue. They can get it to work, but it comes back and bites them (or more often, their client) later on.

Simon.
0
 

Author Comment

by:Dennis_Atkins
ID: 17893467
Finally removed the embedded DNS info in Exchange.  All is working fine.  Thanks for the help!!!
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
On September 18, Experts Exchange launched the first installment of the Help Bell, a new feature for Premium Members, Team Accounts, and Qualified Experts. The Help Bell will serve as an additional tool to help teams increase question visibility.
how to add IIS SMTP to handle application/Scanner relays into office 365.
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question