[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now


Two 2003 exchange servers on differenet subnets can not send e-mail to each other

Posted on 2007-10-02
Medium Priority
Last Modified: 2012-05-05
Here is a very perplexing issue:

Two exchange 2003 servers are sitting in different domains, different subnets, and different external IP addresses but are connected to the same layer 2/3 switch behind the same firewall and same ISP.

Any exchange servers outside of the firewall can send e-mail to either exchange server behind the firewall without issue.

Any exchange server behind the firewall can send e-mail to any exchange server beyond the firewall without issue.

The issue is you can not send e-mail for one exchange server behind the firewall to the other one behind the firewall or vise versa.

Both exchange servers behind the firewall can ping each other
You can telnet to each using the internal IP addresses on port 25
You can not telnet to each other using their external IP addresses on port 25

The firewall looks like its doing a loop back which from what I know should be fine but seems to cause this not to work for some reason. So while tech support for the firewall work on it from their side my thought was just make it so the two exchange servers behind the firewall get the MX address from the local windows 2003 DNS server that points to each others local address.

Well even if we create a DNS zone with an mx record that points to the internal IP addresses for the exchange servers  exchange still does cant send mail.

We noticed that when we query the local Windows 2003 DNS server we only get the stub returned not the real MX record.

We have used the SMTPDIAG tool and it fails too when we try to send from one internal exchange server to the other internal exchange server.

Any ideas?
Question by:jkolaski
  • 2
  • 2
LVL 104

Accepted Solution

Sembee earned 2000 total points
ID: 20003358
Skip using MX records.
What I do in this scenario, particularly as they can telnet to each other, is to use smtp connectors.
Create one in each Exchange org.
Set it to use a smart host, remember if the DNS doesn't work and you use an IP address, it needs to be in [ ] - so [].
Then on the address space tab enter the domain/s that the other server is responsible for.

I would actually do that despite the firewall configuration.


Author Comment

ID: 20003499
Will give it a try in the morning.

Author Comment

ID: 20008301
Your idea worked and I will accept that as the solution but do you have any idea why a windows 2003 dns server would not return the mx record and only the stub?
LVL 104

Expert Comment

ID: 20009195
It shouldn't be doing that. I would check whether the DNS entry is configured correctly. It isn't something I have seen Windows DNS do before.


Featured Post

Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Steps to fix “Unable to mount database. (hr=0x80004005, ec=1108)”.
Steps to fix error: “Couldn’t mount the database that you specified. Specified database: HU-DB; Error code: An Active Manager operation fail”
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an anti-spam), the admin…
Suggested Courses

873 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question