Exchange cannot send to another internal Exchange server

Has it ever worked?
The usual cause for traffic between the servers failing is either a smart host on the SMTP virtual server or something blocking the traffic. AV, firewall etc. However it very much depends on whether it has ever worked.

Simon.

This is a new installation, and therefore has never worked. We are not using smarthosts. I have seen some posts about problems through a Sonicwall firewall, which is what we are using. But if telnet works to port 25, then how could the firewall be the problem?

Is the Sonicwall between the Exchange servers?
It is certainly possible for a firewall to cause the problem. Telnet only proves the connection, it doesn't prove successful data transfer.

Simon.

OK. I will check that tomorrow. Unfortunately, I don't have access to it right now. I'll get back to you tomorrow morning. Thanks.

More problems this morning....I used the smtpdiag tool on the GA server and tried to send out to my personal email account and it failed. Error is this:

Received:
452 4.2.1 Your host 66.110.220.100 has no DNS record. If you are using a firewall please configure DNS and try again authoritative host not found: "my email addres"

Now, which DNS entry are they referring to? An internal DNS problem on our network or an external DNS problem out there in the world? I called the ISP for GA which is Earthlink yesterday and they are clueless...

It will be external DNS records. More specifically they are referring to reverse DNS records, aka PTR records. You need to speak to your ISP to get that set.

Simon.

More info: the sonicwall is a backup route. There is in fact a point-to-point T1 connection between the two offices, so the sonicwall should not be involved at this point. the external dns records are pending as I try to get in touch with the ISP. For internal mail, that should not be an issue correct?

After reviewing more, I researched a similar setup to ours and discoverd this: When an organization has two or more mail servers, you need to let the primary mail server know that it is not the only mail server in the domain. For example, say a company has two mail servers, but all mail comes in to the primary. If there is a user on the second mail server, then how does the first one know to route messages to the other mail server when there is mail being sent to someone on the second mail server? If you drill down to the E-Mail Addresses properties tab of the Recipient Policy where the e-mail address was defind for the organization, you can click on the default SMTP address and look at the check box "This Exchange organization is responsible for all mail delivery to this address." It is greyed out on both servers.

Am I correct in thinking that this means the primary mail server in NY does not know that the other one in Georgia exists and therefore cannot send mail down to GA? Why is it greyed out and how can I change it?

That is not the cause of your problem.
Exchange recipient policies are Org wide, not server specific. Therefore if the servers are in the same Exchange org then Exchange will know where the email accounts are. If they are in the same Exchange org then Exchange knows what it needs to do with the email, where to send it etc. It is then handed to the SMTP virtual server for delivery. If the SMTP function has problems then you get problems. For example unable to connect,  unable to resolve, a smart host set on the SMTP VS, external DNS set on the SMTP VS etc.

Simon.

Doing further work. Trying to verify DNS settings and I think I found some errors. Working in accordance with the microsoft exchange 2003 transport and routing document, it states that mx records should not point to an internal domain. The server down in GA fails this using nslookup. nslookup set q=mx then enter name of ga email server and it comes back with an mx record 0f 20. whereas the email server in ny comes back with the info that it should come back with. So, should we delete the mx record of the GA mail server from internal DNS altogether?

Then using dnsdiag to verify that that exchange servers can resolve internal dns names again GA fails with this:

C:\WINDOWS\system32\inetsrv>dnsdiag "gaserver."ourdomain".com -v 1
"gaserver".com is in the Exchange Org. Global DNS servers wil
l be used.
Created Async Query:
--------------------
        QNAME = "gaserver"."ourdomain".com
        Type = MX (0xf)
        Flags =  UDP default, TCP on truncation (0x0)
        Protocol = UDP
        DNS Servers: (DNS cache will not be used)
        192.168.110.3
        192.168.110.7

Connected to DNS 192.168.110.3 over UDP/IP.
Received DNS Response:
----------------------
        Error: 0
        Description: Success
        These records were received:
        "gaserver"."ourdomain".com    MX    20    "gaserver"."ourdomain".com

Processing MX/A records in reply.
Sorting MX records by priority.
Querying via DNSAPI:
--------------------
        QNAME = "gaserver"."ourdomain".com
        Type = A (0x1)
        Flags =  DNS_QUERY_TREAT_AS_FQDN, (0x1000)
        Protocol = Default UDP, TCP on truncation
        Servers: (DNS cache will be used)
        Default DNS servers on box.

Received DNS Response:
----------------------
        Error: 9003
        Description: No records exist for this name.
Cannot resolve using DNS only, calling gethostbyname as last resort.
This will query
- Global DNS servers.
- DNS cache.
- WINS/NetBIOS.
- .hosts file.

Target hostnames and IP addresses
---------------------------------
HostName: "gaserver."ourdomain".com"
        No IP addresses for this name!

C:\WINDOWS\system32\inetsrv>


What do I do with this info???

Exchange doesn't use MX records for moving email between servers. As long as it can resolve the internal address of the other server correctly, then it will send the email that way. You just need to ensure that regular name resolution is working and verify the connectivity on the SMTP traffic.

Simon.

so, if I delete the mx record for the ga server, it should have no bad consequences, correct? Lets put it this way, our internal dns has mx records for both mail servers. Are they necessary? Can I safely delete them?

I can successfully ping both servers by name and ip. So, I assume that dns is correct. But what does this output tell us:

Received DNS Response:
----------------------
        Error: 9003
        Description: No records exist for this name.
Cannot resolve using DNS only, calling gethostbyname as last resort.
This will query
- Global DNS servers.
- DNS cache.
- WINS/NetBIOS.
- .hosts file.

I installed the Exchange System Manager on to my PC and it will not allow me to connect to the GA server. When I expand the First Storage Group, I see red down arrows on the store. I try to mount the store and it denies me access. However, when I log on to the server itself using the administrator account, the store appears fine.

What is that all about?

May I send you a small log file? I don't want to announce it to the world by posting it here.