troubleshooting Question

Exchange server smtp error 500 5.3.3 Unrecognized command

Avatar of d3m00n
d3m00n asked on
ExchangeVPNEmail Protocols
17 Comments2 Solutions43950 ViewsLast Modified:
Hi,

I have a problem with commonication between two Exchange servers 2003.

exAsrv-FWsiteA----VPN------FWsiteB----exBsrv

Where:
exAsrv - Exchange 2003
exBsrv - Exchange 2003
FWsiteA - Cisco ASA5505 ver 7.2(2)
FWsiteB - Cisco ASA5505 ver 7.2(2)

Problem is when I try to comunicate with both servers on port 25.

1.
a)From exAsrv.mydomain.local I can telnet to port 25 to exBsrv.mydomain.local, but I see:
220 ****************************************************************************
*****************************************
helo
500 5.3.3 Unrecognized command

b)From exBsrv.mydomain.local I can telnet to port 25 to exAsrv.mydomain.local, but I see:
220 ****************************************************************************
*****************************************
helo
500 5.3.3 Unrecognized command

From RFC I have only information which I don't understand, why command line to long???
      4.2.1.  REPLY CODES BY FUNCTION GROUPS

         500 Syntax error, command unrecognized
            [This may include errors such as command line too long]

2. Another test. I enabled possibilyty on both exchange servers to comunicate on port 252:
a) From exAsrv I can telnet to port 252 to exBsrv, but I see:
220 exBsrv.mydomain.local Microsoft ESMTP MAIL Service, Version: 6.0.3790.3959
ready at  Fri, 8 Feb 2008 14:43:58 +0100
helo
250 exBsrv.mydomain.local Hello [192.168.1.200]

b)From exBsrv I can telnet to port 252 to exAsrv, but I see:
220 exAsrv.mydomain.local Microsoft ESMTP MAIL Service, Version: 6.0.3790.1830
ready at  Fri, 8 Feb 2008 14:45:07 +0100
helo
250 exAsrv.mydomain.local Hello [192.168.0.17]

On the site B exchange server is available from outside as a main server, however I want to
set up replication of both server. But now it is not a problem.

I checked configuration on both cisco routers:
1. NAT rules are setup correctly.
2. I disabled ESMTP inspecion on both sides.

Trraffic seems like is going correctly.

3.
a) Test telnet from host1B.mydomain.local(winXP) to exAsrv.mydomain.local to port 25.
220 ****************************************************************************
*****************************************
helo
250 exAsrv.mydomain.local Hello [192.168.0.23]

b) Test telnet from host2B.mydomain.local(GNU/Linux) to exAsrv.mydomain.local to port 25.

Connected to 192.168.1.200 (192.168.1.200).
Escape character is '^]'.
220 *********************************************************************************************************************
helo
250 exAsrv.mydomain.local Hello [192.168.0.5]

c) Test telnet from host2B.mydomain.local(GNU/Linux) to exAsrv.mydomain.local to port 252

Connected to 192.168.1.200 (192.168.1.200).
Escape character is '^]'.
220 exAsrv.mydomain.local Microsoft ESMTP MAIL Service, Version: 6.0.3790.1830 ready at  Fri, 8 Feb 2008 15:17:04 +0100
helo
250 exAsrv.mydomain.local Hello [192.168.0.5]

d) Test telnet from host3B.mydomain.local(WinXP x64) to exAsrv.mydomain.local to port 25.
220 ****************************************************************************
*****************************************
helo
500 5.3.3 Unrecognized command
e) Test telnet from host3B.mydomain.local(WinXP x64) to exAsrv.mydomain.local to port 252.
220 exAsrv.mydomain.local Microsoft ESMTP MAIL Service, Version: 6.0.3790.1830
ready at  Fri, 8 Feb 2008 14:45:07 +0100
helo
250 exAsrv.mydomain.local Hello [192.168.0.32]


Does one of you see any regularity as I don't.

Where can be a problem?

I think that somwhere in Windows, but don't see any regularity.
Please note I tested it when software FW are disabled on both sites.

Thank's for any suggestion.


ASKER CERTIFIED SOLUTION
d3m00n

Our community of experts have been thoroughly vetted for their expertise and industry experience.

Join our community to see this answer!
Unlock 2 Answers and 17 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 2 Answers and 17 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros