• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 445
  • Last Modified:

Adding a new excepted domain in Exchange 2007 SP1

 I have an Exchange 2007 SP1 single server that has been running fine for a year now. I am trying to add a new accepted domain and cannot get it to work externally. I do not have an MS Edge server, but do have a Barracuda Spam Firewall 300 configured as a smart host for exchange. I have 2 domains today that the Exchange server accepts mail for, that work fine. I defined a new 3 rd Accepted Domain in exchange and from within the exchange server it appears to be working correctly. The new domain is also configured in the Barracuda.  I cannot get the exchange server to accept connections from outside of the exchange server for this new domain.  
  I have had the Barracuda engineers look at the configuration for both the working and non working domains and they cannot find a difference between them and they do not see a configuration problem with the Barracuda.  
  I cannot see any differences in the configuration between the Accepted Domains between the ones that work and the one that doesnt. I do not see anything in the receive connector that is related to a domain, so I dont think the problem is there either. The send connectors also do not seem to have any configuration information specific to domains either.
  The original Domains were installed with Exchange 2007 RTM. When SP1 became available I installed it, So the new domain was created under SP1 while the old domains were created with RTM installed.

Does anyone have any idea where to look next? Thanks in advance for any advice!
1 Solution
Look at the DNS. Many times the barracuda people have you set it up so that your exchange server will only accept connections from the barracuda. Make sure the MX record on the new domain points to the barracuda and not directly at the the exchange server.
are your MX records correct?, one more thing if you do telnet from the server itself & drop an email for this domain, could you do that succesfully?
gogetsomeAuthor Commented:
Thanks JAR3817.
  The MX record does point to the Barracuda. My Barracuda in on a DMZ port of my Firewall. The firewall has a 1 to 1 NAT pointing the MX record to the Inter DNZ address of the Barracuda.  The Exchange Server is on my local LAN. The Firewall is configured to only allow port 25 to and from the Barracuda and Exchange. In short ther is no way to get from my public address directly to the exchange server.
  One other poit on the Barrcuda side, In the Domain Configuration ther is a test that you can run to test the connection between the Barracuda and the nexchange server. This test fails with the new domain, but works fine with the 2 old domains. The test fails with an Unable to Relay error, but I don't think they are using the term Relay corretly in this error.

Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

gogetsomeAuthor Commented:
Thanks sandeep

Yes the MX is correct. Currently that domain is being scanned and forwarded to another 2003 exchange server at a remote location. They have been getting their mail filtered this way for 3 months now. I am trying to get rid of that remote 2003 server in the long run. I wan to run their mail through my 2007 server here.
To make sure that Barracuda is not cashing aningthing I created another new fake domain to test with and it gets the same results so I not this it is a problem either.

Yes from my workstation I can telnet to port 25 of the exchange server and create a mail message that is delivered to my account with no problem.

gogetsomeAuthor Commented:
The problem seems to have gone away. I did a reboot of the exchange server to install some unrelated updates and now it seems to be working. Even the domain test from the barracuda now works now.  I have no idea what a reboot fix anything in this scenario.  Thanks for your help!
My guess would be that the Microsoft Exchange Transport service on the server with the hub transport role for some reason had not applied the new settings for accepted domains. With the reboot all services read the configuration at startup and therefore it started accepting mail for the new domain.

A restart of the Microsoft Exchange Transport service should probably have worked as well.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Tackle projects and never again get stuck behind a technical roadblock.
Join Now