[Last Call] Learn how to a build a cloud-first strategyRegister Now


Adding a new excepted domain in Exchange 2007 SP1

Posted on 2009-02-09
Medium Priority
Last Modified: 2012-05-06
 I have an Exchange 2007 SP1 single server that has been running fine for a year now. I am trying to add a new accepted domain and cannot get it to work externally. I do not have an MS Edge server, but do have a Barracuda Spam Firewall 300 configured as a smart host for exchange. I have 2 domains today that the Exchange server accepts mail for, that work fine. I defined a new 3 rd Accepted Domain in exchange and from within the exchange server it appears to be working correctly. The new domain is also configured in the Barracuda.  I cannot get the exchange server to accept connections from outside of the exchange server for this new domain.  
  I have had the Barracuda engineers look at the configuration for both the working and non working domains and they cannot find a difference between them and they do not see a configuration problem with the Barracuda.  
  I cannot see any differences in the configuration between the Accepted Domains between the ones that work and the one that doesnt. I do not see anything in the receive connector that is related to a domain, so I dont think the problem is there either. The send connectors also do not seem to have any configuration information specific to domains either.
  The original Domains were installed with Exchange 2007 RTM. When SP1 became available I installed it, So the new domain was created under SP1 while the old domains were created with RTM installed.

Does anyone have any idea where to look next? Thanks in advance for any advice!
Question by:gogetsome
LVL 26

Expert Comment

ID: 23593604
Look at the DNS. Many times the barracuda people have you set it up so that your exchange server will only accept connections from the barracuda. Make sure the MX record on the new domain points to the barracuda and not directly at the the exchange server.
LVL 11

Expert Comment

ID: 23593818
are your MX records correct?, one more thing if you do telnet from the server itself & drop an email for this domain, could you do that succesfully?

Author Comment

ID: 23593886
Thanks JAR3817.
  The MX record does point to the Barracuda. My Barracuda in on a DMZ port of my Firewall. The firewall has a 1 to 1 NAT pointing the MX record to the Inter DNZ address of the Barracuda.  The Exchange Server is on my local LAN. The Firewall is configured to only allow port 25 to and from the Barracuda and Exchange. In short ther is no way to get from my public address directly to the exchange server.
  One other poit on the Barrcuda side, In the Domain Configuration ther is a test that you can run to test the connection between the Barracuda and the nexchange server. This test fails with the new domain, but works fine with the 2 old domains. The test fails with an Unable to Relay error, but I don't think they are using the term Relay corretly in this error.

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!


Author Comment

ID: 23594030
Thanks sandeep

Yes the MX is correct. Currently that domain is being scanned and forwarded to another 2003 exchange server at a remote location. They have been getting their mail filtered this way for 3 months now. I am trying to get rid of that remote 2003 server in the long run. I wan to run their mail through my 2007 server here.
To make sure that Barracuda is not cashing aningthing I created another new fake domain to test with and it gets the same results so I not this it is a problem either.

Yes from my workstation I can telnet to port 25 of the exchange server and create a mail message that is delivered to my account with no problem.


Accepted Solution

gogetsome earned 0 total points
ID: 23604092
The problem seems to have gone away. I did a reboot of the exchange server to install some unrelated updates and now it seems to be working. Even the domain test from the barracuda now works now.  I have no idea what a reboot fix anything in this scenario.  Thanks for your help!

Expert Comment

ID: 23980001
My guess would be that the Microsoft Exchange Transport service on the server with the hub transport role for some reason had not applied the new settings for accepted domains. With the reboot all services read the configuration at startup and therefore it started accepting mail for the new domain.

A restart of the Microsoft Exchange Transport service should probably have worked as well.

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If something goes wrong with Exchange, your IT resources are in trouble.All Exchange server migration processes are not designed to be identical and though migrating email from on-premises Exchange mailbox to Cloud’s Office 365 is relatively simple…
There can be many situations demanding the conversion of Outlook OST files to PST format and as such, there is no shortage of automated tools to perform this conversion. However, what makes Stellar OST to PST converter stand above the rest? Let us e…
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Suggested Courses

826 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question