Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1411
  • Last Modified:

Exchange 2003 with 2 SMTP routing Group Connectors with * address space but different costs?

Some domains do not accept email from my exchange server, so I created a second smtp connector for these domains to forward through my ISP - smarthost.

Right now I have two SMTP routing group connectors.  EX.  SMTP1 uses DNS to route, with address space of * cost1.  SMTP2 uses smarthost (my isp) to forward mail, address space is email domains that will not go through SMTP1.

Would it work if I kept SMTP1 connector as is and setup SMTP2 with address space of * and cost of 2? So that what ever email will not go through SMTP1 will automatically go through SMTP2 ?
0
kmillernet
Asked:
kmillernet
  • 9
  • 8
  • 8
  • +1
2 Solutions
 
e_vanheelCommented:
I think it would....try it. :)
0
 
MesthaCommented:
The way to do it is to have the domains that you have problems with at a cost of 1 and the * connector at a cost of 2 or more. Then Exchange will use the first connector for domains that match and the second connector for everything else.

If you put it the other way round then Exchange will ignore the connector with the specific domains listed because * matches.

If you set them both to 1 then Exchange will load balance, so some email for the domains listed on the connector will go out through the other connector.

-M
0
 
SurajCommented:
Please note one thing... Microsoft do not suggest more than one smtp connector with same settings... though you have different cost.. there is nothing like load balance which will be done !
2 SMTP connectors with same settings with diff cost doesnt make any sese.
smtp connector will be down if the smart host is down. is smarthost is down.. then none of the 2 smtp connector will work.
-> Load balance wil come in to picture Only if you have multiple smart host OR on one you have dns and other smarthost...
=> if you have multiple smarthost then you should mention them togather On one smtp connector : [x.x.x.x},[y.y.y.y].
-> NOTE IN ABOVE EXPLANATION I WAS TALKING ABOUT ADDRESS SPACE *
-> Now if you have different address space...
like on smtp 1 -> *
smtp-> gmail.com with any cost on both [doesnt matter]
IF you send a mail to gmail it will choose the 2nd one [NEAREST MATCH ON THE ADDRESS SPACE]

i guess your question should be cleared as i explained every senario with 2 SMTP connectors in Picture...  ;-)

x-sam
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
kmillernetAuthor Commented:
If a email will not go through to a certain domain SMTP1, I don't want to have to add it to SMTP2 all the time.  If a certain email domain will not go through my DNS (SMTP1) I want it to automatically send out thru connector2 (SMTP2 - my ISP outgoing mail server) Like a fail over??  Does this make sense?
0
 
SurajCommented:
Yes that can be done..
smtp 1 - address space * --> dns
smtp 2 - address space * --> smarthost ips

now the mail flow in this situation will depend on Cost as we have the same address space...
if you kee the cost same. then what ever route it gets first it will use that....

-X
0
 
e_vanheelCommented:
would it not be better to understand why your mail is not getting thru?  one common issue is your DNS is not set up correctly.  verify that your reverse DNS (managed by your ISP) matches what your server introduces itself as (set in Exchange).  many universities, companies and large ISPs check that they match.  what errors are you getting when the mail is not being delivered?
0
 
kmillernetAuthor Commented:
This is my server at home and it is on Verizon FIOS.  The reverse DNS is setup correct based on DNSstuff.com.  The errors I get are "SMTP communication error".  Then if I set up that domain in my ISP smarthost connector, it goes through fine.
0
 
e_vanheelCommented:
So in the advanced tab under Fully-qualified domain name - that matches what your reverse lookup is for that servers address?  This address does not have to match the mail domain that you are sending from, it just needs to match the r-dns.
0
 
e_vanheelCommented:
Also, Verify that Verizon is not blocking your port 25 -Many ISP's do  This would explain why the smartshost works.

I don't know what FIOS is.
0
 
SurajCommented:
Okk.. so let me conform one thing... you said if you smarthost your isp and send mail it works fine rigth ??

and with dns it doesnt... am i right...??
open command prompt and type in nslookup
set q=mx
remotedomain.com

what do you get...? does it resolve and gets you the MX record ???
I am sure this would be a dns issue... is Smarthosting works....

-> One more thng.. whn u do nslookup .. does it show your internal dns server or External ??

-X
0
 
kmillernetAuthor Commented:
Yes, my smarthost is the same name as the r-dns entry at my ISP.  Is there a way to double check that other than calling my ISP?  Verizon is not blocking port 25, I have a business account with them and a static IP.  And yes, nslookup with those parameters does resolve the email domains that I have my smart host forwarding.  Most email does go through my SMTP1 connector that uses DNS to route.  These are some examples of email domains that I have to setup with a second connector that uses my ISP (Smarthost) to route the messages:

allstate.com
chase.com
financialfederal.com
jonescannon.com

FYI, I have a couple of Law Firms that I host their email for.  They will call me and say that a email will not go through, receive a NDR, I had the email to my ISP smart host on the exchange server and it will work fine.  When I track the message on the server, it says SMTP communication error.
0
 
e_vanheelCommented:
Check that you are not blacklisted

http://www.mxtoolbox.com/blacklists.aspx
http://www.blacklistalert.org
http://www.blacklistmonitoring.com/lookup/email_blacklist_IP_address_lookup.php

from your exchange server try to telnet to to one of the domains that is causing you problems.
http://www.wikihow.com/Send-Email-Using-Telnet 
0
 
SurajCommented:
what is the NDR They get?
find the mx of those domains to whom yo are not able to connect
and then do a telnet mx 25

check if you are connecting and getting their banner... if not getting connected.. you may be blacklisted by them..
also check if you have PTR configured for your connecting IP

X
0
 
kmillernetAuthor Commented:
Here is a example of a NDR:

Subject: Undeliverable:
did not reach the following recipient(s):

user@domain.com on Fri, 20 Feb 2009 10:57:38 -0600
   There was a SMTP communication problem with the recipient's email
server.  Please contact your system administrator.
   <my.mail.server #5.5.0 smtp;554 Transaction Failed Spam Message
not queued.>
__________________________________________

Also, I was listed on SPAMCANNIBAL and I have requested removal.  Could this be the problem?
When I try to telnet into that domain, I get:  220 SMTP Proxy Server Ready

0
 
e_vanheelCommented:
Like I mentioned above, I think your issue is you are blacklisted.

this can take sometime to clean up.  You must be sure that whatever got you blacklisted (open relay, virus on PC / server) is cleaned up prior to requesting de-listing.  If you request de-listing and have not solved the issue, it takes longer to de-list the next time.

I would recomend that you insure that only your mail server is able to send mail (port 25) in your firewall.

I have had this take a week to get someone de-listed.  You might find that you have to clean up the one-offs like barracuda maintains their own list.

HTH
0
 
SurajCommented:
greate we are on the right  path.. you ar blacklisted ..  if you check the ncsa logs it will give you lot of information... who dropped the connection ..etc...
0
 
kmillernetAuthor Commented:
NCSA logs? Where to find them?  Also, in your example above, using both connectors with a address space of * and smtp1 cost = 1 and smtp2 cost = 2, will email try smtp1 first then if it fails, use smtp2 automatically?
0
 
kmillernetAuthor Commented:
NCSA logs? Where to find them?  Also, in your example above, using both connectors with a address space of * and smtp1 cost = 1 and smtp2 cost = 2, will email try smtp1 first then if it fails, use smtp2 automatically?
0
 
SurajCommented:

Microsoft do not recomend more than 1 smtp connector with same setting.. its of no use until or unless you have 2 diff smarthost..
you can enable NCSA Logs : on Exch sys manager --> go to properties of default smtp virtual server--> under general tab--> check "enable logging" and then click on drop down and select NCSA
Then restrt the smtp service
-> you can find this on start --> run--> type logfiles--> open SMTPSVC folder..--> you will find the ncsa file there...

-xsam
0
 
SurajCommented:
about the connectors Please read the above explanation of mine....which i posted at the very beginning... its simple as that..
-x
0
 
e_vanheelCommented:
wow.  that is all I can say.
0
 
kmillernetAuthor Commented:
Crap..  I selected the wrong one for points..  The blacklist was the problem suggested by e vanheel, how do I change points.
0
 
SurajCommented:
Hey.. no problem man.. no need to panic.. I will request for reopening the question... you can give points to e_vanheel or split the points or what ever... No problem..
I understand the value of time.. so ..

-x-sam-
0
 
kmillernetAuthor Commented:
Thanks for leading me in the right direction.
0
 
kmillernetAuthor Commented:
NCSA logs? Where to find them?  Also, in your example above, using both connectors with a address space of * and smtp1 cost = 1 and smtp2 cost = 2, will email try smtp1 first then if it fails, use smtp2 automatically?
0
 
e_vanheelCommented:
the logs are under C:\WINDOWS\system32\LogFiles\  typically.
I believe that your explanation is correct but your best bet is to only use on external connector and fix the blacklist issue.
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

  • 9
  • 8
  • 8
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now