Solved

Exchange 2007 / MX Records / Connection Refused

Posted on 2009-04-09
12
1,232 Views
Last Modified: 2012-05-06
Hi, I am trying to deploy my first Exchange Server and I've hit a brick wall. The server has a static, public IP address. The domain has been set up, *.domain.com, www.domain.com, mail.domain.com and @.domain.com A records are pointing to the servers IP address. The MX record is set to mail.domain.com. with a priority of 10. Locally sent mail is working ok, as is OWA but I cannot send mail to any of the created domain addresses. When verifying the addresses at network-tools.com it shows that mail.domain.com is refusing connection. Any idea as to what have I done wrong?
0
Comment
Question by:Robox1
  • 7
  • 5
12 Comments
 
LVL 58

Expert Comment

by:tigermatt
ID: 24107645

The first check is to verify port 25 has actually been forwarded through your firewall. Port 25 is used for SMTP traffic, and as you didn't mention it, I can only assume you may have omitted this part of the procedure.

Also, Exchange 2007 does not have a Receive Connector for receiving email by default. You need to create one in order to have the server receive email from the Internet: http://technet.microsoft.com/en-us/library/bb124327.aspx

-Matt
0
 

Author Comment

by:Robox1
ID: 24107791
Hi Matt,

Thanks for the reply. There is no firewall, the Server has a direct, dedicated connection to the internet with a static IP. Symantec Endpoint is installed, but SMTP is listed as an allowed exception. I'll take a look at the technet article and let you know how it goes.

Craig.
0
 

Author Comment

by:Robox1
ID: 24108000
Ok,

I'm using SBS2K8, the Receive Connector was set up during the installation of SBS2K8 - at least there is a Receive Connector setup up in the Exchange Management Console under Server Configuration > Hub Transport > Receive Connectors. It is called "Windows SBS Internet Receive SERVER". It is enabled and, when entering its properties page, the FQDN is set correct (mail.domain.com), 'Local IP addresses to receive mail' is set to 'all available ipv4 addresses' on port 25, 'Remote IP addresses' are set to 0.0.0.0-255.255.255.255. I am still experiencing bounced emails when sending email to user@domain.com and, when checking at network-tools.com it still says "mail.domain.com - connection refused" - any more ideas?

Cheers,

Craig.
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 24108219

SBS changes the scene considerably. I should have noticed you cross-posted this in the SBS zone. Did you run the appropriate wizards in the SBS Console to configure the server? That should get the inbound receive connector configured correctly.

Would you mind posting your external domain here? I can do some DNS lookups and verify everything is valid on that front.

-Matt
0
 

Author Comment

by:Robox1
ID: 24108380
Hi Matt,

Yes, all wizards were run at setup. I don't mind posting the external domain as it is only being used for testing purposes anyway. It's prontoit.co.uk.

Craig.
0
 
LVL 58

Accepted Solution

by:
tigermatt earned 500 total points
ID: 24108429

Hey Craig,

The first problem I've struck is with your MX records. You have two records listed - mail.prontoit.co.uk and mx2.servage.net. The latter record has a higher cost, so should not be in use, but can you clarify exactly what it is for? If it's for a legacy ISP system, it needs to be removed.

I am able to telnet into your server on port 25, indicating initiating an SMTP session is not a problem. I was then able to proceed and submit a message to 'postmaster@' (you'll get a blank message arrive :-) ). This would indicate mail flow is working correctly, at least to built-in addresses.

-Matt
0
Don't lose your head updating email signatures!

Do your end users still have the wrong email signature? Do email signature updates bore you or fill you with a sense of dread? You can make this a whole lot easier on yourself by trusting an Exclaimer email signature management solution. Over 50 million users do...so should you!

 

Author Comment

by:Robox1
ID: 24108496
Hi Matt,

I've since removed mx2.servage.net - it's probably not propagated yet. I can send across the network no probs to other users internally - it's just trying to get mail sent from an external internet source. I really cannot see where I've gone wrong!

Craig.
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 24108864

Are you able to send externally to postmaster@ (not entering domain so the spammers don't pick it up)? That address should, by default, go to the mailboxes of all designated admins on the network.

-Matt
0
 

Author Comment

by:Robox1
ID: 24109107
Hi Matt,

For some reason, it just started working - I didn't change a thing then mail started coming into the Exchange mailboxes?! Now onto the next problem... Getting IMAP to work so we can access email out of the office. Again, I can't seem to see what I've done wrong lol. IMAP and POP is enabled in EMC, I've turned off all security options, just choosing basic auth but when entering mail.<domain>.co.uk into Outlook, I get an error.

Craig.
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 24109485

Hey Craig,

I'd suspect it may be a DNS propagation issue, but that doesn't matter, since it's working now and that's what's important.

Is there any reason why you need to use IMAP/POP? Those are pretty redundant technologies with Exchange. With an Exchange Server you'd generally make use of either OWA (through a browser) or Outlook with RPC/HTTPS for users with Outlook installed on their remote systems. With Exchange 2007, RPC/HTTPS becomes a lot easier and more attractive due to the benefits of Outlook Anywhere.

It's not uncommon to have remote users, who never visit the corporate LAN, but use RPC/HTTPS all the time to connect to their Exchange mailbox. It's much more suitable and convenient.

-Matt
0
 

Author Comment

by:Robox1
ID: 24135871
Hi Matt,

Sorry about the delay in replying - Bank Hols / Easter weekend 'n all! The only reason really is so I don't have to pay for the BlackBerry exchange add on, using BIS with IMAP instead is a far cheaper option.

Cheers,

Craig.
0
 

Author Comment

by:Robox1
ID: 24136184
Hi again Matt,

I've just realised that BIS has an option to monitor an OWA account, so that's that problem resolved. Thanks again for your help.

Craig.
0

Featured Post

DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Lotus Notes – formerly IBM Notes – is an email client application, while IBM Domino (earlier Lotus Domino) is an email server. The client possesses a set of features that are even more advanced as compared to that of Outlook. Likewise, IBM Domino is…
Marketers need statistics and metrics like everybody else needs oxygen. In this article we explain how to enable marketing campaign statistics for Microsoft Exchange mail.
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

912 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now