Accept Email From Kyocera Copier in Exchange 2007

What is the device sending to? A group or a user?
Exchange itself cannot block on the headers. A third party tool might be.

Why are you using port 465? Use port 25, and ensure that you have anonymous enabled.

Simon.

I would suggest a new receive connector where you add the ip of the copier on the network tab.
And configure your Authentication with basic authentication without TLS.

Regards,
M

Hello,

Test your connector by trying to send a message through a telnet session. That will tell you if it has something to do with the copier or if there is a problem with your connector.

JJ

If you will read my full post you will see that I have tried the receive connectors in multiple configurations and that all of the data in the pics is not how I am communicating to the copier internally.
I have tried it on port 25 of course.   OK....  I will however try your idea without TLS although I believe I have tried it.  I will also test sending a message through telnet and post results.  Thanks....
Just to add to the problem... The copier company suggests that we update the copier.  This seems to be a sales tactic but do not know if it is a legitimate request since I have not worked with Server 2008 before this install.  Any more suggestions while I try these....  Thanks

By the way...   The copier is designed to send to users using email addresses of outside users on the domain.  user@domain.com.  Thanks

Attaching copier log and details....
Copier-History.jpg
Scan-History-Detials.jpg

If the device has attempted to send email through the SBS Server then that should be logged. While I know that it can send to external recipients, if you are only sending to internal recipients then Exchange should accept the email if anonymous is enabled on the Default Receive Connector, because that is the same as an email coming in from outside the network.

If you are going to send to external recipients then I would normally suggest simply putting in your ISPs SMTP Server and having the email go out that way.

Simon.

Tested telnet to server using the following method and received email fine.
http://technet.microsoft.com/en-us/library/bb123686.aspx

I am starting to think that the copier company has run into this before and the copier communication method may be incorrect or something.  This should not be rocket science.  Any Ideas?

If sending though telnet works then the problem is definately with the copier. You are basically at the copier company's mercy to get this resolved.

JJ

It would be nice to be able to use the ISP as the smtp sender.  Most ISP's including the one this client is currently using (AT&T) will not let you send email without SSL.  The copier only offers basic authentication as you can see in the screenshots.  This copier is long overdue for a firmware update.  Going back to trying to relay through exchange 2007...  is there anything else that would cause the "transfer error" described in the send logs of the copier?  Security?  Firewall?  Is there a way to tell Exchange trust anything coming from the IP address of the copier or is this only done through the receive connector.  My current connector is set to Exchange Server and open or IPsec security.  I have tried anonymous and other security settings.  This one is really perplexing.  Thanks for the Responses.  Is there an SMTP service out there that allows basic authentication for a fee?

Another note:  I called Kyocera and explained to them what is going on.  In the course of the conversation I made sure to verify that the copier was on the most current firmware and discovered that there is a firmware available that is 2.2 years newer that its current one.  Hopefully this will help or solve this issue.  I should get the firmware today and get it installed.  I will keep you posted.  Thanks for all of the replies today.  If anyone has seen this model and experienced problems please let me know as the firmware upgrade may have nothing to do with it.   I can still pray...  :)

Should be getting a CF card from kyocera tomorrow with the updated firmware.  Will keep you posted if this fixes our communication issues.  Thanks,  Sparq

Hi Sparq,

I had a similar issue which was resolved by adding the Multifunction IP address into the "Allowed" range for Anti-Spam.

I was able to send through telnet no problem and I even set a subject and body for the scans but for whatever reason the Anti-spam seemed to cause issues.

If you are able to use telnet fine, try adding the printer IP to the Anti-Spam allow list and hopefully should be good.

In the Exchange Management Console
Server Configuration > Hub Transport
Under the Receive Connectors select your connector then click the "Anti-Spam" tab.
Open the "IP Allowed List"
Add the printer IP address in and try it again.

Thanks Rothgar... I am not sure if I have tried that....  Will check and let you know.

No problem, let me know.

Researching the server 2008 spam and hub transport and trying different configurations.  I have found no solutions to this issue.  Keep in mind that a Microsoft technician told me that he has seen this problem on other copiers due to the way they write the email headers.  If he knows this... why can't microsoft write a patch or hotfix to address the legacy equipment?  

Bottom line is that the client invested $15000 into equipment (2004) that the manufacturer is not supporting like they should so I sent kyocera support the following email to see how or if they would respond.

We have been unable to find a technician that can assist us in this matter... we have tried three authorized dealers.  Our copier simply will not send email through our new 2008 server.  It would send email scans through 2003 server with some tweaks.  We have tried firmware upgrades, technical support, and outside authentication methods.  The problem is that the interface does not support SSL nor even plain text authentication on the SMTP side.  You have to POP email first (plain text only) and I can't find ANYONE that supports this configuration.  I setup an account with DynDNS mailhop service and they will accept plain text authentication on 4 different ports however the copier does not have ANY authentication method on the SMTP configuration.  I have opened online forum tickets on Experts-Exchange and MXExchange with no luck.  This really is a very simple addition to a very needed firmware upgrade.  The copier is not  very old.  How can I recommend a brand that does not update to accomodate newer technologies when we purchased this expensive copier in 2004 from a KM dealer.  There is also NO WAY that we can find to simply scan a document to a users computer.  I have a standalone sub $300 scanner that is temporarily doing this if that tells you anything about the situation.  Is there ANYthing you guys are willing to do to help keep our investment and faith in your company?  Please at least respond with a yes or no so that we can move forward knowing that we did everything we could.   Frustrated yet Sincere,   Mark Wilkinson - Versa Technoloiges

I don't see any reason why this shouldn't work.

I would assume the following:

Both the multi-function and the Server 2008 server running Exchange are on the same network.
The server can ping the printer.

Testing the e-mail:
On a machine which sits on the same network, do a basic Telnet to the exchange server on port 25 and confirm you are able to send e-mails. The server should allow you (if it's configured properly) to send e-mails from your e-mail domain to your e-mail domain without authentication from machines on your local subnet if you have modified the Exchange SMTP options like that.

E-mail settings:
I don't know why you need a "Receive" on the Kyocera but for the send, you'd use the Server 2008 box as the SMTP server.
You should be able to put just an e-mail address (which does not need to exist but contain your domain name so it's ok for relaying) and not need authentication. You may need to as explained add the Kyocera Ip to be excluded from the Spam Filter.
Alternatively you can make a "scan" user for example and put those user details in the Kyocera to allow it to send to remote addresses for example.

Things to check:
You should be able to send mail via telnet from the local subnet.
The printer should be in the exlusion list for Spam filter in exchange.
Check it's not getting picked up by any additional AV Anti-Spam you may have installed or the new 2008 optional addons you can license.

Additional trouble-shooting steps:
Use a packet sniffing utility such as Wireshark to check what traffic is coming in from the printer on port 25 to see if you can see anything obvious causing problems.

Have you done any of what I mentioned?

I have tried everything...   As mentioned before.  The Microsoft Engineer said that it had something to do with the headers.  When we receive a scan it says it comes from administrator@[ internal IP ] .  If you try to add this to the antispam it does not accept it.  I have already added the Internal IP of the printer to the antispam.  Also, I turned off all of the antispam on the server.   I am giving up on this one and going to try an smtp email client on an xp box.  Thanks for the suggestions.  Can I give some points or do I have to give all points?

I have no idea on the points.

It still does not seem to make any sense with the headers. Which running some tcpdump's could show what in effect is coming to the server from the printer. If you've fixed the relaying to be very relaxed for the internal subnet then you can run  telnet tests with limited headers and it usually makes it through.

In any case a tcpdump should show you the whole conversation if you set it up properly.

I don't agree with that, I think I have provided ample information and have dealt with Kyocera's as well.

I would have liked to see some TCP dump data to see SMTP conversation details, however the OP has decided not to pursue this option.

Without the OP trying his option, I don't agree with all points being distributed to danherbon.

This was not resolved by any of the ideas provided.  Do you see a DNS Domain Name setting in my graphics?  You must have been working with different firmware. I did however find a workaround that I hope will help someone else in the future.  Seems like a lot of work but it nonetheless got the scanned messages to the users.  I setup a trusted open relay on one of my exchange servers (2003) that was external to the Kyocera client.  This is done by adding the IP address to trusted networks in the exchange configuration.  I setup a gmail account for each user at the client that needed to receive scans.  On the copier I setup the IP address to the exchange server that relays and setup each user to sent to the the gmail account for each user.  The Gmail accounts were getting the scans just fine.  Since server 2008 (exchange 2007) does not have a built in POP connector I bought one from mapilabs for $90 and used it to gather email from each gmail account into the appropriate exchange account of each user.   This is working very well but it takes the scans 5-10 minutes to get to the inbox.  The users seem happy nonetheless and I have gain more of their confidence.  For a solution that costs $90 and an hour to setup this is pretty reasonable.  The only catch is that you have to be able to relay through another exchange 2003 server.   Like I said...  hope this helps someone and thanks to everyone for their time.   I wish that I could distribute points to all that tried.  Thanks to Expert Exchange for this service.  Sincerely,  Mark

xfreddie, mestha, and rothgar  should get the points....  thanks   Mark