Problem with Edge Transport Server - Microsoft Exchange 2007

Posted on 2009-04-27
Last Modified: 2012-08-13
Recently, I added an edge transport server in the dmz.  This server was configured using edgeSync and all the connectors were added successfully. I can test synchronization by using test-edge... cmdlet and I can verify the accepted domains as well.  So I know its working fine...
 I can receive email from the outside world, which is picked up by the edge server and forwarded to the hub for delivery.  That works well.  On the other hand, when I try to email an external email, the hub transport forwards it to the edge, and there, it remains in queue.  The error that is being generated is:

451 4.4.0 Primary Target IP address responded 421 4.2.1 unable to connect.   Attempted failover to alternate host, but that did not succeed.  Either there are no alternate hosts or delivery failed to the all alternate host.

If I manually add a (internet) send connector on the hub transport server, I can email directly from the hub server, but I do not want to do this. I have both of the servers added in each of the hosts file and dns works fine.  I have logging enabled if anyone wants to view a specific log.

Any ideas?
Question by:itsccoc
    LVL 17

    Expert Comment

    nicely explained..
    OK.. so you mean the mails are stuck in the queue of the Edge server.
    now do the following:
    1. on edge.. open command prompt and do this..
    set q=mx or any

    do you get the MX record of them?

    2. do telnet MX/IP 25
    do you get the banner of the remote domain??

    let me know the results....


    Author Comment

    Thanks for the comment.  Nslookup works fine, we're able to view MX records and we can also telnet to other smtp servers via port 25 no problem from the Edge (and hub transport server).  I recently installed a digital certificate (2 weeks prior to doing the edge subscription)  on the HUB transport server reflecting the hub transport servers' name.  Should the edge transport be added to the digital cert too and imported on both?  The edge is using the auto self-signed cert.  Didn't know if that mattered or not.

    LVL 17

    Accepted Solution

    there is no relation of certificate and Outbound mail flow....
    check the event viewer if you got any certificate error ...

    do this...
    telnet 25

    whats the ip address showing up with ehlo?

    Author Comment

    Sam, you were right.  I forgot I had an acl preventing outbound connections on port 25 except for our current mail provider.  By testing the domain you provided me pointed me in the direction of a network connectivity problem thus realizing it was related to an acl.


    Featured Post

    How to run any project with ease

    Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
    - Combine task lists, docs, spreadsheets, and chat in one
    - View and edit from mobile/offline
    - Cut down on emails

    Join & Write a Comment

    Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
    Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
    In this video we show how to create a User Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Mailb…
    To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…

    732 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    24 Experts available now in Live!

    Get 1:1 Help Now