activit
asked on
Exchange 2007 on SBS2008 TLS Errors
Here are the errors I am getting. When I send an email., as well as the erorrs in the server log files.
It is driving me nuts. In the Exchange Console TLS is not even enabled!!!!
The following recipient(s) cannot be reached:
Dxxxxx@xxxxxxxxxxx.net.au on 21/05/2009 4:57 PM
You do not have permission to send to this recipient. For assistance, contact your system administrator.
<xxxxxx.com.au #5.7.1 smtp;550 5.7.1 Unable to relay for Dxxxx@xxxxxx.net.au
Receive connector 127.0.0.1:25 requires Transport Layer Security (TLS) before the MailFrom command can be run, but the server can't achieve it. Check the authentication settings of this connector.
Receive connector 192.168.0.2:25 requires Transport Layer Security (TLS) before the MailFrom command can be run, but the server can't achieve it. Check the authentication settings of this connector.
The "Windows default" Policy Module "Initialize" method returned an error. A directory service error has occurred. The returned status code is 0x80072095 (8341). The Active Directory containing the Certification Authority could not be contacted.
Microsoft Exchange couldn't find a certificate that contains the domain name mail.xxxx.net.au in the personal store on the local computer. Therefore, it is unable to support the STARTTLS SMTP verb for the connector Windows SBS Internet Send SBSERVER with a FQDN parameter of mail.ssssssss.net.au. If the connector's FQDN is not specified, the computer's FQDN is used. Verify the connector configuration and the installed certificates to make sure that there is a certificate with a domain name for that FQDN. If this certificate exists, run Enable-ExchangeCertificate -Services SMTP to make sure that the Microsoft Exchange Transport service has access to the certificate key.
I am at a lose as to why the server keeps throwing this error
It is driving me nuts. In the Exchange Console TLS is not even enabled!!!!
The following recipient(s) cannot be reached:
Dxxxxx@xxxxxxxxxxx.net.au on 21/05/2009 4:57 PM
You do not have permission to send to this recipient. For assistance, contact your system administrator.
<xxxxxx.com.au #5.7.1 smtp;550 5.7.1 Unable to relay for Dxxxx@xxxxxx.net.au
Receive connector 127.0.0.1:25 requires Transport Layer Security (TLS) before the MailFrom command can be run, but the server can't achieve it. Check the authentication settings of this connector.
Receive connector 192.168.0.2:25 requires Transport Layer Security (TLS) before the MailFrom command can be run, but the server can't achieve it. Check the authentication settings of this connector.
The "Windows default" Policy Module "Initialize" method returned an error. A directory service error has occurred. The returned status code is 0x80072095 (8341). The Active Directory containing the Certification Authority could not be contacted.
Microsoft Exchange couldn't find a certificate that contains the domain name mail.xxxx.net.au in the personal store on the local computer. Therefore, it is unable to support the STARTTLS SMTP verb for the connector Windows SBS Internet Send SBSERVER with a FQDN parameter of mail.ssssssss.net.au. If the connector's FQDN is not specified, the computer's FQDN is used. Verify the connector configuration and the installed certificates to make sure that there is a certificate with a domain name for that FQDN. If this certificate exists, run Enable-ExchangeCertificate
I am at a lose as to why the server keeps throwing this error
ASKER
TLS is not showing as an Auth mechanism when I do an EHLO. Does anyone know if the TLS can enable itself, as it is off now an email is working fine, but in a day or a week it will throw the messages above. HELP...arrgh
ASKER
TLS is off. But after a period of time the email starts to get the above error. Next time it happens I will do the EHLO command to see if TLS is showing up in the Auth code. The only other thing that ties in with email is the Trend Micro Messaging software, but I don't see how that could be the cause.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
http://technet.microsoft.com/en-us/library/bb217382.aspx
You obviously have TLS enable and do not have proprer certificate installed