Primary SMTP address not able to send external email.

Hi,

We are using exchange 2003 server SP2 in front end and backend configuration. front end is hosted in dmz and back end is placed in internal network.

Mail functionality is working ok for internally as well as externally except for one user. That one user can send and receive email internally but he cannot send mail externally.He can receive mail from externally. outlook 2003 is email client.

That one user has primary smtp address as fxyz@company.com and secondary address as abc@corp.companyname.com. He can receive mail successfully at fxyz@company.com from outside but he is unable to send email to outside domain.

I created new pst for user and I tried by using from field in outlook 2003 but still problem persists.

Please Help.
RJP55

rjp55Asked:
Who is Participating?
 
tusharnextgenCommented:
check if you have any sender filtering enable on exchange server.
please let us know the NDR
also error message if you try to send mail using telnet

Link
Sending an e-mail via Telnet
http://www.activexperts.com/activemail/telnet/
0
 
rjp55Author Commented:
sender filtering is not enable on the server...
0
 
abhi_akCommented:
Hi,
What about NDR (Non-Delivery Reports). Do you receive any NDR.

Have you tried sending using OWA. If not then please try and report back the observations.

Very basic question though, please verify if Outlook is connected to an Exchange Server. Try doing a message tracking on the exchange server and find out where exactly are the mails sent by this user stuck.

There can be several reasons to this. Have you done any changes to the user account.

Regards,
Abhijeet K.
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
rjp55Author Commented:
I have deleted that account and created it again when first the problem reported to me.

I want to ask basic question. What are  correct steps to create this type of new account.?

Should we create it on domain controller, or backeend server ( there is ADUC menu in exchange) or front end server ( ADUC menu in exchange)

0
 
tusharnextgenCommented:
If your front end server is in DMZ best way to create it from Backend server.( there is ADUC menu in exchange)
0
 
rjp55Author Commented:

Is the issue related to permission.

Is the user account abc@corp.companyname.com requires send on behalf of permission for another user.?
0
 
tusharnextgenCommented:
if some one wants to send on behalf of other user then only that permission is required else it is not required.
0
 
rjp55Author Commented:
But in this case we select from field in outlook 2003 and type fxyz@company.com ( this is primary smtp address ) and in the to field we give any external mail address. So the secondary smtp address namely abc@corp.companyname.com requires send on behalf of permission for another user?
0
 
tusharnextgenCommented:
1. we cannot add send on behalf rights on smtp address we can add it on mailbox only.
2. My assumption is as follows
You are logging on to the mailbox of abc@corp.companyname.com using outlook
while sending an email you use from field and add fxyz@company.com and send it to external email address

In this case how this mails is seen by external recieve is he able see that this mail is sent on behalf of abc@corp.companyname.com  from fxyz@company.com  or

simply mails sent from abc@corp.companyname.com.

Different schenareo would be until and unless you have send on behalf or send as rights you can not use send mail using from field for that user.
0
 
abhi_akCommented:
Hi,
Creation of the account does not matter. You can create it from anywhere within your forest. If you have a single Backend Server in that case by default the mailbox will go on the Backend server.

It's recommended you do not create users using the FE which is in DMZ if the FE Server is not in DMZ it wont matter.

Secondly, you see the extended Exchange attrbutes because you have the ESM installed on that particular non-exchange server.

Now as you said that you had deleted the account and re-created it, what happened with the exchange mailbox when you deleted the account ADUC will ask you weather you want to purge the mailbox or not.

Do you see the mailbox in disconnected state, Have you re-connected this mailbox to any other user account. How many domain controllers do you have and how many sites has the AD been replicated across.

Did you attempt message tracking? What are the results.

Please let us know.

Regards,
Abhi
0
 
abhi_akCommented:
Also keep in mind that the user can send emails using only his primary address and nothing else whereas he can always receive mails on any no. of SMTP addresses that you add on to him.

This is a feature limitation of Exchange and nothing can be done in this case. Send On behalf and Send-As is not applicable over here. They will come into picture only and only if you have multiple accounts and your primary user wants to send a mail on behalf of you or wants to impersonate your account.

I hope this is clear. let me know if you have any doubts.
0
 
rjp55Author Commented:
Hi Experts,

My problem is solved. The particular user can send and receive email internally and externally. This is fixed by doing following.

Using ESM under default virtual server properties of FE and BE I have deselected Perform reverse dns lookup on incoming messages.

I still not able to figure out how this worked....

Initially I have selected this option to limit spam messages coming into domain...

 

0
 
abhi_akCommented:
This can be a mere co-incidence coz Reverse lookup on incoming mails has nothing to do with the users ability to send out emails.....

As you said, you had deleted the user's account and then re-created it immidiately this has something to do with either AD Replication or Exchange Maintainence Interval which by default happens once in 24hrs.

Regards,
Abhi
0
 
rjp55Author Commented:
You may be right, Abhi, reverse dns lookup has nothing to do with incoming mails but I think some mail servers does not accept mails if reverse dns lookup is enabled.

RJP 55
0
 
abhi_akCommented:
If enabled, Reverse DNS lookup checks if you have a valid PTR record for the domain you are sending mail from its enabled on the receipient end.

So if you enable/disable reverse DNS lookup it will affect on the mails that your server receives. :)

Especially, it wont affect a single user.... LOL... anyways... its Microsoft... :) Good that you got it sorted..

Regards,
Abhi
0
 
rjp55Author Commented:

Thanks for your expert opinions...

Regards
RJP55
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.