?
Solved

Primary SMTP address not able to send external email.

Posted on 2010-01-04
16
Medium Priority
?
704 Views
Last Modified: 2013-11-30
Hi,

We are using exchange 2003 server SP2 in front end and backend configuration. front end is hosted in dmz and back end is placed in internal network.

Mail functionality is working ok for internally as well as externally except for one user. That one user can send and receive email internally but he cannot send mail externally.He can receive mail from externally. outlook 2003 is email client.

That one user has primary smtp address as fxyz@company.com and secondary address as abc@corp.companyname.com. He can receive mail successfully at fxyz@company.com from outside but he is unable to send email to outside domain.

I created new pst for user and I tried by using from field in outlook 2003 but still problem persists.

Please Help.
RJP55

0
Comment
Question by:rjp55
  • 7
  • 5
  • 4
16 Comments
 
LVL 3

Accepted Solution

by:
tusharnextgen earned 800 total points
ID: 26170854
check if you have any sender filtering enable on exchange server.
please let us know the NDR
also error message if you try to send mail using telnet

Link
Sending an e-mail via Telnet
http://www.activexperts.com/activemail/telnet/
0
 

Author Comment

by:rjp55
ID: 26170863
sender filtering is not enable on the server...
0
 
LVL 5

Assisted Solution

by:abhi_ak
abhi_ak earned 1200 total points
ID: 26170949
Hi,
What about NDR (Non-Delivery Reports). Do you receive any NDR.

Have you tried sending using OWA. If not then please try and report back the observations.

Very basic question though, please verify if Outlook is connected to an Exchange Server. Try doing a message tracking on the exchange server and find out where exactly are the mails sent by this user stuck.

There can be several reasons to this. Have you done any changes to the user account.

Regards,
Abhijeet K.
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 

Author Comment

by:rjp55
ID: 26171632
I have deleted that account and created it again when first the problem reported to me.

I want to ask basic question. What are  correct steps to create this type of new account.?

Should we create it on domain controller, or backeend server ( there is ADUC menu in exchange) or front end server ( ADUC menu in exchange)

0
 
LVL 3

Assisted Solution

by:tusharnextgen
tusharnextgen earned 800 total points
ID: 26171650
If your front end server is in DMZ best way to create it from Backend server.( there is ADUC menu in exchange)
0
 

Author Comment

by:rjp55
ID: 26172004

Is the issue related to permission.

Is the user account abc@corp.companyname.com requires send on behalf of permission for another user.?
0
 
LVL 3

Expert Comment

by:tusharnextgen
ID: 26172042
if some one wants to send on behalf of other user then only that permission is required else it is not required.
0
 

Author Comment

by:rjp55
ID: 26172318
But in this case we select from field in outlook 2003 and type fxyz@company.com ( this is primary smtp address ) and in the to field we give any external mail address. So the secondary smtp address namely abc@corp.companyname.com requires send on behalf of permission for another user?
0
 
LVL 3

Expert Comment

by:tusharnextgen
ID: 26172404
1. we cannot add send on behalf rights on smtp address we can add it on mailbox only.
2. My assumption is as follows
You are logging on to the mailbox of abc@corp.companyname.com using outlook
while sending an email you use from field and add fxyz@company.com and send it to external email address

In this case how this mails is seen by external recieve is he able see that this mail is sent on behalf of abc@corp.companyname.com  from fxyz@company.com  or

simply mails sent from abc@corp.companyname.com.

Different schenareo would be until and unless you have send on behalf or send as rights you can not use send mail using from field for that user.
0
 
LVL 5

Assisted Solution

by:abhi_ak
abhi_ak earned 1200 total points
ID: 26178203
Hi,
Creation of the account does not matter. You can create it from anywhere within your forest. If you have a single Backend Server in that case by default the mailbox will go on the Backend server.

It's recommended you do not create users using the FE which is in DMZ if the FE Server is not in DMZ it wont matter.

Secondly, you see the extended Exchange attrbutes because you have the ESM installed on that particular non-exchange server.

Now as you said that you had deleted the account and re-created it, what happened with the exchange mailbox when you deleted the account ADUC will ask you weather you want to purge the mailbox or not.

Do you see the mailbox in disconnected state, Have you re-connected this mailbox to any other user account. How many domain controllers do you have and how many sites has the AD been replicated across.

Did you attempt message tracking? What are the results.

Please let us know.

Regards,
Abhi
0
 
LVL 5

Expert Comment

by:abhi_ak
ID: 26178212
Also keep in mind that the user can send emails using only his primary address and nothing else whereas he can always receive mails on any no. of SMTP addresses that you add on to him.

This is a feature limitation of Exchange and nothing can be done in this case. Send On behalf and Send-As is not applicable over here. They will come into picture only and only if you have multiple accounts and your primary user wants to send a mail on behalf of you or wants to impersonate your account.

I hope this is clear. let me know if you have any doubts.
0
 

Author Comment

by:rjp55
ID: 26180653
Hi Experts,

My problem is solved. The particular user can send and receive email internally and externally. This is fixed by doing following.

Using ESM under default virtual server properties of FE and BE I have deselected Perform reverse dns lookup on incoming messages.

I still not able to figure out how this worked....

Initially I have selected this option to limit spam messages coming into domain...

 

0
 
LVL 5

Assisted Solution

by:abhi_ak
abhi_ak earned 1200 total points
ID: 26180830
This can be a mere co-incidence coz Reverse lookup on incoming mails has nothing to do with the users ability to send out emails.....

As you said, you had deleted the user's account and then re-created it immidiately this has something to do with either AD Replication or Exchange Maintainence Interval which by default happens once in 24hrs.

Regards,
Abhi
0
 

Author Comment

by:rjp55
ID: 26181147
You may be right, Abhi, reverse dns lookup has nothing to do with incoming mails but I think some mail servers does not accept mails if reverse dns lookup is enabled.

RJP 55
0
 
LVL 5

Expert Comment

by:abhi_ak
ID: 26181238
If enabled, Reverse DNS lookup checks if you have a valid PTR record for the domain you are sending mail from its enabled on the receipient end.

So if you enable/disable reverse DNS lookup it will affect on the mails that your server receives. :)

Especially, it wont affect a single user.... LOL... anyways... its Microsoft... :) Good that you got it sorted..

Regards,
Abhi
0
 

Author Comment

by:rjp55
ID: 26181941

Thanks for your expert opinions...

Regards
RJP55
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Stellar Exchange Toolkit: this 5 in 1 toolkit comes loaded with mega-software tool. Here’s an introduction to tools’ usage and advantages:
In this post, we will learn to set up the Group Naming policy and will see how it is going to impact the Display Name and the Email addresses of the Group.
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

580 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question