SMTP SSL stopped working on exchange 2003

Hello Guys,

We have a situation here. We have 3 Exchange server, 1 front end and 2 backend. We have installed webmail/pop/RPC over HTTPS on fronend server. The frontend server has SSL installed and all services are running on same certificate. the situation is SMTP SSL just stopped working all of a sudden. It keep asking username/password when try to send email through SMTP SSL. I can download email without any problem.
If I Esc out the login window I am getting Reported error(0x800CCC7D)

Please advice....
patelkalp_aAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Shreedhar EtteCommented:
Hi,

Refer this:
http://support.microsoft.com/kb/289967

Hope this helps,
Shree
0
patelkalp_aAuthor Commented:
Thank you for your reply guys. We have office 2003 - SP3 and faceing problem for multiple users so I dont think its a problem at client side.
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

shauncroucherCommented:
Any changes recently? Any hardware changes either of the server or of networking equipment?

any updates / SP's on the server?

Did you read through this article: http://support.microsoft.com/kb/823019

It has some troubleshooting steps. Can you telnet to port 25 from outside (or the port you use for SMTP)

Shaun
0
patelkalp_aAuthor Commented:
No changes has been made. And I cant try with port 25 as it is blocked on firewall. If some one can help me to confirm my settings wtih the working settings on both Front end and backend Exchange servers...
0
shauncroucherCommented:
What port is used for SMTP? You should telnet to the port in use as I indicated. This is a basic check.

Shaun
0
patelkalp_aAuthor Commented:
I can able to telnet with port 465 and get responce from the server. but when I type echo it says "530 5. 7. 0 must issue a STARTTLS command first". From outlook 2003 - when I try to send email it keep asking for user credential, I can see the session in Exchange Sys Manager.
0
shauncroucherCommented:
OK, so port is open, it is also requesting STARTTLS - good signs.

So, this just started happening for ALL users, so no-one is able to send mail at the moment?

Is the certificate ok? If you navigate to OWA (assuming this is the same certificate), are there any certificate warnings? When does the certificate expire? Has it expired?

Have you been through http://support.microsoft.com/kb/823019 to check settings?

Shaun
0
patelkalp_aAuthor Commented:
Certificate is fine and valid till Oct 2010. OWA is working fine too -no issue atall.

I went through this KB, the only difference I have is, I do not have TLS encryption on ourbound Security.

Here is how is is currenty setup:

on Frontend server: Default SMTP VS: basic authentication with Require TLS encryption , also Integrated Windows

Secure Communication : Communication - require Secure Channel and Require 128bit encryption

---
on both backend: Default SMTP VS: Annonymois +basic authentication + Integrated Windows
NO Certificate..

0
shauncroucherCommented:
Is this affecting all users?

Shaun
0
patelkalp_aAuthor Commented:
yes, those are allowed to use.
0
shauncroucherCommented:
Is the problem for everyone or just one user?

What I'm thinking is if this is affecting one user, just double check in the client all the settings, particularly the security settings to make sure it is using TLS (secure).

Shaun
0
patelkalp_aAuthor Commented:
All the users are having same problem.
0
shauncroucherCommented:
Check the application event log for any issues relating to TLS or certificates etc.

Shaun
0
shauncroucherCommented:
You might also wish to turn up logging on the Exchange server:

See this article: http://www.computerperformance.co.uk/exchange2003/exchange2003_logs_diagnostic.htm

Shaun
0
patelkalp_aAuthor Commented:
Hi Shaun,

can you tell me what settings should I have on Frontend and Backend Exchange servers to work SMTP-SSL properly? I just want to make sure all settings are correct.
0
shauncroucherCommented:
All the settings for SSL should be on the front end server - it seems that these are in place as expected. backend shouldn't have any SSL requirements / TLS etc as it isn't supported.

The logging and the event log together may provide you with a clue as to the fault here.

Shaun
0
patelkalp_aAuthor Commented:
I am getting this error msg:

Logon Failure:
       Reason:            An error occurred during logon
       User Name:      testone
       Domain:            
       Logon Type:      3
       Logon Process:      Advapi  
       Authentication Package:      MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
       Workstation Name:      Frontend
       Status code:      0xC000005E
       Substatus code:      0x0
       Caller User Name:      Frontend$
       Caller Domain:      TEST
       Caller Logon ID:      (0x0,0x3E7)
       Caller Process ID:      1596
       Transited Services:      -
       Source Network Address:      -
       Source Port:      -


For more information, see Help and Support Center at
0
patelkalp_aAuthor Commented:
along with this:

Logon attempt by:      MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
 Logon account:      testone
 Source Workstation:      frontend
 Error Code:      0xC0000064


For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
0
patelkalp_aAuthor Commented:
Hi Shreedhar,

thank you for the post but this is not the problem I am facing. this problem is for all POP users whoa re trying to send email.
0
Shreedhar EtteCommented:
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
patelkalp_aAuthor Commented:
Hi Shree,

thank you for all your help. Finally I am able to send email with SSL. I dont know what was the problem and how did that happen - but on front end server, Information store service was stopped. As soon as I start that sevice, SMTP starts working again.

0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Email Protocols

From novice to tech pro — start learning today.