MourantSD
asked on
Routing emails to internet directly from Hub Transport Server
Good morning. I am having a problem sending external mail, I can receive email to domain.abc no problem, however when I try to send an external mail I receive the following message: The following organization rejected your message: globalex01.internal.local,
I've checked the default receive connector and the permission groups are set to anonymous users, exchange users, exchange servers, legacy exchange servers. The Send connector seems to be setup correctly too.
Any help would be great.
Many thanks, Dylan.
I've checked the default receive connector and the permission groups are set to anonymous users, exchange users, exchange servers, legacy exchange servers. The Send connector seems to be setup correctly too.
Any help would be great.
Many thanks, Dylan.
jfletchster
Are you sending from a client like outlook or from web access. If you could try from both and report results.
Does the send connector have as address space " * "? Is it sending out through smarthost or DNS? Any external firewalls on the network?
ASKER
Hi, I get the same error message from both outlook and owa. We checked the firewall logs and nothing is leaving our hub transport server destined for message labs.
Cheers, Dylan.
Cheers, Dylan.
ASKER
The address space is set to " * " and we are using a smarthost and I've used nslookup to check I can resolve the name. I have actually had external mail working using an edge transport server, but seeing as we are behind a firewall and are using messagelabs for anti-virus and spam we removed the edge transport server.Basically I disabled the edge-sync connectors and recreate 2 send connectors, this worked for sending and receiving external mail, so I removed the edge subscription and deleted the 2 edge sync connectors and since then it hasn't worked. Could there be something left over from edge-sync causing it to fail?
Cheers, Dylan.
Cheers, Dylan.
this command will completly remove the Edge Sub;
Remove-EdgeSubscription -Identity EdgeServerName -DomainController dc.domain.local
Also make sure there are no SMTP connectors still pointing at the edge server as the edge sub is only half the config, there will actually be an SMTP connetor that used to deliver to the edge server and recive from.
Remove-EdgeSubscription -Identity EdgeServerName -DomainController dc.domain.local
Also make sure there are no SMTP connectors still pointing at the edge server as the edge sub is only half the config, there will actually be an SMTP connetor that used to deliver to the edge server and recive from.
ASKER
I've run the remove-edgesubscription command, but it comes back saying that the object cannot be found on the domain controller, can I use adsiedit to remove the object?
Cheers, Dylan.
Cheers, Dylan.
ASKER
These are the only 2 send connectors I have setup
Identity AddressSpaces Enabled
-------- ------------- -------
Inbound to Jersey {SMTP:*;100} True
Jersey to Internet {SMTP:*;100} True
AddressSpaces : {SMTP:*;100}
AuthenticationCredential :
Comment :
ConnectedDomains : {}
ConnectionInactivityTimeOu
DNSRoutingEnabled : False
DomainSecureEnabled : False
Enabled : True
ForceHELO : False
Fqdn :
HomeMTA : Microsoft MTA
HomeMtaServerId : GLOBALEX01
Identity : Inbound to Jersey
IgnoreSTARTTLS : False
IsScopedConnector : False
IsSmtpConnector : True
LinkedReceiveConnector :
MaxMessageSize : 10MB
Name : Inbound to Jersey
Port : 25
ProtocolLoggingLevel : None
RequireTLS : False
SmartHostAuthMechanism : None
SmartHosts : {[10.110.3.10]}
SmartHostsString : [10.110.3.10]
SourceIPAddress : 0.0.0.0
SourceRoutingGroup : Exchange Routing Group (DWBGZMFD01QNBJR)
SourceTransportServers : {GLOBALEX01}
UseExternalDNSServersEnabl
AddressSpaces : {SMTP:*;100}
AuthenticationCredential :
Comment :
ConnectedDomains : {}
ConnectionInactivityTimeOu
DNSRoutingEnabled : False
DomainSecureEnabled : False
Enabled : True
ForceHELO : False
Fqdn :
HomeMTA : Microsoft MTA
HomeMtaServerId : GLOBALEX01
Identity : Jersey to Internet
IgnoreSTARTTLS : False
IsScopedConnector : False
IsSmtpConnector : True
LinkedReceiveConnector :
MaxMessageSize : 10MB
Name : Jersey to Internet
Port : 25
ProtocolLoggingLevel : None
RequireTLS : False
SmartHostAuthMechanism : None
SmartHosts : {cluster5.eu.messagelabs.c
SmartHostsString : cluster5.eu.messagelabs.co
SourceIPAddress : 0.0.0.0
SourceRoutingGroup : Exchange Routing Group (DWBGZMFD01QNBJR)
SourceTransportServers : {GLOBALEX01}
UseExternalDNSServersEnabl
Cheers Dylan,
Identity AddressSpaces Enabled
-------- ------------- -------
Inbound to Jersey {SMTP:*;100} True
Jersey to Internet {SMTP:*;100} True
AddressSpaces : {SMTP:*;100}
AuthenticationCredential :
Comment :
ConnectedDomains : {}
ConnectionInactivityTimeOu
DNSRoutingEnabled : False
DomainSecureEnabled : False
Enabled : True
ForceHELO : False
Fqdn :
HomeMTA : Microsoft MTA
HomeMtaServerId : GLOBALEX01
Identity : Inbound to Jersey
IgnoreSTARTTLS : False
IsScopedConnector : False
IsSmtpConnector : True
LinkedReceiveConnector :
MaxMessageSize : 10MB
Name : Inbound to Jersey
Port : 25
ProtocolLoggingLevel : None
RequireTLS : False
SmartHostAuthMechanism : None
SmartHosts : {[10.110.3.10]}
SmartHostsString : [10.110.3.10]
SourceIPAddress : 0.0.0.0
SourceRoutingGroup : Exchange Routing Group (DWBGZMFD01QNBJR)
SourceTransportServers : {GLOBALEX01}
UseExternalDNSServersEnabl
AddressSpaces : {SMTP:*;100}
AuthenticationCredential :
Comment :
ConnectedDomains : {}
ConnectionInactivityTimeOu
DNSRoutingEnabled : False
DomainSecureEnabled : False
Enabled : True
ForceHELO : False
Fqdn :
HomeMTA : Microsoft MTA
HomeMtaServerId : GLOBALEX01
Identity : Jersey to Internet
IgnoreSTARTTLS : False
IsScopedConnector : False
IsSmtpConnector : True
LinkedReceiveConnector :
MaxMessageSize : 10MB
Name : Jersey to Internet
Port : 25
ProtocolLoggingLevel : None
RequireTLS : False
SmartHostAuthMechanism : None
SmartHosts : {cluster5.eu.messagelabs.c
SmartHostsString : cluster5.eu.messagelabs.co
SourceIPAddress : 0.0.0.0
SourceRoutingGroup : Exchange Routing Group (DWBGZMFD01QNBJR)
SourceTransportServers : {GLOBALEX01}
UseExternalDNSServersEnabl
Cheers Dylan,
The command should be run in the exchange power shell. On a server with exchange installed on it.
Do you still have 2 Send connectors configured? You only need one now you have no edge server.
Do you still have 2 Send connectors configured? You only need one now you have no edge server.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Brilliant, that's worked! I was under the impression we needed 2 send connectors. I've been pulling my hair out over this one for a couple of days! thanks for your help jfletchster.
Cheers, Dylan.
Cheers, Dylan.