Solved

4.4.1 AND 4.4.2 SMTP Send Errors

Posted on 2010-08-24
42
1,957 Views
Last Modified: 2012-05-10
I am having a big problem with not being able to send email to some domains outside my network.  Some email goes but most does not.  This is a new install of Exchange 2007 SP1 on a Win 2003 virtual machine.  I have setup a RDNS/PTR record with my ISP as well as setting up the appropriate records for the domain using http://www.zoneedit.com for my managed external DNS.  According to http://www.mxtoolbox.com everything is setup properly.  The contents of my SMTP Send log are:
------------------------------------
2010-08-24T17:14:47.339Z,SMTP,08CD1116152857BE,0,,209.150.204.167:25,*,,attempting to connect
2010-08-24T17:14:47.417Z,SMTP,08CD1116152857BE,1,192.168.0.95:19857,209.150.204.167:25,+,,
2010-08-24T17:14:47.495Z,SMTP,08CD1116152857BE,2,192.168.0.95:19857,209.150.204.167:25,<,"220 Server10.rmisecurity.net Microsoft ESMTP MAIL Service ready at Tue, 24 Aug 2010 11:14:47 -0600",
2010-08-24T17:14:47.495Z,SMTP,08CD1116152857BE,3,192.168.0.95:19857,209.150.204.167:25,>,EHLO tbc-exch.thouttbrosinc.com,
2010-08-24T17:14:47.573Z,SMTP,08CD1116152857BE,4,192.168.0.95:19857,209.150.204.167:25,<,250-Server10.rmisecurity.net Hello [70.89.160.225],
2010-08-24T17:14:47.573Z,SMTP,08CD1116152857BE,5,192.168.0.95:19857,209.150.204.167:25,<,250-SIZE,
2010-08-24T17:14:47.573Z,SMTP,08CD1116152857BE,6,192.168.0.95:19857,209.150.204.167:25,<,250-PIPELINING,
2010-08-24T17:14:47.573Z,SMTP,08CD1116152857BE,7,192.168.0.95:19857,209.150.204.167:25,<,250-DSN,
2010-08-24T17:14:47.573Z,SMTP,08CD1116152857BE,8,192.168.0.95:19857,209.150.204.167:25,<,250-ENHANCEDSTATUSCODES,
2010-08-24T17:14:47.573Z,SMTP,08CD1116152857BE,9,192.168.0.95:19857,209.150.204.167:25,<,250-STARTTLS,
2010-08-24T17:14:47.573Z,SMTP,08CD1116152857BE,10,192.168.0.95:19857,209.150.204.167:25,<,250-X-ANONYMOUSTLS,
2010-08-24T17:14:47.573Z,SMTP,08CD1116152857BE,11,192.168.0.95:19857,209.150.204.167:25,<,250-AUTH NTLM,
2010-08-24T17:14:47.573Z,SMTP,08CD1116152857BE,12,192.168.0.95:19857,209.150.204.167:25,<,250-X-EXPS GSSAPI NTLM,
2010-08-24T17:14:47.573Z,SMTP,08CD1116152857BE,13,192.168.0.95:19857,209.150.204.167:25,<,250-8BITMIME,
2010-08-24T17:14:47.573Z,SMTP,08CD1116152857BE,14,192.168.0.95:19857,209.150.204.167:25,<,250-BINARYMIME,
2010-08-24T17:14:47.573Z,SMTP,08CD1116152857BE,15,192.168.0.95:19857,209.150.204.167:25,<,250-CHUNKING,
2010-08-24T17:14:47.573Z,SMTP,08CD1116152857BE,16,192.168.0.95:19857,209.150.204.167:25,<,250-XEXCH50,
2010-08-24T17:14:47.573Z,SMTP,08CD1116152857BE,17,192.168.0.95:19857,209.150.204.167:25,<,250-XRDST,
2010-08-24T17:14:47.573Z,SMTP,08CD1116152857BE,18,192.168.0.95:19857,209.150.204.167:25,<,250 XSHADOW,
2010-08-24T17:14:47.573Z,SMTP,08CD1116152857BE,19,192.168.0.95:19857,209.150.204.167:25,>,STARTTLS,
2010-08-24T17:14:47.651Z,SMTP,08CD1116152857BE,20,192.168.0.95:19857,209.150.204.167:25,<,220 2.0.0 SMTP server ready,
2010-08-24T17:14:47.651Z,SMTP,08CD1116152857BE,21,192.168.0.95:19857,209.150.204.167:25,*,,Sending certificate
2010-08-24T17:14:47.651Z,SMTP,08CD1116152857BE,22,192.168.0.95:19857,209.150.204.167:25,*,CN=tbc-exch.thouttbrosinc.com,Certificate subject
2010-08-24T17:14:47.651Z,SMTP,08CD1116152857BE,23,192.168.0.95:19857,209.150.204.167:25,*,CN=tbc-exch.thouttbrosinc.com,Certificate issuer name
2010-08-24T17:14:47.651Z,SMTP,08CD1116152857BE,24,192.168.0.95:19857,209.150.204.167:25,*,C03DB4E2349C5CB34AD5CF50FA72DC45,Certificate serial number
2010-08-24T17:14:47.651Z,SMTP,08CD1116152857BE,25,192.168.0.95:19857,209.150.204.167:25,*,D3A4AD300E5A09E532CEB9936781ED74CEA4368A,Certificate thumbprint
2010-08-24T17:14:47.651Z,SMTP,08CD1116152857BE,26,192.168.0.95:19857,209.150.204.167:25,*,tbc-exch.thouttbrosinc.com;email.thouttbrosinc.com;autodiscover.thouttbrosinc.com;thouttbrosinc.com,Certificate alternate names
------------------------------------------
I don't see anything there to indicate a reason for the error.  I ran a dcdiag /test:dns /v /dns.txt and the results are:
-----------------------------------------
TEST: Records registration (RReg)
                  Network Adapter

                  [00000017] Microsoft Virtual Network Switch Adapter:

                     Warning:
                     Missing A record at DNS server 192.168.0.93:
                     TBC-DC-1.thouttbrosinc.com
                     
               Warning: Record Registrations not found in some network adapters

         
               TBC-DC-1                     PASS PASS PASS PASS PASS WARN n/a  
         ......................... thouttbrosinc.com passed test DNS
-------------------------------------------
Again, I don't see anything that would indicate a major issue.  

If anybody has any ideas I would greatly appreciate them.  I have been working on this for days now and people are starting to get a bit agitated.  If more info is needed to help just let me know.  Thanks.
0
Comment
Question by:jb1023
  • 21
  • 11
  • 10
42 Comments
 
LVL 7

Expert Comment

by:jamie_gillespie
ID: 33514624
When did you set things up?

Some record changes can take up to 24 hours to append
0
 

Author Comment

by:jb1023
ID: 33514676
It has been about 10 days or so.
0
 
LVL 7

Expert Comment

by:jamie_gillespie
ID: 33514809
Have you tried using a smarthost?
0
 
LVL 3

Expert Comment

by:Dave_LaSalle
ID: 33515041
2010-08-4T17:14:47.573Z,SMTP,08CD1116152857BE,4,192.168.0.95:19857,209.150.204.167:25,<,250-Server10.rmisecurity.net Hello [70.89.160.225],

who is 70.89.160.225 in this conversation?
0
 
LVL 7

Expert Comment

by:jamie_gillespie
ID: 33515089
I think this is your ISP?
http://business.comcast.com/
0
 
LVL 7

Expert Comment

by:jamie_gillespie
ID: 33515103
Authors ISP sorry
0
 

Author Comment

by:jb1023
ID: 33515230
No.  I had this all working on a previous server till it died and my backups were of the db only, not the settings.  I suppose I could try that for a bit to see if it would work but ultimately I want to figure out why I am having this problem.  My host name is the same, tbc-exch.thouttbrosinc.com and my IP is the same, 70.89.160.227 and thus I am lost.  I will contact Comcast to see what they say about me using them as a smarthost in the meantime though.
0
 

Author Comment

by:jb1023
ID: 33515303
225 is the wan port on my firewall.  Not sure why that would be inserting itself there.  I have one-to-one NAT setup adn 227 is assigned to the Exchange services.
0
 
LVL 3

Expert Comment

by:Dave_LaSalle
ID: 33515376
Is 192.168.0.95 the same ip as the old server or a new one?  If new you may need to adjust your firewall address transforms for the new IP  (that would be for outbound connections from your exchange server to show as .227)
0
 
LVL 7

Expert Comment

by:jamie_gillespie
ID: 33515388
Comcast may be preventing you from sending
0
 

Author Comment

by:jb1023
ID: 33515533
Dave,
.95 was assigned to the old and now to the new server.  Same with .227 for the external, it was both the old and the new.

Jamie,
I called Comcast and "they said" they were not blocking any traffic.  Of course when setting up the RDNS it also too 4 calls over 2 days before they spelled my URL correctly.
0
 
LVL 7

Expert Comment

by:jamie_gillespie
ID: 33515619
Really strange,

Are you getting any bouncebacks, or is it just delay messages?
0
 

Author Comment

by:jb1023
ID: 33515692
We get a delay message after 4 hrs and then a queue expired notice after 2 days (#550 4.4.7 QUEUE.Expired; message expired ##).

I just can't figure out why my server would be responding with the IP of my WAN port rather than its own NAT assigned IP.
0
 
LVL 7

Expert Comment

by:jamie_gillespie
ID: 33515807
Try just using DNS instead of Smarthost to troubleshoot
0
 
LVL 3

Expert Comment

by:Dave_LaSalle
ID: 33515815
I think your emails are getting blocked by servers that enforce "HELO Restrictions"
That happens when there is no A, PTR, MX or FQDN record for the IP of a host that is connecting to it.
I could not find any records (obviously) for the wan port of your firewall

Was there some MAC address assoc. with the old server in your firewall config?
0
 
LVL 7

Expert Comment

by:jamie_gillespie
ID: 33515884
Take out the smarthost to test and chase up the people that sort your records out
0
 

Author Comment

by:jb1023
ID: 33515963
I think I have my A, PTR, MX and FQDN all setup correctly.  When I run the tools at mxtoolbox.com everything comes back with the correct info.  I just checked my public DNS settings on zoneedit as well as verify that godaddy had the correct DNS servers listed and that is all correct.  I also added an SPF record to zoneedit, just because I've seen that pop up in a few threads but did not expect much as I've never had to have one before.

I definitely did not have any sort of MAC address associations in my firewall.
0
 
LVL 7

Expert Comment

by:jamie_gillespie
ID: 33516000
Have you tried removing the smarthost?

When you do it you will need to restart SMTP
0
 

Author Comment

by:jb1023
ID: 33516008
I don't have a smarthost.  Not sure what you mean by "chase up the people that sort your records out".  If you are talking about DNS settings, Comcast hosts our RDNS but for all other DNS records I have an account with Zoneedit and manage that myself.
0
 

Author Comment

by:jb1023
ID: 33516038
Thanks Jamie and Dave, I appreciate both of you taking the time to help.  I'll be back in 90 minutes as I have to leave the office but will continue this when I get back.  Thanks again.
0
 
LVL 7

Expert Comment

by:jamie_gillespie
ID: 33516115
Not to worry, will be interesting to find out what the issue is
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 3

Expert Comment

by:Dave_LaSalle
ID: 33516363
Yes your records are correct for your smtp server but if responding smtp servers or MTAs are checking info on your WAN IP (because that is what is in the helo responce) what will they see... not much.

Also mxtoolbox diagnostics will only prove that they can send you mail, not the other way around.
I think at this point that your firewall see something different about your new server for some reason... port, mac, i don't know.  Was your old server multi-homed?
0
 

Author Comment

by:jb1023
ID: 33517107
I'm not seeing anything in the firewall but obviously it is there somewhere so I will keep looking.  The only references to the .225 IP I can find is in reference to the WAN address.  

The Exchange server is actually running on a virtual OS with only a single virtual adapter but it is hosted on a multi-homed server, if that matters.
0
 

Author Comment

by:jb1023
ID: 33517560
So after making the change in the firewall, as per dpk_wal, this is what I get when I try to send an email.  Obviously they still don't go but I don't see the wrong IP anymore but now I don't see any IP at all.
___________________________________________________________________________________
2010-08-25T01:33:35.112Z,SMTP,08CD111615286874,15,192.168.0.95:29651,208.65.145.11:25,-,,Remote
2010-08-25T01:33:35.159Z,SMTP,08CD111615286874,1,192.168.0.95:29677,208.65.145.11:25,+,,
2010-08-25T01:33:35.190Z,SMTP,08CD111615286874,2,192.168.0.95:29677,208.65.145.11:25,<,"220 p02c12m074.mxlogic.net ESMTP mxl_mta-6.7.0-1 [74310940.4702780.00-2003]; Tue, 24 Aug 2010 19:33:35 -0600 (MDT); NO UCE, INBOUND",
2010-08-25T01:33:35.190Z,SMTP,08CD111615286874,3,192.168.0.95:29677,208.65.145.11:25,>,EHLO tbc-exch.thouttbrosinc.com,
2010-08-25T01:33:35.237Z,SMTP,08CD111615286874,4,192.168.0.95:29677,208.65.145.11:25,<,250-p02c12m074.mxlogic.net,
2010-08-25T01:33:35.237Z,SMTP,08CD111615286874,5,192.168.0.95:29677,208.65.145.11:25,<,250-SIZE 0,
2010-08-25T01:33:35.237Z,SMTP,08CD111615286874,6,192.168.0.95:29677,208.65.145.11:25,<,250-STARTTLS,
2010-08-25T01:33:35.237Z,SMTP,08CD111615286874,7,192.168.0.95:29677,208.65.145.11:25,<,250-SUBMITTER,
2010-08-25T01:33:35.237Z,SMTP,08CD111615286874,8,192.168.0.95:29677,208.65.145.11:25,<,250 PIPELINING,
2010-08-25T01:33:35.237Z,SMTP,08CD111615286874,9,192.168.0.95:29677,208.65.145.11:25,*,5323,sending message
2010-08-25T01:33:35.237Z,SMTP,08CD111615286874,10,192.168.0.95:29677,208.65.145.11:25,>,MAIL FROM:<janice@thouttbrosinc.com> SIZE=48161,
2010-08-25T01:33:35.237Z,SMTP,08CD111615286874,11,192.168.0.95:29677,208.65.145.11:25,>,RCPT TO:<dlawrenc@ball.com>,
2010-08-25T01:33:35.268Z,SMTP,08CD111615286874,12,192.168.0.95:29677,208.65.145.11:25,<,250 Sender Ok,
0
 
LVL 3

Expert Comment

by:Dave_LaSalle
ID: 33520867
I don't see a post from dpk_wal, what was changed?  What FW are you using if you care to say?
0
 

Author Comment

by:jb1023
ID: 33522533
SonicWall 2040 Enhanced OS.  

Actually the post in my thread was from bryon44035v3 who referenced an earlier thread by dpk_wal, sorry for the confusion on that.
http://www.experts-exchange.com/Security/Software_Firewalls/Enterprise_Firewalls/Q_26427090.html

0
 

Author Comment

by:jb1023
ID: 33522604
Here is a recent log entry form the SMTP Send Log:
___________________________________________________________________________________
2010-08-25T15:08:20.134Z,SMTP,08CD1116152874A6,0,,216.32.180.22:25,*,,attempting to connect
2010-08-25T15:08:20.212Z,SMTP,08CD1116152874A6,1,192.168.0.95:40489,216.32.180.22:25,+,,
2010-08-25T15:08:20.275Z,SMTP,08CD1116152874A6,2,192.168.0.95:40489,216.32.180.22:25,<,"220 VA3EHSMHS022.bigfish.com Microsoft ESMTP MAIL Service ready at Wed, 25 Aug 2010 15:08:20 +0000",
2010-08-25T15:08:20.275Z,SMTP,08CD1116152874A6,3,192.168.0.95:40489,216.32.180.22:25,>,EHLO tbc-exch.thouttbrosinc.com,
2010-08-25T15:08:20.337Z,SMTP,08CD1116152874A6,4,192.168.0.95:40489,216.32.180.22:25,<,250-VA3EHSMHS022.bigfish.com Hello [70.89.160.227],
2010-08-25T15:08:20.337Z,SMTP,08CD1116152874A6,5,192.168.0.95:40489,216.32.180.22:25,<,250-SIZE 157286400,
2010-08-25T15:08:20.337Z,SMTP,08CD1116152874A6,6,192.168.0.95:40489,216.32.180.22:25,<,250-PIPELINING,
2010-08-25T15:08:20.337Z,SMTP,08CD1116152874A6,7,192.168.0.95:40489,216.32.180.22:25,<,250-ENHANCEDSTATUSCODES,
2010-08-25T15:08:20.337Z,SMTP,08CD1116152874A6,8,192.168.0.95:40489,216.32.180.22:25,<,250-STARTTLS,
2010-08-25T15:08:20.337Z,SMTP,08CD1116152874A6,9,192.168.0.95:40489,216.32.180.22:25,<,250-AUTH,
2010-08-25T15:08:20.337Z,SMTP,08CD1116152874A6,10,192.168.0.95:40489,216.32.180.22:25,<,250-8BITMIME,
2010-08-25T15:08:20.337Z,SMTP,08CD1116152874A6,11,192.168.0.95:40489,216.32.180.22:25,<,250-BINARYMIME,
2010-08-25T15:08:20.337Z,SMTP,08CD1116152874A6,12,192.168.0.95:40489,216.32.180.22:25,<,250 CHUNKING,
2010-08-25T15:08:20.337Z,SMTP,08CD1116152874A6,13,192.168.0.95:40489,216.32.180.22:25,>,STARTTLS,
2010-08-25T15:08:20.400Z,SMTP,08CD1116152874A6,14,192.168.0.95:40489,216.32.180.22:25,<,220 2.0.0 SMTP server ready,
2010-08-25T15:08:20.400Z,SMTP,08CD1116152874A6,15,192.168.0.95:40489,216.32.180.22:25,*,,Sending certificate
2010-08-25T15:08:20.400Z,SMTP,08CD1116152874A6,16,192.168.0.95:40489,216.32.180.22:25,*,CN=tbc-exch.thouttbrosinc.com,Certificate subject
2010-08-25T15:08:20.400Z,SMTP,08CD1116152874A6,17,192.168.0.95:40489,216.32.180.22:25,*,CN=tbc-exch.thouttbrosinc.com,Certificate issuer name
2010-08-25T15:08:20.400Z,SMTP,08CD1116152874A6,18,192.168.0.95:40489,216.32.180.22:25,*,C03DB4E2349C5CB34AD5CF50FA72DC45,Certificate serial number
2010-08-25T15:08:20.400Z,SMTP,08CD1116152874A6,19,192.168.0.95:40489,216.32.180.22:25,*,D3A4AD300E5A09E532CEB9936781ED74CEA4368A,Certificate thumbprint
2010-08-25T15:08:20.400Z,SMTP,08CD1116152874A6,20,192.168.0.95:40489,216.32.180.22:25,*,tbc-exch.thouttbrosinc.com;email.thouttbrosinc.com;autodiscover.thouttbrosinc.com;thouttbrosinc.com,Certificate alternate names
-----------------------------------------------------------------------------------------------------------------------------

As you can see the correct IP is now being issued and yet the email is still not flowing.  One thing I noticed is that the certificate gets issued, an acknowledgment of sorts and then nothing.  Could there be something with my certificate that is causing a problem?  Sorry, I'm grasping at this point.
0
 
LVL 3

Expert Comment

by:Dave_LaSalle
ID: 33523635
pls check your postmaster mailbox
0
 

Author Comment

by:jb1023
ID: 33527399
I just setup a postmaster mailbox this morning but so far there is nothing in it.

In addition to the firewall not being setup right I also discovered that I was using the wrong SSL cert.  Both are now fixed and yet the problem continues.  Here is a section of the queue after fixing the SSL.  It says it is sending but the message just sits in the queue.

___________________________________________________________________________________
2010-08-26T00:43:30.069Z,SMTP,08CD111615288A8F,0,,65.54.188.72:25,*,,attempting to connect
2010-08-26T00:43:30.131Z,SMTP,08CD111615288A8F,1,192.168.0.95:53323,65.54.188.72:25,+,,
2010-08-26T00:43:30.194Z,SMTP,08CD111615288A8F,2,192.168.0.95:53323,65.54.188.72:25,<,"220 bay0-mc1-f8.Bay0.hotmail.com Sending unsolicited commercial or bulk e-mail to Microsoft's computer network is prohibited. Other restrictions are found at http://privacy.msn.com/Anti-spam/. Violations will result in use of equipment located in California and other states. Wed, 25 Aug 2010 17:43:30 -0700 ",
2010-08-26T00:43:30.194Z,SMTP,08CD111615288A8F,3,192.168.0.95:53323,65.54.188.72:25,>,EHLO tbc-exch.thouttbrosinc.com,
2010-08-26T00:43:30.256Z,SMTP,08CD111615288A8F,4,192.168.0.95:53323,65.54.188.72:25,<,250-bay0-mc1-f8.Bay0.hotmail.com (3.11.0.113) Hello [70.89.160.227],
2010-08-26T00:43:30.256Z,SMTP,08CD111615288A8F,5,192.168.0.95:53323,65.54.188.72:25,<,250-SIZE 29696000,
2010-08-26T00:43:30.256Z,SMTP,08CD111615288A8F,6,192.168.0.95:53323,65.54.188.72:25,<,250-PIPELINING,
2010-08-26T00:43:30.256Z,SMTP,08CD111615288A8F,7,192.168.0.95:53323,65.54.188.72:25,<,250-8bitmime,
2010-08-26T00:43:30.256Z,SMTP,08CD111615288A8F,8,192.168.0.95:53323,65.54.188.72:25,<,250-BINARYMIME,
2010-08-26T00:43:30.256Z,SMTP,08CD111615288A8F,9,192.168.0.95:53323,65.54.188.72:25,<,250-CHUNKING,
2010-08-26T00:43:30.256Z,SMTP,08CD111615288A8F,10,192.168.0.95:53323,65.54.188.72:25,<,250-AUTH LOGIN,
2010-08-26T00:43:30.256Z,SMTP,08CD111615288A8F,11,192.168.0.95:53323,65.54.188.72:25,<,250-AUTH=LOGIN,
2010-08-26T00:43:30.256Z,SMTP,08CD111615288A8F,12,192.168.0.95:53323,65.54.188.72:25,<,250 OK,
2010-08-26T00:43:30.256Z,SMTP,08CD111615288A8F,13,192.168.0.95:53323,65.54.188.72:25,*,6391,sending message
2010-08-26T00:43:30.256Z,SMTP,08CD111615288A8F,14,192.168.0.95:53323,65.54.188.72:25,>,MAIL FROM:<jeff@thouttbrosinc.com> SIZE=2190,
2010-08-26T00:43:30.256Z,SMTP,08CD111615288A8F,15,192.168.0.95:53323,65.54.188.72:25,>,RCPT TO:<jbulick@hotmail.com>,
2010-08-26T00:43:30.319Z,SMTP,08CD111615288A8F,16,192.168.0.95:53323,65.54.188.72:25,<,250 jeff@thouttbrosinc.com....Sender OK,
2010-08-26T00:44:28.444Z,SMTP,08CD111615288A8F,17,192.168.0.95:53323,65.54.188.72:25,-,,Remote
0
 
LVL 3

Expert Comment

by:Dave_LaSalle
ID: 33531394
Hmm, no bounce... something picked it up from yesterday.
Re-sent check now.
0
 

Author Comment

by:jb1023
ID: 33531499
I was just able to obtain a receive log from one of the domains that we are not able to send email to.  I am including the pertinant part of each log so things can be matched up in the hopes that somebody might see something.  The one thing I do see is a time out on the receive log.  Could all of my emails really be timing out?  I have the default values on my exchange server for timeouts so perhaps I need to bump them up some?


SEND
-------------------------------------------------------------------------------------------------------------------------------
2010-08-26T13:23:28.963Z,SMTP,08CD111615288D13,0,,209.150.204.167:25,*,,attempting to connect
2010-08-26T13:23:29.025Z,SMTP,08CD111615288D13,1,192.168.0.95:56087,209.150.204.167:25,+,,
2010-08-26T13:23:29.103Z,SMTP,08CD111615288D13,2,192.168.0.95:56087,209.150.204.167:25,<,"220 Server10.rmisecurity.net Microsoft ESMTP MAIL Service ready at Thu, 26 Aug 2010 07:23:28 -0600",
2010-08-26T13:23:29.103Z,SMTP,08CD111615288D13,3,192.168.0.95:56087,209.150.204.167:25,>,EHLO tbc-exch.thouttbrosinc.com,
2010-08-26T13:23:29.181Z,SMTP,08CD111615288D13,4,192.168.0.95:56087,209.150.204.167:25,<,250-Server10.rmisecurity.net Hello [70.89.160.227],
2010-08-26T13:23:29.181Z,SMTP,08CD111615288D13,5,192.168.0.95:56087,209.150.204.167:25,<,250-SIZE,
2010-08-26T13:23:29.181Z,SMTP,08CD111615288D13,6,192.168.0.95:56087,209.150.204.167:25,<,250-PIPELINING,
2010-08-26T13:23:29.181Z,SMTP,08CD111615288D13,7,192.168.0.95:56087,209.150.204.167:25,<,250-DSN,
2010-08-26T13:23:29.181Z,SMTP,08CD111615288D13,8,192.168.0.95:56087,209.150.204.167:25,<,250-ENHANCEDSTATUSCODES,
2010-08-26T13:23:29.181Z,SMTP,08CD111615288D13,9,192.168.0.95:56087,209.150.204.167:25,<,250-STARTTLS,
2010-08-26T13:23:29.181Z,SMTP,08CD111615288D13,10,192.168.0.95:56087,209.150.204.167:25,<,250-X-ANONYMOUSTLS,
2010-08-26T13:23:29.181Z,SMTP,08CD111615288D13,11,192.168.0.95:56087,209.150.204.167:25,<,250-AUTH NTLM,
2010-08-26T13:23:29.181Z,SMTP,08CD111615288D13,12,192.168.0.95:56087,209.150.204.167:25,<,250-X-EXPS GSSAPI NTLM,
2010-08-26T13:23:29.181Z,SMTP,08CD111615288D13,13,192.168.0.95:56087,209.150.204.167:25,<,250-8BITMIME,
2010-08-26T13:23:29.181Z,SMTP,08CD111615288D13,14,192.168.0.95:56087,209.150.204.167:25,<,250-BINARYMIME,
2010-08-26T13:23:29.181Z,SMTP,08CD111615288D13,15,192.168.0.95:56087,209.150.204.167:25,<,250-CHUNKING,
2010-08-26T13:23:29.181Z,SMTP,08CD111615288D13,16,192.168.0.95:56087,209.150.204.167:25,<,250-XEXCH50,
2010-08-26T13:23:29.181Z,SMTP,08CD111615288D13,17,192.168.0.95:56087,209.150.204.167:25,<,250-XRDST,
2010-08-26T13:23:29.181Z,SMTP,08CD111615288D13,18,192.168.0.95:56087,209.150.204.167:25,<,250 XSHADOW,
2010-08-26T13:23:29.181Z,SMTP,08CD111615288D13,19,192.168.0.95:56087,209.150.204.167:25,>,STARTTLS,
2010-08-26T13:23:29.244Z,SMTP,08CD111615288D13,20,192.168.0.95:56087,209.150.204.167:25,<,220 2.0.0 SMTP server ready,
2010-08-26T13:23:29.244Z,SMTP,08CD111615288D13,21,192.168.0.95:56087,209.150.204.167:25,*,,Sending certificate
2010-08-26T13:23:29.244Z,SMTP,08CD111615288D13,22,192.168.0.95:56087,209.150.204.167:25,*,"CN=thouttbrosinc.com, OU=Domain Control Validated, O=thouttbrosinc.com",Certificate subject
2010-08-26T13:23:29.244Z,SMTP,08CD111615288D13,23,192.168.0.95:56087,209.150.204.167:25,*,"SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O=""GoDaddy.com, Inc."", L=Scottsdale, S=Arizona, C=US",Certificate issuer name
2010-08-26T13:23:29.244Z,SMTP,08CD111615288D13,24,192.168.0.95:56087,209.150.204.167:25,*,27A0B080E94416,Certificate serial number
2010-08-26T13:23:29.244Z,SMTP,08CD111615288D13,25,192.168.0.95:56087,209.150.204.167:25,*,2DCAFCB00B11199E58BCBBFAEFC4760A27080D87,Certificate thumbprint
2010-08-26T13:23:29.244Z,SMTP,08CD111615288D13,26,192.168.0.95:56087,209.150.204.167:25,*,thouttbrosinc.com;www.thouttbrosinc.com;tbc-exch.thouttbrosinc.com;autodiscover.thouttbrosinc.com;email.thouttbrosinc.com,Certificate alternate names


RECEIVE
-------------------------------------------------------------------------------------------------------------------------------


2010-08-26T00:04:14.442Z,SERVER10\Default SERVER10,08CD124BDD55BB66,27,10.100.200.251:25,70.89.160.227:60113,-,,Local
2010-08-26T00:04:14.590Z,SERVER10\Default SERVER10,08CD124BDD55BB71,0,10.100.200.251:25,70.89.160.227:60227,+,,
2010-08-26T00:04:14.590Z,SERVER10\Default SERVER10,08CD124BDD55BB71,1,10.100.200.251:25,70.89.160.227:60227,*,SMTPSubmit SMTPAcceptAnySender SMTPAcceptAuthoritativeDomainSender AcceptRoutingHeaders,Set Session Permissions
2010-08-26T00:04:14.591Z,SERVER10\Default SERVER10,08CD124BDD55BB71,2,10.100.200.251:25,70.89.160.227:60227,>,"220 Server10.rmisecurity.net Microsoft ESMTP MAIL Service ready at Wed, 25 Aug 2010 18:04:14 -0600",
2010-08-26T00:04:14.661Z,SERVER10\Default SERVER10,08CD124BDD55BB71,3,10.100.200.251:25,70.89.160.227:60227,<,EHLO tbc-exch.thouttbrosinc.com,
2010-08-26T00:04:14.661Z,SERVER10\Default SERVER10,08CD124BDD55BB71,4,10.100.200.251:25,70.89.160.227:60227,>,250-Server10.rmisecurity.net Hello [70.89.160.227],
2010-08-26T00:04:14.661Z,SERVER10\Default SERVER10,08CD124BDD55BB71,5,10.100.200.251:25,70.89.160.227:60227,>,250-SIZE,
2010-08-26T00:04:14.661Z,SERVER10\Default SERVER10,08CD124BDD55BB71,6,10.100.200.251:25,70.89.160.227:60227,>,250-PIPELINING,
2010-08-26T00:04:14.661Z,SERVER10\Default SERVER10,08CD124BDD55BB71,7,10.100.200.251:25,70.89.160.227:60227,>,250-DSN,
2010-08-26T00:04:14.661Z,SERVER10\Default SERVER10,08CD124BDD55BB71,8,10.100.200.251:25,70.89.160.227:60227,>,250-ENHANCEDSTATUSCODES,
2010-08-26T00:04:14.661Z,SERVER10\Default SERVER10,08CD124BDD55BB71,9,10.100.200.251:25,70.89.160.227:60227,>,250-STARTTLS,
2010-08-26T00:04:14.661Z,SERVER10\Default SERVER10,08CD124BDD55BB71,10,10.100.200.251:25,70.89.160.227:60227,>,250-X-ANONYMOUSTLS,
2010-08-26T00:04:14.661Z,SERVER10\Default SERVER10,08CD124BDD55BB71,11,10.100.200.251:25,70.89.160.227:60227,>,250-AUTH NTLM,
2010-08-26T00:04:14.661Z,SERVER10\Default SERVER10,08CD124BDD55BB71,12,10.100.200.251:25,70.89.160.227:60227,>,250-X-EXPS GSSAPI NTLM,
2010-08-26T00:04:14.661Z,SERVER10\Default SERVER10,08CD124BDD55BB71,13,10.100.200.251:25,70.89.160.227:60227,>,250-8BITMIME,
2010-08-26T00:04:14.661Z,SERVER10\Default SERVER10,08CD124BDD55BB71,14,10.100.200.251:25,70.89.160.227:60227,>,250-BINARYMIME,
2010-08-26T00:04:14.661Z,SERVER10\Default SERVER10,08CD124BDD55BB71,15,10.100.200.251:25,70.89.160.227:60227,>,250-CHUNKING,
2010-08-26T00:04:14.661Z,SERVER10\Default SERVER10,08CD124BDD55BB71,16,10.100.200.251:25,70.89.160.227:60227,>,250-XEXCH50,
2010-08-26T00:04:14.662Z,SERVER10\Default SERVER10,08CD124BDD55BB71,17,10.100.200.251:25,70.89.160.227:60227,>,250-XRDST,
2010-08-26T00:04:14.662Z,SERVER10\Default SERVER10,08CD124BDD55BB71,18,10.100.200.251:25,70.89.160.227:60227,>,250 XSHADOW,
2010-08-26T00:04:14.741Z,SERVER10\Default SERVER10,08CD124BDD55BB71,19,10.100.200.251:25,70.89.160.227:60227,<,MAIL FROM:<jeff@thouttbrosinc.com> SIZE=3510,
2010-08-26T00:04:14.741Z,SERVER10\Default SERVER10,08CD124BDD55BB71,20,10.100.200.251:25,70.89.160.227:60227,*,08CD124BDD55BB71;2010-08-26T00:04:14.590Z;1,receiving message
2010-08-26T00:04:14.741Z,SERVER10\Default SERVER10,08CD124BDD55BB71,21,10.100.200.251:25,70.89.160.227:60227,>,250 2.1.0 Sender OK,
2010-08-26T00:09:15.615Z,SERVER10\Default SERVER10,08CD124BDD55BB71,22,10.100.200.251:25,70.89.160.227:60227,>,451 4.7.0 Timeout waiting for client input,
2010-08-26T00:09:15.615Z,SERVER10\Default SERVER10,08CD124BDD55BB71,23,10.100.200.251:25,70.89.160.227:60227,-,,Local
0
 

Author Comment

by:jb1023
ID: 33531848
msg replied to but still in queue.
0
 
LVL 3

Expert Comment

by:Dave_LaSalle
ID: 33532037
Similar here

Aug 26 10:01:26 mta postfix/smtpd[7192]: connect from tbc-exch.thouttbrosinc.com[70.89.160.227]
Aug 26 10:06:26 mta postfix/smtpd[7192]: SSL_accept error from tbc-exch.thouttbrosinc.com[70.89.160.227]: -1
Aug 26 10:06:26 mta postfix/smtpd[7192]: lost connection after STARTTLS from tbc-exch.thouttbrosinc.com[70.89.160.227]
Aug 26 10:06:26 mta postfix/smtpd[7192]: disconnect from tbc-exch.thouttbrosinc.com[70.89.160.227]
Aug 26 10:06:26 mta postfix/smtpd[7192]: connect from tbc-exch.thouttbrosinc.com[70.89.160.227]
Aug 26 10:11:26 mta postfix/anvil[7194]: statistics: max connection rate 1/60s for (smtp:70.89.160.227) at Aug 26 10:01:26
Aug 26 10:11:26 mta postfix/anvil[7194]: statistics: max connection count 1 for (smtp:70.89.160.227) at Aug 26 10:01:26
Aug 26 10:11:26 mta postfix/anvil[7194]: statistics: max cache size 2 at Aug 26 10:01:34
Aug 26 10:11:27 mta postfix/smtpd[7192]: timeout after MAIL from tbc-exch.thouttbrosinc.com[70.89.160.227]
Aug 26 10:11:27 mta postfix/smtpd[7192]: disconnect from tbc-exch.thouttbrosinc.com[70.89.160.227]
Aug 26 10:12:27 mta postfix/smtpd[7192]: connect from tbc-exch.thouttbrosinc.com[70.89.160.227]
Aug 26 10:17:27 mta postfix/smtpd[7192]: SSL_accept error from tbc-exch.thouttbrosinc.com[70.89.160.227]: -1
Aug 26 10:17:27 mta postfix/smtpd[7192]: lost connection after STARTTLS from tbc-exch.thouttbrosinc.com[70.89.160.227]
Aug 26 10:17:27 mta postfix/smtpd[7192]: disconnect from tbc-exch.thouttbrosinc.com[70.89.160.227]
Aug 26 10:17:27 mta postfix/smtpd[7192]: connect from tbc-exch.thouttbrosinc.com[70.89.160.227]
0
 
LVL 3

Expert Comment

by:Dave_LaSalle
ID: 33532412
Looks like it still 'may' be cert issue
Does anything here help: http://technet.microsoft.com/en-us/library/bb510129(EXCHG.80).aspx
0
 

Author Comment

by:jb1023
ID: 33533490
Unfortunately I don't see anything there that is the issue.  I have removed all my certs from the server, requested a new CSR from Exchange, re-keyed my cert in Godaddy and then went through the install, enable process in Exchange.  I compared the lookups as per that document and I don't see any differences in the fqdn.  I sent a new test email to hotmail and the msg is still in queue and the SMTP send log entry looks the same as before.
0
 

Author Comment

by:jb1023
ID: 33533560
Not sure if this matters or if perhaps they are two different functions but I am  able to log into owa and FF and IE say the cert is valid.  Again, could be different so don't know if that matters or not.
0
 
LVL 3

Accepted Solution

by:
Dave_LaSalle earned 500 total points
ID: 33534513
Could you turn TLS off for a brief test?
0
 

Author Comment

by:jb1023
ID: 33534672
Ok, so I turned it off on the send connector but not on the receive connectors and guess what...I got my test email.  I guess my next question would be why and what are the risks?
0
 

Author Comment

by:jb1023
ID: 33535845
Looks like TLS is now set properly.  Thank you so much Dave, I really appreciate it.
0
 

Author Comment

by:jb1023
ID: 33535930
Looks like TLS is now set properly.  Thank you so much Dave, I really appreciate it.
0
 

Author Comment

by:jb1023
ID: 33536192
Dave is supposed to be getting 100 pts for one of his answers and 400 for another, not sure why the Alert says 0 pts.
0
 
LVL 7

Expert Comment

by:jamie_gillespie
ID: 33538057
Glad that's been sorted, well done Dave!
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Join & Write a Comment

Resolve Outlook connectivity issues after moving mailbox to new Exchange 2016 server
Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
This video discusses moving either the default database or any database to a new volume.

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now