Solved

SBS 2003 Not Sending emails

Posted on 2010-08-26
20
991 Views
Last Modified: 2013-11-30
We have a curious issue that I need help with. We have just taken over management of an SBS 2003 server. The previous IT group set them up to use their Smarthost to route all outbound emails. Inbound MX records point to the server directly.

When I change the SMTP Connector to use DNS I see the emails entering the queues for the different domains, but they never leave.

I can telnet to port 25 of the target domains so I know port 25 is not being blocked. I also confirmed DNS is configured correctly. If I add the SMTP smarthost back into the section is clears the que and sends email out correctly.

What am I missing?
0
Comment
Question by:LSolt
20 Comments
 
LVL 8

Expert Comment

by:jimmyray7
ID: 33537605
Does your ISP block outgoing SMTP?  If so, you might need to set their server as your smarthost.
0
 

Author Comment

by:LSolt
ID: 33537668
Checked that abd XO Communication says they do not block. I can also telnet to port 25 on various urls.
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33537669
www.testexchangeconnectivity.com/

Test for inbound and outbound SMTP

Please post back results here.

thanks
0
 

Author Comment

by:LSolt
ID: 33537711
Will do.

As a follow-on: When I try to run the Internet Mail Wizard it fails with a Bridgehead warning, however when I try to remove the Bridgehead the connector will not proceed.
0
 

Author Comment

by:LSolt
ID: 33537747
Here are the test results for the outbound email test.
Performing Outbound SMTP Test 

  Outbound SMTP Test Successful 

   Test Steps 

   Attempting reverse DNS lookup for IP 67.90.xxx.xxx 

  Successfully resolved IP 67.90.xxx.xxx via Reverse-DNS lookup 

   Additional Details 

  Resolved IP address 67.90.xxx.xxx to host mail.mydomain.com 

 

 Performing Real-Time Blackhole List (RBL) Test 

  Your IP address wasn't found on any of the block lists selected. 

   Test Steps 

   Checking Block List "SpamHaus Block List (SBL)" 

  The address isn't on the block list. 

   Additional Details 

  IP 67.90.xxx.xxx was not found on RBL 

 

 Checking Block List "SpamHaus Exploits Block List (XBL)" 

  The address isn't on the block list. 

   Additional Details 

  IP 67.90.xxx.xxx was not found on RBL 

 

 Checking Block List "SpamHaus Policy Block List (PBL)" 

  The address isn't on the block list. 

   Additional Details 

  IP 67.90.xxx.xxx was not found on RBL 

 

 Checking Block List "SpamCop Block List" 

  The address isn't on the block list. 

   Additional Details 

  IP 67.90.xxx.xxx was not found on RBL 

 

 Checking Block List "NJABL.ORG Block List" 

  The address isn't on the block list. 

   Additional Details 

  IP 67.90.xxx.xxx was not found on RBL 

 

 Checking Block List "SORBS Block List" 

  The address isn't on the block list. 

   Additional Details 

  IP 67.90.xxx.xxx was not found on RBL 

 

 Checking Block List "MSRBL Combined Block List" 

  The address isn't on the block list. 

   Additional Details 

  IP 67.90.xxx.xxx was not found on RBL 

 

 Checking Block List "UCEPROTECT Level 1 Block List" 

  The address isn't on the block list. 

   Additional Details 

  IP 67.90.xxx.xxx was not found on RBL 

 

 Checking Block List "AHBL Block List" 

  The address isn't on the block list. 

   Additional Details 

  IP 67.90.xxx.xxx was not found on RBL 

 

 

 

 Performing Sender ID validation 

  Sender ID validation performed successfully 

   Test Steps 

   ExRCA is attempting to find the SPF record using a DNS TEXT record query. 

  ExRCA wasn't able to find the SPF record. 

   Additional Details 

  No records were found.

Open in new window

0
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 500 total points
ID: 33537760
I would add a new SMTP Connector from scratch, set it up to use DNS and then disable the one that is not working.  It may have Authentication set which will cause it problems.
Try that or check for authentication on the existing one and remove it (although you won't have a fall-back plan if this fails).
0
 

Author Comment

by:LSolt
ID: 33537776
Here are Inbound test results:
Testing Inbound SMTP Mail flow for domain sys-admin@mydomain.com

 Inbound SMTP mail flow was verified successfully.

 Test Steps

 Attempting to retrieve DNS MX records for domain mydomain.com

 One or more MX records were successfully retrieved from DNS.

 Additional Details

 MX Records Host mail2.no-ip.com, Preference 15

, Host mail.mydomain.com, Preference 5

, Host mail1.no-ip.com, Preference 10





Testing Mail Exchanger mail.mydomain.com.

 This Mail Exchanger was tested successfully.

 Test Steps

 Attempting to resolve the host name mail.mydomain.com in DNS.

 Host successfully resolved

 Additional Details

 IP(s) returned: 67.90.xxx.xxx



Testing TCP Port 25 on host mail.mydomain.com to ensure it is listening and open.

 The port was opened successfully.

 Additional Details

 Banner Received: 220 mydomain.com Microsoft ESMTP MAIL Service, Version: 6.0.3790.3959 ready at Thu, 26 Aug 2010 19:17:33 -0400 



Attempting to send test email message to sys-admin@mydomain.com using MX mail.mydomain.com.

 The test message was delivered successfully.

Testing the MX mail.mydomain.com for open relay by trying to relay to user Admin@TestExchangeConnectivity.com

 The Open Relay test passed. This mx isn't an open relay.

 Additional Details

 The open relay test message delivery failed (a good thing).

The exception detail is:

Exception details:

Message: Mailbox unavailable. The server response was: 5.7.1 Unable to relay for Admin@TestExchangeConnectivity.com

Type: System.Net.Mail.SmtpFailedRecipientException

Stack trace:

at System.Net.Mail.SmtpTransport.SendMail(MailAddress sender, MailAddressCollection recipients, String deliveryNotify, SmtpFailedRecipientException& exception)

at System.Net.Mail.SmtpClient.Send(MailMessage message)

at Microsoft.Exchange.Tools.ExRca.Tests.SmtpOpenRelayTest.PerformTestReally()









Testing Mail Exchanger mail1.no-ip.com.

 This Mail Exchanger was tested successfully.

 Test Steps

 Attempting to resolve the host name mail1.no-ip.com in DNS.

 Host successfully resolved

 Additional Details

 IP(s) returned: 204.16.xxx.xxx



Testing TCP Port 25 on host mail1.no-ip.com to ensure it is listening and open.

 The port was opened successfully.

 Additional Details

 Banner Received: 220 mail1.no-ip.com ESMTP



Attempting to send test email message to sys-admin@mydomain.com using MX mail1.no-ip.com.

 The test message was delivered successfully.

Testing the MX mail1.no-ip.com for open relay by trying to relay to user Admin@TestExchangeConnectivity.com

 The Open Relay test passed. This mx isn't an open relay.

 Additional Details

 The open relay test message delivery failed (a good thing).

The exception detail is:

Exception details:

Message: Transaction failed. The server response was: 5.7.1 <Admin@TestExchangeConnectivity.com>: Relay access denied

Type: System.Net.Mail.SmtpException

Stack trace:

at System.Net.Mail.RecipientCommand.CheckResponse(SmtpStatusCode statusCode, String response)

at System.Net.Mail.SmtpTransport.SendMail(MailAddress sender, MailAddressCollection recipients, String deliveryNotify, SmtpFailedRecipientException& exception)

at System.Net.Mail.SmtpClient.Send(MailMessage message)

at Microsoft.Exchange.Tools.ExRca.Tests.SmtpOpenRelayTest.PerformTestReally()









Testing Mail Exchanger mail2.no-ip.com.

 This Mail Exchanger was tested successfully.

 Test Steps

 Attempting to resolve the host name mail2.no-ip.com in DNS.

 Host successfully resolved

 Additional Details

 IP(s) returned: 69.65.xxx.xxx, 69.65.xxx.xxx



Testing TCP Port 25 on host mail2.no-ip.com to ensure it is listening and open.

 The port was opened successfully.

 Additional Details

 Banner Received: 220 mx201.no-ip.com ESMTP



Attempting to send test email message to sys-admin@mydomain.com using MX mail2.no-ip.com.

 The test message was delivered successfully.

Testing the MX mail2.no-ip.com for open relay by trying to relay to user Admin@TestExchangeConnectivity.com

 The Open Relay test passed. This mx isn't an open relay.

 Additional Details

 The open relay test message delivery failed (a good thing).

The exception detail is:

Exception details:

Message: Transaction failed. The server response was: 5.7.1 <Admin@TestExchangeConnectivity.com>: Relay access denied

Type: System.Net.Mail.SmtpException

Stack trace:

at System.Net.Mail.RecipientCommand.CheckResponse(SmtpStatusCode statusCode, String response)

at System.Net.Mail.SmtpTransport.SendMail(MailAddress sender, MailAddressCollection recipients, String deliveryNotify, SmtpFailedRecipientException& exception)

at System.Net.Mail.SmtpClient.Send(MailMessage message)

at Microsoft.Exchange.Tools.ExRca.Tests.SmtpOpenRelayTest.PerformTestReally()

Open in new window

0
 

Author Comment

by:LSolt
ID: 33537807
There is outbound security for the connector. That might cause it to fail when connecting to other mail servers.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 33537808
Once you get mail flowing properly - there are other errors that need addressing, such as your Fully Qualified Domain name your server is configured as:
mail.mydomain.com claims to be host otherdomain.com [but that host is at 66.195.xxx.xxx (may be cached), not 67.90.xxx.xxx]. <br />
0
Want to promote your upcoming event?

Are you going to an event? Are you going to be exhibiting at a tradeshow? Talking at a conference? Using a promotional banner in your email signature ensures that your organization’s most important contacts stay in the know and can potentially spread the word about the event.

 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 33537814
Other mail server won't work with authentication, so you will have to disable it.  Other server will need anonymous connections to work, so that is the most likely reason for it failing at present when you change to use DNS not a Smarthost.
0
 

Author Comment

by:LSolt
ID: 33537840
I did see the FQN issue and was looking for the setting to change that.

I also set the new connector with a weight of 1 and the old one with a weight of 10. Emails are flowing out the queue. looks like that might have don it.

Will test some more.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 33537856
FQDN is on the SMTP Virtual Server Properties, Delivery Tab, Advanced Button.
Good news.
Make sure your IP is clean on www.mxtoolbox.com/blacklists.aspx and make sure you are recipient filtering too:
http://www.msexchange.org/tutorials/Sender-Recipient-Filtering.html
0
 

Author Comment

by:LSolt
ID: 33537892
Great I think we are all set. Appreciate the help!!

220 mydomain.com Microsoft ESMTP MAIL Service, Version: 6.0.3790.3959 ready at Thu, 26 Aug 2010 19:38:52 -0400


Not an open relay.
0 seconds - Good on Connection time
0.452 seconds - Good on Transaction time
OK - 67.90.xxx.xxx resolves to mail.mydomain.com
OK - Reverse DNS matches SMTP Banner

0
 

Author Closing Comment

by:LSolt
ID: 33537897
This was great!! The extra set of eyes helped!!
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 33537904
Checking my end - then I will clean up your domain name / IP address from the question : )
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 33537915
I am still seeing the FQDN as I posted earlier.  Not good.
0
 

Author Comment

by:LSolt
ID: 33537975
Perfect! Thanks!!
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 33538002
You are welcome.
You still don't appear to have changed your FQDN to mail.yourdomain.com - you should do for all to be well. It needs to match Reverse DNS and Reverse DNS is set to mail.yourdomain.com.
Without changing it - you WILL have mail-flow issues.
0
 

Author Comment

by:LSolt
ID: 33538144
Changed to include the FQDN. Was under the impression that Domain name was enough, but see the error in that thought.

Thanks again.
0

Featured Post

Do email signature updates give you a headache?

Do you feel like all of your time is spent managing email signatures? Too busy to visit every user’s desk to make updates? Want high-quality HTML signatures on all devices, including on mobiles and Macs? Then, let Exclaimer solve all your email signature problems today!

Join & Write a Comment

Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
In this video we show how to create a Distribution Group in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >>…
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now