Solved

exchange receive connector problems

Posted on 2010-08-30
24
356 Views
Last Modified: 2012-08-13
We just setup a new SBS 2008 server and I have an issue that I just can't seem to track down. The Internet Receive Connector seems to accept connections from some mail servers (ip addresses) and not from others.  Example: I can't telnet to port 25 from some locations but not from others. The receive connector is setup to accept from 0.0.0.0-255.255.255.255  I would think that would cover everything.  Anyone with some suggestions would be great.

Thanks in advance
Randy
0
Comment
Question by:rlb001
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 12
  • 12
24 Comments
 
LVL 28

Accepted Solution

by:
sunnyc7 earned 500 total points
ID: 33561243
www.testexchangeconnectivity.com/
Test for inbound SMTP
Copy paste the results here

www.canyouseeme.org
Check if ports 80 25 443 587 are open

please post back
0
 

Author Comment

by:rlb001
ID: 33561291
Testing Inbound SMTP Mail flow for domain rbradford@clevelandrcc.org
 Inbound SMTP mail flow was verified successfully.
 Test Steps
 Attempting to retrieve DNS MX records for domain clevelandrcc.org
 One or more MX records were successfully retrieved from DNS.
 Additional Details
 MX Records Host mail.clevelandrcc.org, Preference 10


Testing Mail Exchanger mail.clevelandrcc.org.
 This Mail Exchanger was tested successfully.
 Test Steps
 Attempting to resolve the host name mail.clevelandrcc.org in DNS.
 Host successfully resolved
 Additional Details
 IP(s) returned: 208.40.29.146

Testing TCP Port 25 on host mail.clevelandrcc.org to ensure it is listening and open.
 The port was opened successfully.
 Additional Details
 Banner Received: 220 mail.clevelandrcc.org Microsoft ESMTP MAIL Service ready at Mon, 30 Aug 2010 14:26:47 -0400

Attempting to send test email message to rbradford@clevelandrcc.org using MX mail.clevelandrcc.org.
 The test message was delivered successfully.
Testing the MX mail.clevelandrcc.org for open relay by trying to relay to user Admin@TestExchangeConnectivity.com
 The Open Relay test passed. This mx isn't an open relay.
 Additional Details
 The open relay test message delivery failed (a good thing).
The exception detail is:
Exception details:
Message: Mailbox unavailable. The server response was: 5.7.1 Unable to relay
Type: System.Net.Mail.SmtpFailedRecipientException
Stack trace:
at System.Net.Mail.SmtpTransport.SendMail(MailAddress sender, MailAddressCollection recipients, String deliveryNotify, SmtpFailedRecipientException& exception)
at System.Net.Mail.SmtpClient.Send(MailMessage message)
at Microsoft.Exchange.Tools.ExRca.Tests.SmtpOpenRelayTest.PerformTestReally()

Port 587 wasn't but the others are, I opened 587 but that didn't help.

Randy
0
 

Author Comment

by:rlb001
ID: 33561303
By the way I had tried that and seen that it worked, but when I telnet from home or some other addresses no joy.
0
Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 
LVL 28

Expert Comment

by:sunnyc7
ID: 33561370
Open Exchange management console
Go to server config
hub transport
Select server name in top pane
Right click on receive connector in bottom pane > Properties

Go to authentication tab
Check TLS

in Permission Groups tab
Make sure first 4 are checked.

Restart hub transport server.
Lets see if you get something.
0
 

Author Comment

by:rlb001
ID: 33561422
Is there a easy way to restart the hub without restarting the actaul server?
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33561461
start > run > services.msc

restart ms exchange hub transport.
0
 

Author Comment

by:rlb001
ID: 33561504
Ok done that and I still can't telnet some locations.  The mail server is mail.clevelandrcc.org in case you would like to try from your location.
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33561544
I get the full banner

mail.clevelandrcc.org
banner.png
0
 

Author Comment

by:rlb001
ID: 33561588
That is weird, This is what I get.
Capture.PNG
0
 

Author Comment

by:rlb001
ID: 33561608
I get the connection on some remote locations and I get the above at some others.  So in short, some emails are getting rejected and some are not.
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33561611
ok
it wont work from within the network if there is no A-record in your DNS for mail.clevelandrcc.org - pointing to LAN IP of your exchange server.

or your ISP is blocking port 25.

www.canyouseeme.org
enter 25
Check if it's blocked.
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33561627
No that doesnt mean that @ some emails are getting rejected.

Email Pass/Fail test is

www.testexchangeconnectivity.com
If it passes - all emails will pass.

unless you are in some blacklist
www.mxtoolbox.com
>> which you are not.
http://www.mxtoolbox.com/SuperTool.aspx?action=mx:clevelandrcc.org

or your sender reputation is bad
>> Which is blank (new setup probably ?)
http://www.senderbase.org/senderbase_queries/detaildomain?search_string=clevelandrcc.org

let me send some test emails and see how that goes.
0
 

Author Comment

by:rlb001
ID: 33561707
Well port 25 is open and I have an A record for mail.clevelandrcc.org.  This all started when I couldn't get my barracuda Spam Firewall to connect because it can't open port 25.  I thought that it was just the Barracuda but lately I have been phone calls about people trying to send emails to our server and they are rejected because of the server could not be contacted.  So I tried to telnet from some outside locations and some are working and some are not.  So that is the whole story. Thanks in advance for all of your help.
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33561732
Thanks for clearing-up the picture.
i was troubleshooting with just the exchange server in mind.

Can you post a screenshot of your baracuda configuration.
apparently its not going to baracuda anymore and going straight to exchange server, based upon the headers atleast.

*unless I am missing something
0
 

Author Comment

by:rlb001
ID: 33561785
Yes it is going directly to the mail server.  I changed the A record when I couldn't get the Barracuda to connect.  I figured I would work on it at a later time and just by pass it for now.  But now I think that it is a bigger problem since I can't connect via telnet from some other locations also.
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33561804
if you cannot telnet from other locations, then your ISP has blocked port 25.
Test it.

Go here
www.canyouseeme.org

enter 25

Check if it's blocked
0
 

Author Comment

by:rlb001
ID: 33561836
It's open no problem.  You connected, I can connect from some locations and not others.  This is not a case of nobody can connect from anywhere.  Some locations can and others can't.   That is why I am having such a hard time figuring this out.
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33561853
Can you check with these guys what errors they are getting.

a) Need the DSN code 4.4.7 or something.

b) Ask them to ping your email server

ping mail.clevelandrcc.org -t

See if that works.

c) Ask them to pathping

pathping mail.clevelandrcc.org

See where it times out.
---------
If their port 25 is open from canyouseeme.org, and they can telnet to other domains, check if they can tracert / pathping to your domain.

0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33561854
Trying to trace where the issue is.
0
 

Author Comment

by:rlb001
ID: 33561934
The pathping from my home computer (which can not telnet to port 25) has 22 hops but it does finally see's it.  The ping works fine with no misses.  I don't have the DSN code yet.  I requested the people that had rejected emails to send me one, but none yet.
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33561946
try tracert your public IP

Also try tracert from here
http://www.dnsstuff.com/
0
 

Author Comment

by:rlb001
ID: 33562031
22 hops and found it
http://www.dnsstuff.com/ got to my firewall also
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33562090
If both tested ok
a) your home > your firewall
b) DNS Stuff > your firewall.

I dont think there is any issue with your server right now.

whosoever received a 4.4.7 - can you ask them to retry now and see if they are still facing these issues.

PS: you might want to consider putting *some* anti-spam in front of that.
Try vamsoft ORF
http://www.vamsoft.com/
Free 30 day trial for full server - $239 per server if you decide to keep it.
0
 

Author Closing Comment

by:rlb001
ID: 33694492
I still have the issue but have worked around it by using a different IP to connect to my exchange and it seems to work.
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A list of top three free exchange EDB viewers that helps the user to extract a mailbox from an unmounted .edb file and get a clear preview of all emails & other items with just a single click on mailboxes.
Check out this step-by-step guide for using the newly updated Experts Exchange mobile app—released on May 30.
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
Suggested Courses

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question