Link to home
Start Free TrialLog in
Avatar of sndmnsix
sndmnsix

asked on

Sending internal email from Exchange 2010 mailbox to Exchange 2003 fails with #< #5.2.1> #SMTP#

Hello,
I've been looking at threads on EE all day and cannot really find why this is happening as my setup looks good.  It has to be something I'm missing.  

I have a newly installed 2010 Exchange Server installed in my domain that coexists with my Exchange 2003 server.  All outbound/Inbound mail is being routed through Exchange 2010.  I moved my account to exchange 2010 database via the 2010 EMC.

What works?  
1.  Outbound to External Sources (both 2003/2010)
2.  From Ex2003 to 2010 Internal Mail
3.  Inbound from External Sources (both 2003/2010)

What doesn't work?

1.  Exchange 2010 sending mail to Exchange 2003.

Maybe someone to spot check me on a few things?  I'm getting close to the end of my rope on this.  Many thanks in advance!

Pete
Avatar of endital1097
endital1097
Flag of United States of America image

check the default virtual server settings on the 2003 server
make sure that windows integrated authentication is enabled
Avatar of sndmnsix
sndmnsix

ASKER

Ok,
Integrated Windows Authentication was already enabled...so I'm good there.

Pete
also make sure that it is using the default port = 25
As I look as this a little closer.....

On the Access tab, Access control, Authentication button.... Integrated Windows Authentication is checked.  

On the Delivery tab, Outbound Security...Integrated Windows Authentication isn't checked.

Does this one need to be checked as well?

Pete

Yes, Port 25 is the configured port.  I forgot to mention that.

Delivery Tab, Outbound connections... Port 25 is indicated.

Pete
Open Exchange 2003
Admin groups
Domain
servers
servername
protocols
SMTP
Right click on default SMTP virtual server
Go to access tab
Click on relay

What does it say > All except the list below ?

also for connections
what does it say ?

Please post a screenshot.
--
testing

Send a test email from 2010 --> 2003

Open Exchange 2003
toolbox > message tracking
enter sender / recipient / servername > check what happens

Repeat the same process in exchange 2010
toolbox > message tracking

post back if you have questions.

thanks
i was just about to get to that tab...
Lets see if it works ... :)
On the Outbound Security Tab,  

If I select Integrated Windows Authentication, it wants a username/password.  What would be recommended here?

Pete
outbound security = anonymous access
Ok,

The Relay button has 'Only the list below' which is all of the class C private subnets on the network.
Attached is a picture of the relay tab.
Attached is a picture of the Message Tracking in 2003

Pete



Relay-Tab.bmp
Message-Tracking.JPG
what about the connections button
Connections Button..... 'All except the list below'  which is nothing.
In Exchange 2010

Mail flow tools....should I be using Mail Flow Troubleshooter to get the report you're looking for ?

Pete
Is your Exchange 2010 in this subnet http:#33665390

--
Is there any reason for specifying the subnets which can relay. You can also change it to all except the list below - and restart SMTP service
Message Tracking @ ex 2010 toolbox.
I don't suppose there is any real reason anymore to specify subnets at this point.  I will change this to wide open.
let's make sure you have a routing group connector for each direction
please post the results
get-routinggroupconnector | fl name,source*,target*
Ok,

Change to 'All except the list below' which is nothing.

I also restarted the SMTP service.
yep that too @ get-routinggroupconnector | fl
try sending test email - lets see what happens.

also monitor it from message tracking in exchange 2003.
Staying on SMTP virtual server 2003
Right click on SMTP virtual server
General Tab
Next to the IP Address > click advanced
Select the IP address of Exchange 2003 > click edit

check if -
Apply Sender filter
Apply sender ID filter

are checked

If so -> uncheck them and restart SMTP service.

--
I hope you have a good anti-spam solution, which can take care of all sender / recipient filtering  :)
Ok,
After making the change on the 'Relay' tab to allow anything and restarted SMTP, I ran a test which failed.

Here's what the shell returned:

[PS] C:\Windows\system32>Get-routinggroupconnector | fl


RunspaceId                   : f2039f36-25b8-4b72-b7ec-316972258d49
TargetRoutingGroup           : First Routing Group
Cost                         : 1
TargetTransportServers       : {STEWART-EX1}
ExchangeLegacyDN             : /o=Stewart Title of Sacramento/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Con
                               figuration/cn=Connections/cn=STEWART-EX2-STEWART-EX1
PublicFolderReferralsEnabled : True
SourceRoutingGroup           : Exchange Routing Group (DWBGZMFD01QNBJR)
SourceTransportServers       : {STEWART-EX2}
HomeMTA                      : Microsoft MTA
HomeMtaServerId              : STEWART-EX2
MaxMessageSize               : unlimited
AdminDisplayName             :
ExchangeVersion              : 0.1 (8.0.535.0)
Name                         : STEWART-EX2-STEWART-EX1
DistinguishedName            : CN=STEWART-EX2-STEWART-EX1,CN=Connections,CN=Exchange Routing Group (DWBGZMFD01QNBJR),CN
                               =Routing Groups,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Gro
                               ups,CN=Stewart Title of Sacramento,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC
                               =stewartsac,DC=com
Identity                     : STEWART-EX2-STEWART-EX1
Guid                         : 0649cd03-9197-4bc5-8c16-55cf75dcf42a
ObjectCategory               : stewartsac.com/Configuration/Schema/ms-Exch-Routing-Group-Connector
ObjectClass                  : {top, msExchConnector, msExchRoutingGroupConnector}
WhenChanged                  : 8/11/2010 11:30:58 AM
WhenCreated                  : 8/11/2010 11:30:44 AM
WhenChangedUTC               : 8/11/2010 6:30:58 PM
WhenCreatedUTC               : 8/11/2010 6:30:44 PM
OrganizationId               :
OriginatingServer            : stewart-data2.stewartsac.com
IsValid                      : True

RunspaceId                   : f2039f36-25b8-4b72-b7ec-316972258d49
TargetRoutingGroup           : Exchange Routing Group (DWBGZMFD01QNBJR)
Cost                         : 1
TargetTransportServers       : {STEWART-EX2}
ExchangeLegacyDN             : /o=Stewart Title of Sacramento/ou=First Administrative Group/cn=Configuration/cn=Connect
                               ions/cn=STEWART-EX1-STEWART-EX2
PublicFolderReferralsEnabled : True
SourceRoutingGroup           : First Routing Group
SourceTransportServers       : {STEWART-EX1}
HomeMTA                      : Microsoft MTA
HomeMtaServerId              : STEWART-EX1
MaxMessageSize               : unlimited
AdminDisplayName             :
ExchangeVersion              : 0.1 (8.0.535.0)
Name                         : STEWART-EX1-STEWART-EX2
DistinguishedName            : CN=STEWART-EX1-STEWART-EX2,CN=Connections,CN=First Routing Group,CN=Routing Groups,CN=Fi
                               rst Administrative Group,CN=Administrative Groups,CN=Stewart Title of Sacramento,CN=Micr
                               osoft Exchange,CN=Services,CN=Configuration,DC=stewartsac,DC=com
Identity                     : STEWART-EX1-STEWART-EX2
Guid                         : 44ef2031-5695-4b6f-b1dc-6cd3011bf998
ObjectCategory               : stewartsac.com/Configuration/Schema/ms-Exch-Routing-Group-Connector
ObjectClass                  : {top, msExchConnector, msExchRoutingGroupConnector}
WhenChanged                  : 8/11/2010 11:30:58 AM
WhenCreated                  : 8/11/2010 11:30:44 AM
WhenChangedUTC               : 8/11/2010 6:30:58 PM
WhenCreatedUTC               : 8/11/2010 6:30:44 PM
OrganizationId               :
OriginatingServer            : stewart-data2.stewartsac.com
IsValid                      : True

RunspaceId                   : f2039f36-25b8-4b72-b7ec-316972258d49
TargetRoutingGroup           : First Routing Group
Cost                         : 10
TargetTransportServers       : {STEWART-EX1}
ExchangeLegacyDN             : /o=Stewart Title of Sacramento/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Con
                               figuration/cn=Connections/cn=Interop RGC
PublicFolderReferralsEnabled : True
SourceRoutingGroup           : Exchange Routing Group (DWBGZMFD01QNBJR)
SourceTransportServers       : {STEWART-EX2}
HomeMTA                      : Microsoft MTA
HomeMtaServerId              : STEWART-EX2
MaxMessageSize               : unlimited
AdminDisplayName             :
ExchangeVersion              : 0.1 (8.0.535.0)
Name                         : Interop RGC
DistinguishedName            : CN=Interop RGC,CN=Connections,CN=Exchange Routing Group (DWBGZMFD01QNBJR),CN=Routing Gro
                               ups,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=Stewa
                               rt Title of Sacramento,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=stewartsac,
                               DC=com
Identity                     : Interop RGC
Guid                         : 6edc51ca-3f1c-4425-a4f2-89fdc317631b
ObjectCategory               : stewartsac.com/Configuration/Schema/ms-Exch-Routing-Group-Connector
ObjectClass                  : {top, msExchConnector, msExchRoutingGroupConnector}
WhenChanged                  : 9/13/2010 10:34:19 AM
WhenCreated                  : 9/13/2010 10:34:19 AM
WhenChangedUTC               : 9/13/2010 5:34:19 PM
WhenCreatedUTC               : 9/13/2010 5:34:19 PM
OrganizationId               :
OriginatingServer            : stewart-data2.stewartsac.com
IsValid                      : True

RunspaceId                   : f2039f36-25b8-4b72-b7ec-316972258d49
TargetRoutingGroup           : Exchange Routing Group (DWBGZMFD01QNBJR)
Cost                         : 10
TargetTransportServers       : {STEWART-EX2}
ExchangeLegacyDN             : /o=Stewart Title of Sacramento/ou=First Administrative Group/cn=Configuration/cn=Connect
                               ions/cn=Interop RGC
PublicFolderReferralsEnabled : True
SourceRoutingGroup           : First Routing Group
SourceTransportServers       : {STEWART-EX1}
HomeMTA                      : Microsoft MTA
HomeMtaServerId              : STEWART-EX1
MaxMessageSize               : unlimited
AdminDisplayName             :
ExchangeVersion              : 0.1 (8.0.535.0)
Name                         : Interop RGC
DistinguishedName            : CN=Interop RGC,CN=Connections,CN=First Routing Group,CN=Routing Groups,CN=First Administ
                               rative Group,CN=Administrative Groups,CN=Stewart Title of Sacramento,CN=Microsoft Exchan
                               ge,CN=Services,CN=Configuration,DC=stewartsac,DC=com
Identity                     : Interop RGC
Guid                         : 57ab765b-a755-4025-950e-fa72443357c9
ObjectCategory               : stewartsac.com/Configuration/Schema/ms-Exch-Routing-Group-Connector
ObjectClass                  : {top, msExchConnector, msExchRoutingGroupConnector}
WhenChanged                  : 9/13/2010 10:34:19 AM
WhenCreated                  : 9/13/2010 10:34:19 AM
WhenChangedUTC               : 9/13/2010 5:34:19 PM
WhenCreatedUTC               : 9/13/2010 5:34:19 PM
OrganizationId               :
OriginatingServer            : stewart-data2.stewartsac.com
IsValid                      : True



[PS] C:\Windows\system32>
[check if -
Apply Sender filter
Apply sender ID filter]

The 'Apply Sender Filter' was checked.  I unchecked and restarted SMTP service.

Pete
and did the test message go thru

can you telnet from 2010 to the 2003 on port 25
telnet stewart-ex1 25
Test was a failure after I unchecked 'Apply Sender Filter' and restarted.  I'll see if I can telnet from 2010 to 2003.
Never used Telnet from Windows 2008 R2 before.  I used to be able to run from a command prompt.  ??
start > run > cmd

telnet stewart-ex1 25
do you get a ESMTP banner

type
EHLO

mail from: you@yourdomain.com
rcpt to: someone@yourdomain.com
data
gibberish


Avatar of Akhater
it is not installed by default

run cmd as administrator then run
servermanagercmd -i telnet-client
Telnet seems to be an unrecognized commnd in Windows 2008.  Do you know where they hid it?  Sorry about this.

Pete
server manager
add feature
ok
This looks ok.

220 stewart-ex1.stewartsac.com Microsoft ESMTP MAIL Service, Version: 6.0.3790.3
959 ready at  Mon, 13 Sep 2010 12:30:53 -0700
Is journaling turned on in Exchange 2003 by any chance ?
Can you check ?
@sunnyc7 - that again?
Test message sent successfully from telnet command line sent it all the way through to the destination mailbox on 2003 server.   ?? what's the difference?
Guessing... We can run a BPA and verify it.

we can create our own KB right now on co-existence issues
ok you have to telnet from 2003 > TO 2010
what you did was telnet from 2010 > to 2003

so try this from 2003 server
start > run > cmd
telnet 2010servername 25

and see what you get.
going from Ex2003 to Ex2010 via telnet:

220 STEWART-EX2.stewartsac.com Microsoft ESMTP MAIL Service ready at Mon, 13 Sep
 2010 12:41:01 -0700
can you try to send a test email.

--
also please check journaling in exchange 2003 ?
can you just post a screenshot of the default smtp virtual server setting for
access tab - authentication button
Test message from Ex2003 to Ex2010 via telnet was sent successfully.
I'll check on the journaling real quick.

Pete
Here's the screenshot for the Authentication button.

Pete
Authentication-Button.bmp
I'm not sure where I would find if journaling is enabled.  I know that on each mail store, I have messages archived to a particular mailbox that is polled by a 3rd party message archiver.  Is that what you were looking for?

Pete
I have messages archived to a particular mailbox that is polled by a 3rd party message archiver.  Is that what you were looking for?
>> YES :)

disable that --> uncheck the box
Restart info. store

Try sending a message now.

@endital - this is documentable now :)
so uncheck for every mailstore or just for the mailstore that has the emailbox that I've been testing send messages to?
uncheck this for testing.
You will have to implement journaling differently when you want to support co-existence.
the last issue with journaling we encountered was the journaling mailbox no longer existed

can you run an exba against the 2010 server before doing this
exchange mangement console
toolbox
oh.  You know I already unchecked those journaling features and restarted the info store.  Also ran a another test which failed.  Should I continue with the exba anyway?
yes, run the exbpa
Download 2003 exbpa and then run a health scan
Restart smtp too on 2003
Attached is the Expba that I ran from ex2010.
ExBPA.201009131314582207.data.htm
ASKER CERTIFIED SOLUTION
Avatar of sunnyc7
sunnyc7
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Okay, looks like I need to get these things worked out.  I'll get back to you.  Much appreciated.
one last thing to look at
in the 2003 esm, routing groups and connectors
do you have an smtp connector and if so, under properties check your address space config

is it * for entire org or routing gorup
I believe I deleted the smtp connector that was created w/ esm 2003.  It was my understanding that it was no longer required.  There is another that was created w/ emc on the 2010.  I'll look at that in the morning.  Also, I cleaned up most of the issues related to exBpa tool.  I now have a secondary domain controller on the same subnet as both exchange servers.  It still complains about the round trip time to the primary domain controller being so far away.(12ms).  

Something else that I discovered around 5:30pm today :  I was able to email certain mailboxes (2003) and Im not sure why.  Most of my users are terminal server users.  These users I emailed successfully are primarily desktop standalone office 2003 and office 2007 clients.  All terminal servers have office 2003 (outlook 2003).  That kind throws a monkey wrench in my theory of not being able to email ex2003 mailboxes because all of these are.  My account is the only account on ex 2010.  
did you verify this by message tracking from exchange 2003
or use message tracking on the 2010 for outbound messages from you to one of those recipients
I just verified this message was sent.  I used message tracking from 2003.  I attached the file.  I'll run one from 2010 in just a min.

Pete
tracking-from-2003.bmp
that's good enough
mail flow between 2010 and 2003 is now working
It looks like mail flow from the two servers isn't the real issue here then.  Most of the users I cannot email which initially led me to believe I just couldn't send to the 2003 servers.  

This is what I typically get on a failure:

Delivery has failed to these recipients or groups:

Chris Tsukamoto <mailto:chris@stewartsac.com>
There's a problem with the recipient's mailbox. Please try resending this message. If the problem continues, please contact your helpdesk.










Diagnostic information for administrators:

Generating server: stewart-ex1.stewartsac.com

chris@stewartsac.com
#< #5.2.1> #SMTP#

Ok,
I set the SELF user permission accordingly on this particular user and made sure she also had Full mailbox rights assigned (which was true anyway).  Sent a new message and it still bounced...BUT when I was looking at the log to see about MSExchangeIS errors, I came across this (attached).  I found a lot of these and I've not seen this before.

Pete
MSExchangeIS-Errors.JPG
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Nice...I'm going to go ahead and make the registry modifications as indicated in the KB.  Apparently, I'll need to dismount and re-mount the stores before the new values go into effect.  I'm sure the 'powers that be' won't let me do that today.  I'll have to dismount after 5:00pm before I can run another test.  I'll be back in touch.  Thank you guys very much for sticking with this.

Pete
Endital and i are here.
he is powering up a VM and testing things.
yep sunny got you the article to handle that event. i'll most likely be online until about 5 and back at 8 est
Sounds good :)
Sorry for the delay on this.  I've been having to deal with other issues.  

This link was the key !

did you check this kb ?
http://support.microsoft.com/default.aspx?kbid=820379

I did add these keys to the registry but there was an already existing reg entry that was the actual problem.  It was very similarly named and within the same key.  It was set for 8192.  Thanks very much on helping out with this issue.  How should I award points on this?

Pete
Review the posts and award as you see fit
sunny should get the answer if that kb was the only fix
Thanks very much.
sndmnsmix and endital @ thanks for the points :)
and it put my behind too
that's why thanks are due to you :))

Today is the big day ?