Solved

Exchange 2010 is unable to receive emails but is able to send them.

Posted on 2010-11-11
14
2,067 Views
Last Modified: 2012-05-10
I'm having issues with our exchange 2010 server not being able to receive emails. Sending emails works without any issues. Here is the breakdown.

-A fresh install of Exchange 2010 running on server 2008 R2 on a stand alone box.
-We do not run Edge in our environment
-Domain is a fresh build, standalone, does not have any trusts configured.
-Event logs for DC's and Exchange server is clean. No warnings or errors whatsoever.
-DNS is resolving everything without any issues
-BPA comes back clean
-Transport Connectors are configured correctly (as far as I know).
-All external mail comes through our fortimail, and is being handed off to the exchange server via port 25.
-I've verified that our spamfilter (IE fortimail) is getting the emails, allowing them and is forwarding them to the exchange server.
-Sending emails internally and externally all work without a problem. It's only when receiving from outside of the organization.

- I get the following error kicked back to me:
----- Transcript of session follows -----
<xyz@company.com>... Deferred: Connection timed out with company.com.
Warning: message still undelivered after 4 hours
Will keep trying until message is 5 days old

Final-Recipient: RFC822; xyz@company.com
Action: delayed
Status: 4.4.1
Remote-MTA: DNS; company.com

Let me know if you need any more information.
0
Comment
Question by:asuring
  • 7
  • 4
  • 2
  • +1
14 Comments
 
LVL 17

Expert Comment

by:James Haywood
ID: 34115551
Have you set up and configured a receive connector?
0
 
LVL 6

Expert Comment

by:linraf
ID: 34115977
Have you checked your port forwarding in your router?
Is fortimail sending on port 25 , or an alternate port?
have you tried a manual telnet to the server from inside and outside the network? If so, does it answer?
from a command line,
telnet "ipaddress" 25

0
 
LVL 17

Expert Comment

by:James Haywood
ID: 34119186
Also do you have a firewall on the server and if so is port 25 open?
0
 
LVL 5

Expert Comment

by:sabk
ID: 34119222
are you certain it's your exchange server that's the problem, and not the outside service provider that does the scanning
0
 

Author Comment

by:asuring
ID: 34121005
It's definitely not the firewall, Telneting to port 25 on the server works, and the receive connector is configured correctly (as far as I can tell). Port forwarding is working fine as well. I can trace the email to the internal IP of the exchange server. The issue is with the exchange server and not the ISP, Firewall, spamfilter or internal routing.

0
 
LVL 6

Expert Comment

by:linraf
ID: 34123811
Do you have your dns setup correctly?
When you do a manual telnet on port 25 from outside are you using the name or ip address.
4.4.1 says that the server is not responding, so this would point to either getting to the wrong address, or the server is not answering. Since you say telnet answers from outside, look at dns settings.
0
 

Author Comment

by:asuring
ID: 34139087
Yes DNS is configured correctly, internally and externally. Our spamfilter and exchange server respond when  telneting to port 25.  Like I mentioned before, I can trace emails coming in to our spamfilter, being accepted and then being forwarded to the internal IP of the exchange server. Whatever the issue is, it seems to point to the exchange server. I'm starting to believe that it's some configuration issue with the receive connector but from what I've read it should be configured correctly.
0
Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

 
LVL 6

Expert Comment

by:linraf
ID: 34139335
What settings do you have for the recieve connector?
0
 
LVL 6

Expert Comment

by:linraf
ID: 34139373
Is fortimail inside or outside of your network?
0
 
LVL 6

Expert Comment

by:linraf
ID: 34139458
Specifically the receive connector should have:
the server's ip address and port for receiving mail on the network tab
the fortimail's ip address for receive from (internal address if internal to the network)
permissions tab should have anonymous

This is assuiming that the fortimail is not authenticating to the the exchange server.

Make sure fortimail is sending to an ip address and not having to resolve names.
0
 

Author Comment

by:asuring
ID: 34146625
Fortimail is inside our network. It's sitting on a different subnet than the exchange server but all routing and firewall configs are fine.

Internal ip of the Fortimail is sending to the internal ip address and not a dns name of the exchange server.

I ran through the receive connector and verified everything. It all matches up to what you suggested. Fortimail isn't authenticating and permission's tab on the receive connector is set to anonymous. I can see SMTP packets getting to the exchange server from fortimail as well.
0
 
LVL 6

Accepted Solution

by:
linraf earned 500 total points
ID: 34147029
So when you complete a manual telnet to send an email from the fortimail subnet, does the email deliver, or do you still get the same errors?

0
 
LVL 6

Expert Comment

by:linraf
ID: 34147324
If a manual telnet is able to send the email from your fortimail's subnet, perhaps autotuning is causing an issue. I have only seen it cause an issue on outgoing connections from server2008, but it is worth a try.

Disable TCP auto-tuning in Windows Server 2008 ¨C Auto-tuning is a feature that was introduced with Windows Vista and Windows Server 2008 in order to optimize TCP throughput. The problem is that some network devices do not support these features (most Cisco Firewall devices, Sonicwall Firewall, Check Point Firewall, some NG R55 routers, some Netgear routers), which can make things slower. To disable auto-tuning, run the following command from command line:

netsh interface tcp set global autotuninglevel=disabled
0
 

Author Comment

by:asuring
ID: 34150550
Hi Linaf-

Success finally. After taking the results of the manual SMTP test to the security group they rechecked the firewall rules and discovered that an ip was misconfigured. I appreciate your help and will assign points appropriately.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Local Continuous Replication is a cost effective and quick way of backing up Exchange server data. The following article describes the steps required to configure Local Continuous Replication. Also, the article tells you how to restore from a backup…
Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now