asked on

Migrating Exchange 2003 to 2010.

We have installed a new 2008 Server and installed Exchange 2010 to replace Exchange 2003. The AD is 2003. Once the install was complete and we redirected the incoming port 25 on the firewall to the new server, we moved a couple of mailboxes for testing. In that transition state, all incoming email was rejected (550 5.7.1 Unable to relay).

If we changed the incoming firewall rule back to the 2003 server, mailboxes still on 03 could receive incoming, but not the mailboxes on 2010. The 2010 could send email, but not 2003. When a 2003 user tried to send outbound email, we noted on the 03 event logs that the new server was rejecting the email, again unable to relay.

Any ideas?

Glen Knight

sounds like you have not added an Accepted Domain to Exchange 2010?
Under organisation Configuration add an accepted domain.

You will also need to add under Server Configuration > Hub Transport on the Receive Connector that starts with DEFAULT on the permissions tab add a check in annonymous users.

You might also find there is a smarthost configured on the SMTP Virtual Server on the 2003 server, see my article here for details: https://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/A_3044-Exchange-Server-Mail-Flow.html

jim0816

ASKER

Under organization configuration, "Use a default domain controller" is selected. Should the domain and domain controller be specified?

Glen Knight

No, this is not required, it also has nothing to do with the accepted domain.

Have you added an accepted domain?

jim0816

ASKER

yes, the accepted domain has been added

jim0816

ASKER

just another note....if I do the telnet test to the 2010 server, I get the unable to relay response. the mail from and rcpt to addresses are mailboxes are both on the 2010 server.

Glen Knight

From the Exchange Management Shell can you run the following please:

Get-AcceptedDomain

And post the results.

Have you setup an email address policy? Do the users have valid addresses on the email address tab?

jim0816

ASKER

Name DomainName DomainType Default

somedomain.com somedomain.com Authoritative True

there is only the default policy, and it has not been applied

Glen Knight

if nobody has got a valid email address then you will not be able to relay.
Check the users email addresses.

You will also need to create a email address policy

jim0816

ASKER

the users have valid email addresses

Glen Knight

then, technically there is no reason why you shouldn't be allowed to relay.

Did you check the permission on the receive connector I mentioned in my first post?

jim0816

ASKER

yes, it is checked

jim0816

ASKER

I also ran another telnet test, this time i used "server.domain.com" on the rcpt to address, and did not get the "unable to relay" response

JuusoConnecta

jim,

your mx records are the following:

somedomain.com.1.xxxxxx.com	nnn.nnn.nnn.nnn

Looks like you have another "front-end" / "Middle-tier" application between internet against your exchange server ?

If that is the case you should contact the vendor hosting this to configure the application or whatever to accept the mails for your domain,

Or I might have be totally wrong..

jim0816

ASKER

that is a spam filtering service, they just relay email to the public IP of our server

ASKER CERTIFIED SOLUTION

jim0816

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

Glen Knight

This question has been classified as abandoned and is being closed as part of the Cleanup Program. See my comment at the end of the question for more details.