Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Exchange 07 451 4.4.0 Primary Target IP address responded 421 4.2.1 unable to connect.

Posted on 2010-11-23
15
Medium Priority
?
1,807 Views
Last Modified: 2012-05-10
SBS 08 Server routes all outbound mail via smarthost to Postini.  Mail delivery stopped today. The Exchange queue has the error 451 4.4.0 Primary Target IP address responded 421 4.2.1 unable to connect.  Confirmed with Postini that there are no issues and other clients using same setup are working fine.

I cannot telnet to port 25 at all from the server to any mail host. Firewall rules allow all outbound and nothing was changed prior to this happening. Rebooted router, firewall and server. If I remove the smarthost, delivery via DNS to recipient servers also fails (due to no outbound on port 25).  Web browsing works fine from server. DNS resolvers all work fine.  Inbound mail is working fine.  I am stumped.  
0
Comment
Question by:kjkamin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
  • 3
  • +2
15 Comments
 
LVL 17

Expert Comment

by:Viral Rathod
ID: 34201812
Since you are unable to telent to port 25 ,Have you checked this with ISP ,ISP might have blocked the port 25 ?
0
 
LVL 17

Expert Comment

by:Viral Rathod
ID: 34201818
To check if port 25 is open

Go here
http://www.canyouseeme.org/

Check the status of Port 25 .
0
 

Author Comment

by:kjkamin
ID: 34201840
ISP is Time Warner.  Called them and they verified that their modem is functioning properly and NOT blocking any traffic.

Result:

Success: I can see your service on 69.193.x.x on port (25)
Your ISP is not blocking port 25
0
Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

 
LVL 17

Expert Comment

by:Viral Rathod
ID: 34201885
Hmm ....You have also checked the firewall and the firewall is also not blocking the port.

When you telnet from outside 25 Port is not listing ?

Can you the following steps

--Restart the Exchnage Transport Service & Disabled the Antivirus software and then check if you are able to telent to 25 port

Letus know the results.
0
 

Author Comment

by:kjkamin
ID: 34202018
I've already tried both suggestions. Does not resolve.  Tomorrow we try a new firewall to see if that is the problem.
0
 
LVL 15

Expert Comment

by:getzjd
ID: 34202220
You can telnet from other machines on the same network outbound to the rest of the world?
0
 
LVL 15

Expert Comment

by:getzjd
ID: 34202221
On port 25 that is...
0
 

Author Comment

by:kjkamin
ID: 34202264
Thanks. I did not try that.  I am unable to telnet to WAN on port 25 from another computer on the LAN. That narrows it down to either the firewall or the ISP.
0
 
LVL 15

Expert Comment

by:getzjd
ID: 34202296
If you can get away with killing the internet connection for a few minutes.  Assign your WAN static IP to a laptop, plug it in , confirm internet connectivity  and try the telnet to another mail server again.  This will eliminate the Firewall possibility.   Not sure if I caught what type of firewall you have.  

p.s. with the time warner cable modem, you may have to cycle the power on it after unplugging it from the firewall and  before plugging it in to the laptop.  
0
 

Expert Comment

by:EmeritusAdmin
ID: 34203049
Having the exact same issue here, but we have a cisco 2800 router going into a ASA 5520 (100MB Time Warner Circuit).  Outbound SMTP fails anywhere it seems, but from my home PC I can get there OK (Comcast).  Was hoping you had the answer :)  I'll be calling them now to see whats up!
0
 

Expert Comment

by:EmeritusAdmin
ID: 34203302
My problem ended up being our front end exchange server (has multiple IPs on it so it can have multiple SSL certs) decided to start sending mail out a different IP today, not quite sure why.  This made our ASA start blocking it.  I did talk to TW (not sure if the same TW that does cable) and he mentioned they are in a no-change window right now, so nothing has been modified this week in there production, and they have no filtering going on.

Probably not your problem sadly, but good luck in your search!
0
 

Accepted Solution

by:
kjkamin earned 0 total points
ID: 34303900
This ended up being the Sonicwall.  We had to completely blow out the config and redo it to resolve the problem.  Very odd.  Some sort of corruption.
0
 
LVL 15

Expert Comment

by:getzjd
ID: 34303958
That's why I suggested to hook a machine directly up to the ISP bypassing the firewall :-)     We have 7 Sonicwalls at varioius sites and thankfully have not had any corruption like this on them.  This is good to know though going forward.

Glad you got it going!
0
 
LVL 33

Expert Comment

by:digitap
ID: 34470591
This question has been classified as abandoned and is being closed as part of the Cleanup Program.  See my comment at the end of the question for more details.
0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will help to fix the below error for MS Exchange server 2010 I. Out Of office not working II. Certificate error "name on the security certificate is invalid or does not match the name of the site" III. Make Internal URLs and External…
A couple of months ago we ran into an issue that necessitated re-creating our Edge Subscriptions. However, when we attempted to execute the command: New-EdgeSubscription -filename C:\NewEdgeSub_01.xml we received an error indicating that the LDAP se…
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
how to add IIS SMTP to handle application/Scanner relays into office 365.
Suggested Courses

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question