Message routed and queued for remote delivery - internal Exchange server

Exchange Server 2003 Standard (SP2) running on Windows 2003 R2. Sonicwall firewall and a SonicWall email security box. We had a single Exchange Server (OLDSRVR.corp.mydomain.com) which is a DC. There is another DC (FOOSRVR) as well. DNS is configured correctly AFAICT. The network config:  Sonicwall Firewall appliance: 192.168.1.1; SonicWall EmailSecurity box (emailsecurity.corp.mydomain.com) 192.168.1.224. On OLDSRVR (192.168.1.191), the Default SMTP Virtual Server, Properties, Delivery, Advanced, Smarthost points to emailsecurity.corp.mydomain.com. Internal email worked fine. External email worked fine, both directions.

I then added a second Exchange Server (NEWSRVR.corp.mydomain.com - 192.168.1.67) running Exchange Server 2003 SP2. As you can see from its IP address, It is on the same LAN segment as OLDSRVR. It is in the same First Administrative Group, and in the same First Routing Group, where OLDSRVR appears as the Master, and NEWSRVR appears as Member.

I created a TestUser with a mailbox on NEWSRVR. TestUser can send to any mailbox on OLDSRVR, and can send to external Internet recipients. But TestUser can't receive anything. If I send an internal email from a mailbox on OLDSRVR to TestUser, it goes to the NEWSRVR.corp.mydomain.com queue. I have enabled message tracking, and sent a message from OldUser (mailbox on OLDSRVR) to TestUser (mailbox on NEWSRVR). The message history shows:

12:27/2010 9:53 AM SMTP Store Driver: Message Submitted from Store
12:27/2010 9:53 AM SMTP: Message Submitted to Advanced Queuing
12:27/2010 9:53 AM SMTP: Started Message Submission to Advanced Queue
12:27/2010 9:53 AM SMTP: Message Submitted to Categorizer
12:27/2010 9:53 AM SMTP: Message Categorized and Queued for Routing
12:27/2010 9:53 AM SMTP: Message Routed and Queued for Remote Delivery

I also tried a Telnet connection to NEWSRVR, and sent a message from OldUser to NewUser. In the Message History, I got:

12:27/2010 10:00 AM SMTP: Message Submitted to Advanced Queuing
12:27/2010 10:00 AM SMTP: Started Message Submission to Advanced Queue
12:27/2010 10:00 AM SMTP: Message Submitted to Categorizer
12:27/2010 10:00 AM SMTP: Message Categorized and Queued for Routing
12:27/2010 10:00 AM SMTP: Message Routed and Queued for Remote Delivery
12:27/2010 10:07 AM SMTP: Started Outbound Transfer of Message
12:27/2010 10:07 AM Message transferred to emailsecurity.corp.mydomain.com through SMTP
12:27/2010 10:07 AM SMTP: Message Submitted to Advanced Queuing
12:27/2010 10:07 AM SMTP: Started Message Submission to Advanced Queue
12:27/2010 10:07 AM SMTP: Message Submitted to Categorizer
12:27/2010 10:07 AM SMTP: Message Categorized and Queued for Routing
12:27/2010 10:07 AM SMTP: Message Routed and Queued for Remote Delivery
12:27/2010 10:29 AM SMTP: Started Outbound Transfer of Message
12:27/2010 10:29 AM Message transferred to emailsecurity.corp.mydomain.com through SMTP
12:27/2010 10:29 AM SMTP: Message Submitted to Advanced Queuing
12:27/2010 10:39 AM SMTP: Started Message Submission to Advanced Queue
12:27/2010 10:39 AM SMTP: Message Submitted to Categorizer
12:27/2010 10:39 AM SMTP: Message Categorized and Queued for Routing
12:27/2010 10:39 AM SMTP: Message Routed and Queued for Remote Delivery
12:27/2010 10:51 AM SMTP: Started Outbound Transfer of Message
... etc. This pattern repeats about every 10 - 12 minutes.


On the Sonicwall emailsecurity appliance, I can see messages from olduser to newuser. They are shown as "outbound - arrived into gateway from 192.168.1.191" (OLDSRVR), and "delivered - accepted by 192.168.1.191:25).

So -- it looks like the culprit is the Categorizer on OldSrvr. It seems to think that NewSrvr is an external system, and routes messages out the SMTP default virtual server to the smarthost (emailsecurity appliance). The emailsecurity appliance gets the email, sees that it is addressed to newuser@mydomain.com, and promptly sends it back to OldSrver, where it gets routed back out again.

Is my analysis correct? If so, how do I fix the Categorizer?

Also -- when I send an email from MyAccount@live.com to newuser@mydomain.com, the Sonicwall rejects it as a Directory Harvest Attack (DHA). WTF?
LVL 9
lwebberAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

lwebberAuthor Commented:
Figured it out. In a single Exchange Server 2003 environment, you can have a Smart Host on the Default SMTP Virtual Server. But if you add an Exchange 2003 member server, you must remove the SmartHost from the Default SMTP Virtual server on the original Exchange Server -- and don't add it to the new member server. To route email to your SmartHost (SonicWall EmailSecurity appliance in my case, but to any smart host), you create an SMTP connector, following the steps here:

http://support.microsoft.com/kb/265293

As soon as I did that, mail flowed freely in all directions: ES Master to ES Member and back, ES Master to Internet and back, and ES Member to Internet and back.

So -- can we PAQ this one and refund the points please?

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
digitapCommented:
click the Request Attention link in your question above and request to PAQ from a moderator.
lwebberAuthor Commented:
Tx, digitap. Guess that's why you're a Genius and I a mere Guru.  :-)
digitapCommented:
LOL...that's too funny.  there's nothing but humility coming from this end.... >GRIN<!
lwebberAuthor Commented:
Found the answer myself
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.