Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Exchange 2003/ISA server

Posted on 2011-02-28
16
Medium Priority
?
216 Views
Last Modified: 2012-06-27
We've just updated our network settings and everything is working ok apart from now we can't send or receive emails.

RDP is working and telnet on port 25 is getting a response from the server.

The network change was the IPs on the external network connection of the server as we've moved ISP. We updated the forwarders in DNS and have also updated the SMTP relay allow list within Exchange.

When trying to send email we receive an Undeliverable message from the exchange server saying Recipient address rejected: Relay access denied. Test emails sent in never arrive.

Incoming email is passed through an external SPAM service and the delivery IP was updated on the control panel and the test from there says that it's working ok.

Any help greatly appreciated as we can't seem to track down the issue but believe it either to be something missed in Exchange or something we've overlooked in ISA server.

Thanks.
0
Comment
Question by:Plaice
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 8
  • 7
16 Comments
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35001260
With receiving have you updated the A record that your MX record points to?

Goto http://www.mxtoolbox.com and check to see where it thinks mail should be going.  It can take a few hours and up to 48 hours for the records to update.
0
 

Author Comment

by:Plaice
ID: 35001278
MX record points to the external SPAM service so that remains the same. Delivery IP from that service has been changed to the new external IP.
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35001377
and there are no restrictions on the router/firewall for the IP address? Relay restrictions on the Default SMTP Virtual Server in Exchange?
0
Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

 

Author Comment

by:Plaice
ID: 35001406
No restrictions on the hardware firewall that is handling the external connection. Can see no restrictions within ISA server.

No relay restrictions within SMTP Virtual Server at all.
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35001427
Have you updated the IP addresses in ISA?
0
 

Author Comment

by:Plaice
ID: 35001443
As far as we could see there were no IP addresses to update within ISA server. The internal network remain the same and the external has no IP defined.
0
 
LVL 74

Accepted Solution

by:
Glen Knight earned 2000 total points
ID: 35001464
OK, so from inside your network goto http://whatsmyip.org

Get your external IP address, from outside of your network can you telnet to that IP address on port 25?

What happens?
0
 
LVL 23

Expert Comment

by:Suliman Abu Kharroub
ID: 35001479
Are you publish SMTP service throw ISA ?
0
 

Author Comment

by:Plaice
ID: 35001499
Get back the message:

220 <domain> Microsoft ESMTP MAIL Service, Version: 6.0.3790.4675 ready at current date and time.
0
 
LVL 74

Assisted Solution

by:Glen Knight
Glen Knight earned 2000 total points
ID: 35001530
Can you do a telnet test and send yourself an email: http://support.microsoft.com/kb/153119

If that works then they have got the wrong IP on the SPAM service or it hasn't updated yet.
0
 

Author Comment

by:Plaice
ID: 35001633
Well got all the right responses from following through the MS document and the email was received.
0
 

Author Comment

by:Plaice
ID: 35001707
But the relay error we're getting when trying to send is being generated by our Exchange server.
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35001729
you have just proven that your Exchange Server is not at fault.

0
 

Author Comment

by:Plaice
ID: 35001827
So could it be ISA server?

Aplogies for not responding earlier Sulimanw:

No we don't publish there is just an access rule on ISA.
0
 
LVL 74

Assisted Solution

by:Glen Knight
Glen Knight earned 2000 total points
ID: 35001841
If you have an access rule then ISA is out of the equation, it will just be sending port 25 to your exchange server.
Again, you hae proven that there is nothing wrong with your config.

0
 

Author Closing Comment

by:Plaice
ID: 35026211
Great help with the analysis of issue by Demazter.
0

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
This article will help to fix the below error for MS Exchange server 2010 I. Out Of office not working II. Certificate error "name on the security certificate is invalid or does not match the name of the site" III. Make Internal URLs and External…
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Suggested Courses

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question