Solved

Exchange 2003/ISA server

Posted on 2011-02-28
16
214 Views
Last Modified: 2012-06-27
We've just updated our network settings and everything is working ok apart from now we can't send or receive emails.

RDP is working and telnet on port 25 is getting a response from the server.

The network change was the IPs on the external network connection of the server as we've moved ISP. We updated the forwarders in DNS and have also updated the SMTP relay allow list within Exchange.

When trying to send email we receive an Undeliverable message from the exchange server saying Recipient address rejected: Relay access denied. Test emails sent in never arrive.

Incoming email is passed through an external SPAM service and the delivery IP was updated on the control panel and the test from there says that it's working ok.

Any help greatly appreciated as we can't seem to track down the issue but believe it either to be something missed in Exchange or something we've overlooked in ISA server.

Thanks.
0
Comment
Question by:Plaice
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 8
  • 7
16 Comments
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35001260
With receiving have you updated the A record that your MX record points to?

Goto http://www.mxtoolbox.com and check to see where it thinks mail should be going.  It can take a few hours and up to 48 hours for the records to update.
0
 

Author Comment

by:Plaice
ID: 35001278
MX record points to the external SPAM service so that remains the same. Delivery IP from that service has been changed to the new external IP.
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35001377
and there are no restrictions on the router/firewall for the IP address? Relay restrictions on the Default SMTP Virtual Server in Exchange?
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 

Author Comment

by:Plaice
ID: 35001406
No restrictions on the hardware firewall that is handling the external connection. Can see no restrictions within ISA server.

No relay restrictions within SMTP Virtual Server at all.
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35001427
Have you updated the IP addresses in ISA?
0
 

Author Comment

by:Plaice
ID: 35001443
As far as we could see there were no IP addresses to update within ISA server. The internal network remain the same and the external has no IP defined.
0
 
LVL 74

Accepted Solution

by:
Glen Knight earned 500 total points
ID: 35001464
OK, so from inside your network goto http://whatsmyip.org

Get your external IP address, from outside of your network can you telnet to that IP address on port 25?

What happens?
0
 
LVL 23

Expert Comment

by:Suliman Abu Kharroub
ID: 35001479
Are you publish SMTP service throw ISA ?
0
 

Author Comment

by:Plaice
ID: 35001499
Get back the message:

220 <domain> Microsoft ESMTP MAIL Service, Version: 6.0.3790.4675 ready at current date and time.
0
 
LVL 74

Assisted Solution

by:Glen Knight
Glen Knight earned 500 total points
ID: 35001530
Can you do a telnet test and send yourself an email: http://support.microsoft.com/kb/153119

If that works then they have got the wrong IP on the SPAM service or it hasn't updated yet.
0
 

Author Comment

by:Plaice
ID: 35001633
Well got all the right responses from following through the MS document and the email was received.
0
 

Author Comment

by:Plaice
ID: 35001707
But the relay error we're getting when trying to send is being generated by our Exchange server.
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35001729
you have just proven that your Exchange Server is not at fault.

0
 

Author Comment

by:Plaice
ID: 35001827
So could it be ISA server?

Aplogies for not responding earlier Sulimanw:

No we don't publish there is just an access rule on ISA.
0
 
LVL 74

Assisted Solution

by:Glen Knight
Glen Knight earned 500 total points
ID: 35001841
If you have an access rule then ISA is out of the equation, it will just be sending port 25 to your exchange server.
Again, you hae proven that there is nothing wrong with your config.

0
 

Author Closing Comment

by:Plaice
ID: 35026211
Great help with the analysis of issue by Demazter.
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Read this checklist to learn more about the 15 things you should never include in an email signature.
After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
This video discusses moving either the default database or any database to a new volume.
Suggested Courses

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question