Avatar of richardp19787
richardp19787
 asked on

Mail flows one way from one 2007 box, but not vice versa

Hi,

I currently have two exchange servers in two sites. The plan is to move all mailboxes from Site A to Site B so we can decomission the server, but this is a project that will take a few months to complete so both servers need to send mail back and forth depending on where users mailboxes are.

Site A is old site, Site B is the new.

Site A has User A in its mailbox DB
Site B has User B in its mailbox DB

User A can send mail to User B, external can send to User B
BUT
User B cannot send to anyone at Site A, but can to others at Site B

The messages sit in the queue and report "4.4.0 Primary target IP address responded with: “454.4.7.0 Temporary authentication failure.”  Attempted failover to alternate host, but that did not succeed.  Either there are no alternate hosts or deliver failed to all alternate hosts. "

In the eventlogs the Transport Service throws Error 2017 "Outbound authentication failed with error TargetUnknown for Send connector Intra-Organization SMTP Send Connector. The authentication mechanism is ExchangeAuth. The target is SMTPSVC/externalFQDN.domain.com"

externalFQDN.domain.com is what users use for connecting to OWA etc so has been changed for security.

What I dont understand is why it appears to want to go the external route, and not through the internal route to server.domain.local at Site A.

Any help that anyone can suggest would be greatly appreciated as this is holding up a project.

CHeers,
RIch.
Exchange

Avatar of undefined
Last Comment
richardp19787

8/22/2022 - Mon
Sudhirchauhan3

In Site A  Please check the permission on default receive connectors on each Hub Servers.

Get-ReceiveConnector -Identity "SERVERNAME\Default SERVERNAME" | fl PermissionGroups

Make sure "Exchange servers" are listed in the permissionGroups.

PermissionGroups : AnonymousUsers, ExchangeUsers, ExchangeServers, ExchangeLegacyServers, Custom
richardp19787

ASKER
Hi,

In site A on the Exchange server permission are Anonymous, Exchange users, Exchange Servers, Exchange Legacy Servers.

Site B is Exchange Users, Exchange Servers, Exchange Legacy Servers.

So both have Exchange servers set in permissions.

Rich.
ASKER CERTIFIED SOLUTION
Sudhirchauhan3

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
richardp19787

ASKER
I had to create a new recieve connector. The link certainly helped guide me in the right direction and now all is well.

Thanks for your help.
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy