Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17


SBS 2003 server from one client not receiving mail from SBS 2010 or SBS 2008 servers

Posted on 2011-03-25
Medium Priority
Last Modified: 2012-05-11
I have SBS 2003 server than can receive external emails, except when sent from a SBS 2008 or SBS 2010 server. If I try a smtpdiag from the 2008/2010 servers, it shows as succesful. No information on any of the logs. The 2010/2008 Queue will just show the connection as active. Nothing on the incoming logs on the 2003 server.
I called Microsoft and they said that it was a dns issue with the ISP, but I have other SBS 2003 servers with the same ISP and they have no problems receiving mail from 2010/2008 servers.
Question by:v-net
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
LVL 59

Expert Comment

by:Cliff Galiher
ID: 35218451
I have seen this when a hardware firewall has been set up with SMTP filtering (not just port forwarding) or where an A/V product has been installed on the server that does SMTP filtering.

The details of the problem is that during the initial SMTP connection, the servers exchange "verbs" that they support. Older SMTP filters will allow a server to *claim* it supports a set of verbs (since the command that lists the supported verbs isn't filtered) but when a server then tries to use one of the listed verbs as a command, the filter kicks in and throws an error or, worse, doesn't respond at all. Then the sending server assumes there is an issue and disconnects to retry again later.

Exchange, in particular, supports a very robust set of commands to streamline bandwidth, allow a great deal of metadata to be transferred, so when two exchange servers are talking to each other, and one *claims* to support a full rich set of commands and then an SMTP filter prevents those commands from actually being used, the other Exchange server realizes there is an issue.

the fault here is not SBS, or even Exchange, but with poorly written SMTP filters that do not filter the list of commands supported but block those same commands later in their actual use.

If you have a hardware firewall that does SMTP filtering, try turning off that filter temporarily (Watchguard is particularly notorious for this issue).

If you have an A/V product that does software SMTP filtering, same thing, try turning it off (some versions of Trend, most versions of McAfee, and a few others have caused this issue as well.)

Once you establish the cause, you can see if the vendor offers updates to fix the issue. Most do, but you have to look for them (and perhaps renew a service agreement...)


Author Comment

ID: 35218616
Thanks Sage,

Forgot to mention we did have a Watchguard firewall in place, we removed it and placed a simple router with no filtering for testing and still nothing.  The firwall doesn't show us any attempt of a connection to the server via port 25 when we are sending to it from Exchange 2007/2010.  If we do a telnet to the Exchange 2003 box it does shows the connection.

Regarding Antivirus, we have Symantec Mail Security, it is disabled no services running and still emails do not go through.

Also Microsoft, had us create SmartHosts, with the smarthosts we have no issues e-mailing to the Exchange 2003 box.
LVL 59

Expert Comment

by:Cliff Galiher
ID: 35218687
Makes sense. A smarthost would take the advanced Exchange stuff out of the equation. This actually reinforces that this sounds like a filtering issue to me. If not on the 2003 side, perhaps on the 2007/2010 side (since connections aren't even being opened, but do get opened with a telnet...)

Has your ISP started doing filtering recently? Or are you on an account that perhaps limits port 25 to particular subnets. It is *very* strange that you aren't even seeing incoming connections, which means the 2003 server is likely not the culprit, but is the sending servers having issues even establishing a connection through your ISP.

Additional thoughts are your incoming mail setup. Are you using 3rd-party filtering such as Reflexions or Postini. Are your MX records pointing directly to your 2003 server?

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!


Author Comment

ID: 35236165
Just got off the phone with AT&T (ISP for the server having problems receiving mail) to verify that their account is a business account and there is no filtering on port 25 traffic. MX records point directly to the external IP of the network and we use NAT on the router to send mail the server.
I'm going to try calling Symantec now as we use Mail Security to scan messages for viruses. The Premium antispam feature is disabled and should not be the cause of the problem, but I'm running out of options here.
I'll also try calling the IT department from one of the senders and see if they see something strange on their side.

Accepted Solution

v-net earned 0 total points
ID: 36059770
The problem was with the domain hosting company. Had to delete and then recreate the MX records and then everything started working again.
1st time I see something like this.

Author Closing Comment

ID: 36119989
Expert comments are useful.

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will help to fix the below errors for MS Exchange Server 2013 I. Certificate error "name on the security certificate is invalid or does not match the name of the site" II. Out of Office not working III. Make Internal URLs and Externa…
Check out this step-by-step guide for using the newly updated Experts Exchange mobile app—released on May 30.
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to:…

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question