Message not reaching inbox

I have an SBS 2011 server running Exchange 2010. We have several copiers that scan to email. In 1 case the copier can use LDAP to find users. For the other two, you can enter the address manually, or select one from the address book. I have 2 users who scan on a copier that uses a manual address book. Their addresses are entered correctly. Both have received scans in the past. One received scans until last week. Now neither's scans reach their inbox.

I started out trying to use Exchange tools to track down what happens to the messages, but couldn't find where the scanned message ever reached the server.

I started using Netmon to track traffic from the copier and filtering by IPv4 (scanner internal IP, server internal IP). I could not find any indication an email from the scanner was sent to the server, even though the vendor swore up and down it was leaving the copier/scanner.

I changed tactics. I emailed scans to users I knew were working. Still nothing when filtering by IPv4 with server & scanner. Thankfully a light bulb went off-filter SMTP traffic. I discovered that traffic from the scanner to the server has our public IP for source and our server internal IP for destination. Progress!

Next tried scan/email to the user that isn't receiving scans. I found the traffic, from th initial EHLO packet thru the SMTP payload, all the way to SMTP: rsp 554 5.1.0 sender denied. Now I'm researching why the message is being rejected.

If I run Get-SenderFilterConfig | Format-List in the Exchange shell, I get the following:

BlockedSenders : {}
BlockedDomains : {}
BlockedDomainsAndSubdomains : {}.

The scanned email should come from postmaster@ourdomain. No rules are set to block any internal address at the local level. Treturn from Get-SenderFilterConfig shows no global block. I can't see a reason why the scan email is getting a 554 error. Can anyone offer suggestions?

Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Neil RussellTechnical Development LeadCommented:
Create a recieve connector on the exchange server that allows anonymous connections JUST for the copiers IP address.

bruce-wilkinsonAuthor Commented:
Neilsr, why? The traffic Netmon sees without any filtering does not include the copier's address. That is why I had so much trouble finding the scans. The copier IP never appears, only the email public IP.

Neil RussellTechnical Development LeadCommented:
Your copier should have the SBS box's internal IP address as the SMTP servers address. If it has not then your doing things in a rather peculiar manner.
IF it has then you need a receive connector that will allow it to connect anonymously.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
bruce-wilkinsonAuthor Commented:
Neilsr, the copier does not have any settings for the email server. The only email related settings are email addresses to send the scans to. I have a note in to the local vendor to ask how the copier sends emails out.

in addition, we have a receive connector for all internal addresses. We have a management app that generates emails to volunteers. For it to work, anyone that sends email notices needs a receive connector on the Exchange server. Rather than put in multiple connectors, we have one receive connector for all internal addresses. Bottom line, the receive connector does not solve the problem.

bruce-wilkinsonAuthor Commented:
Had to talk to the vendor to find out where smtp server settings are specified. The settings cannot be set on the front panel. They can only be set in the web interface.

The integrator that set up the system used the public address for the smtp server. Once the setting was changed to an internal address, scans went through fine. Thanks Neilsr, your help is appreciated.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.