• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 840
  • Last Modified:

Unable to receive e-mails in Exchange 2010

Hi!!

I have a fresh installed SBS2011 machine. I'm trying to get all mailflow to work. I am able to send mail internally and from inside the company to the internet.

Receiving e-mail is not working. I try from my hotmail account, and after about 12 hours I get a delay message. Below is what I tried so far to get it to work.

- I forwarded port 25 on my firewall to the only NIC in the SBS2011.

- I have 2 receive connectors. The first one is the default connector. The pics show the config.

Default1default2default3
I created the second receive connector myself. Chose internet and configured it as follows,

custom1custom2custom3
I hope someone can give me some advice to get email to work!
0
SvenIA
Asked:
SvenIA
  • 9
  • 8
1 Solution
 
Felix LevenSenior System and DatabaseadministratorCommented:
If you send an Email from your hotmail Account, the sending hotmail Mailserver looks for a MX Dns entry on public dns servers to find you Email server.

Test MX:
http://www.mxtoolbox.com/Public/Tools/MxLookup.aspx
0
 
SvenIAAuthor Commented:
Thanks for the reply!

A little more explination of the situation here....

I recently migrated from a SBS2003 to this SBS2011. I always had two domains,

1. ingburoarnhem.com
2. iagroep.com

These are both added to the accepted domains now in Exchange 2010.

When I run the MX Tool you mentioned I get the ouput below,

MX check iagroep.com
So it points to mail.ingburoarnhem.com. When I click DNS lookup, i get the following output,

DNS lookup iagroep.com
It worked with these settings before in the old domain. So I don't know what to configure now....
0
 
Alan HardistyCo-OwnerCommented:
How many Receive connectors do you have?  After a successful migration, you should have 3:

Default Servername
Windows SBS Fax Sharepoint Receive Servername
Windows SBS Internet Receive Servername

The connector that should be setup to receive (by default) is the last one.  Do you not have these?

What is your servername and internal IP Range?
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
SvenIAAuthor Commented:
I got 3 receive connectors. The second one in the pic I created myself.

My servername is IASRV05.IAG.LOCAL. The internal IP Range is 10.0.0.1 - 10.0.0.255.

receive connectors
0
 
Alan HardistyCo-OwnerCommented:
Thanks - also what is your internal SBS 2011 server IP Address?
0
 
Alan HardistyCo-OwnerCommented:
Please remove your manually created Receive Connector and run the following in the Exchange Management Shell:

New-receiveconnector –Name ‘Windows SBS Internet Receive IASRV05' –Usage ‘Custom’ –AuthMechanism ‘TLS’ –Bindings ‘0.0.0.0:25’ –fqdn ‘mail.yourdomain.com’ –RemoteIPRanges ‘0.0.0.0-9.255.255.255,10.0.0.1-10.0.0.1,10.0.1.0-255.255.255.255’ –PermissionGroups ‘AnonymousUsers’ -MaxMessageSize '20mb' –Server ‘IASRV05’

Change the mail.yourdomain.com part to reflect your external FQDN
Also - if your router IP Address isn't 10.0.0.1, change the 10.0.0.1-10.0.0.1 to your router's IP Address.
0
 
SvenIAAuthor Commented:
The internal address of the SBS2011 is 10.0.0.11. The Firewall ip address is 10.0.0.1.

When I type the exact command you gave me, I get this....

exch2010
0
 
Alan HardistyCo-OwnerCommented:
Whoops - it doesn't like the ' ' marks for the IPs.  Sorry.

Try this instead:

New-receiveconnector –Name ‘Windows SBS Internet Receive IASRV05' –Usage ‘Custom’ –AuthMechanism ‘TLS’ –Bindings ‘10.0.0.11:25’ –fqdn ‘mail.yourdomain.com’ –RemoteIPRanges 0.0.0.0-9.255.255.255,10.0.0.1-10.0.0.1,10.0.1.0-255.255.255.255 –PermissionGroups ‘AnonymousUsers’ -MaxMessageSize '20mb' –Server ‘IASRV05’

Don't forget to change the mail.yourdomain.com part.
0
 
SvenIAAuthor Commented:
Ok this worked, but still no e-mail comming in.

Should I use mail.iagroep.com, or mail.ingburoarnhem.com?

How should I configure DNS? At the moment there is an MX record in the iag.local zone. Should I configure mail.iagroep.com A-record?

Are you sure that these are the right IP ranges??

IP Ranges
0
 
Alan HardistyCo-OwnerCommented:
You seem to have Anti-Spam software installed.  Is that correct?

The Receive Connector settings are correct - the mail.domain.com name isn't desperately relevant as it is your receive connector, so either will be fine.

Running a domain report on your domain shows the following:

ERROR: mail.ingburoarnhem.com HELO response: 421 4.4.1 Connection timed out .

mail.ingburoarnhem.com: The mailserver terminated the connection before the transaction was complete (state 3). This is not RFC compliant, and therefore either due to an error, or it may be the result of a non-RFC-compliant mailserver or non-RFC-compliant anti-spam program.

SBS install it's own Anti-Spam software - so that may be active.

Can you run the 'Fix my network' Wizard from the SBS Console> Network> Connectivity Tab please.

Have you also run the Connect to the Internet Wizard?  If not - please do and if you have - please run it again.
0
 
SvenIAAuthor Commented:
There were some anti-spam features enabled. I disabled them all.

When I run the 'Fix my network Wizard', it shows some errors....

1. Could not configure the router. Then it tells me to open some ports, wich are allready open.

2. Self-issued certificate is invalid. The self-issued certificate is invalid or unavaillable.

3. Exchange SMTP connectors are invalid. Exchange is not configured to communicate over your local network.

Then after the wizard tries to fix the problems it shows as the pic below. It changes the FQDN of the receive connector we created before to remote.iagroep.com.

Fix problems
The 'connect to the internet wizard' detects the existing network. When it finishes, I get an error as shown below,

mail error
0
 
Alan HardistyCo-OwnerCommented:
The Router error can be ignored as it always fails unless you have uPnP enabled.

The rest seems to have been fixed.

Can you re-run the Connect to the Internet Wizard please.
0
 
SvenIAAuthor Commented:
Same error again.

error
Can I find somewhere what the cause of this error is? In the logfiles or something?
0
 
SvenIAAuthor Commented:
I see now that the Default Receive Connector is gone. Can I just recreate it?
0
 
Alan HardistyCo-OwnerCommented:
Please check your Group Memberships as per the following MS article:

http://support.microsoft.com/kb/2501155

If you change any group memberships, please re-run the wizard.
0
 
SvenIAAuthor Commented:
I got it to work!!

Somehow the default receive connector was shown in the list, but when i clicked i got the message that it was not there.

I recreated it, after that the wizards ran succesfully and all my 100.000 test email came right into my internal mailbox.

Thank you so much for all the help! To bad I can only give you 500 points
0
 
Alan HardistyCo-OwnerCommented:
Great news - glad I was able to help you sort it out.  Hope it behaves happily for you from now on and thanks for the points.

Alan
0
 
Alan HardistyCo-OwnerCommented:
If you send mail out the same IP address as you receive, you will need to configure Reverse DNS on your IP address by calling your ISP and asking them to set it up for you.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

  • 9
  • 8
Tackle projects and never again get stuck behind a technical roadblock.
Join Now