?
Solved

Unable to receive e-mails in Exchange 2010

Posted on 2012-04-07
18
Medium Priority
?
829 Views
Last Modified: 2012-04-07
Hi!!

I have a fresh installed SBS2011 machine. I'm trying to get all mailflow to work. I am able to send mail internally and from inside the company to the internet.

Receiving e-mail is not working. I try from my hotmail account, and after about 12 hours I get a delay message. Below is what I tried so far to get it to work.

- I forwarded port 25 on my firewall to the only NIC in the SBS2011.

- I have 2 receive connectors. The first one is the default connector. The pics show the config.

Default1default2default3
I created the second receive connector myself. Chose internet and configured it as follows,

custom1custom2custom3
I hope someone can give me some advice to get email to work!
0
Comment
Question by:SvenIA
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 9
  • 8
18 Comments
 
LVL 13

Expert Comment

by:Felix Leven
ID: 37818534
If you send an Email from your hotmail Account, the sending hotmail Mailserver looks for a MX Dns entry on public dns servers to find you Email server.

Test MX:
http://www.mxtoolbox.com/Public/Tools/MxLookup.aspx
0
 
LVL 7

Author Comment

by:SvenIA
ID: 37818556
Thanks for the reply!

A little more explination of the situation here....

I recently migrated from a SBS2003 to this SBS2011. I always had two domains,

1. ingburoarnhem.com
2. iagroep.com

These are both added to the accepted domains now in Exchange 2010.

When I run the MX Tool you mentioned I get the ouput below,

MX check iagroep.com
So it points to mail.ingburoarnhem.com. When I click DNS lookup, i get the following output,

DNS lookup iagroep.com
It worked with these settings before in the old domain. So I don't know what to configure now....
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 37818584
How many Receive connectors do you have?  After a successful migration, you should have 3:

Default Servername
Windows SBS Fax Sharepoint Receive Servername
Windows SBS Internet Receive Servername

The connector that should be setup to receive (by default) is the last one.  Do you not have these?

What is your servername and internal IP Range?
0
Get your Disaster Recovery as a Service basics

Disaster Recovery as a Service is one go-to solution that revolutionizes DR planning. Implementing DRaaS could be an efficient process, easily accessible to non-DR experts. Learn about monitoring, testing, executing failovers and failbacks to ensure a "healthy" DR environment.

 
LVL 7

Author Comment

by:SvenIA
ID: 37818596
I got 3 receive connectors. The second one in the pic I created myself.

My servername is IASRV05.IAG.LOCAL. The internal IP Range is 10.0.0.1 - 10.0.0.255.

receive connectors
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 37818598
Thanks - also what is your internal SBS 2011 server IP Address?
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 37818762
Please remove your manually created Receive Connector and run the following in the Exchange Management Shell:

New-receiveconnector –Name ‘Windows SBS Internet Receive IASRV05' –Usage ‘Custom’ –AuthMechanism ‘TLS’ –Bindings ‘0.0.0.0:25’ –fqdn ‘mail.yourdomain.com’ –RemoteIPRanges ‘0.0.0.0-9.255.255.255,10.0.0.1-10.0.0.1,10.0.1.0-255.255.255.255’ –PermissionGroups ‘AnonymousUsers’ -MaxMessageSize '20mb' –Server ‘IASRV05’

Change the mail.yourdomain.com part to reflect your external FQDN
Also - if your router IP Address isn't 10.0.0.1, change the 10.0.0.1-10.0.0.1 to your router's IP Address.
0
 
LVL 7

Author Comment

by:SvenIA
ID: 37818780
The internal address of the SBS2011 is 10.0.0.11. The Firewall ip address is 10.0.0.1.

When I type the exact command you gave me, I get this....

exch2010
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 37818844
Whoops - it doesn't like the ' ' marks for the IPs.  Sorry.

Try this instead:

New-receiveconnector –Name ‘Windows SBS Internet Receive IASRV05' –Usage ‘Custom’ –AuthMechanism ‘TLS’ –Bindings ‘10.0.0.11:25’ –fqdn ‘mail.yourdomain.com’ –RemoteIPRanges 0.0.0.0-9.255.255.255,10.0.0.1-10.0.0.1,10.0.1.0-255.255.255.255 –PermissionGroups ‘AnonymousUsers’ -MaxMessageSize '20mb' –Server ‘IASRV05’

Don't forget to change the mail.yourdomain.com part.
0
 
LVL 7

Author Comment

by:SvenIA
ID: 37818872
Ok this worked, but still no e-mail comming in.

Should I use mail.iagroep.com, or mail.ingburoarnhem.com?

How should I configure DNS? At the moment there is an MX record in the iag.local zone. Should I configure mail.iagroep.com A-record?

Are you sure that these are the right IP ranges??

IP Ranges
0
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 2000 total points
ID: 37818904
You seem to have Anti-Spam software installed.  Is that correct?

The Receive Connector settings are correct - the mail.domain.com name isn't desperately relevant as it is your receive connector, so either will be fine.

Running a domain report on your domain shows the following:

ERROR: mail.ingburoarnhem.com HELO response: 421 4.4.1 Connection timed out .

mail.ingburoarnhem.com: The mailserver terminated the connection before the transaction was complete (state 3). This is not RFC compliant, and therefore either due to an error, or it may be the result of a non-RFC-compliant mailserver or non-RFC-compliant anti-spam program.

SBS install it's own Anti-Spam software - so that may be active.

Can you run the 'Fix my network' Wizard from the SBS Console> Network> Connectivity Tab please.

Have you also run the Connect to the Internet Wizard?  If not - please do and if you have - please run it again.
0
 
LVL 7

Author Comment

by:SvenIA
ID: 37818994
There were some anti-spam features enabled. I disabled them all.

When I run the 'Fix my network Wizard', it shows some errors....

1. Could not configure the router. Then it tells me to open some ports, wich are allready open.

2. Self-issued certificate is invalid. The self-issued certificate is invalid or unavaillable.

3. Exchange SMTP connectors are invalid. Exchange is not configured to communicate over your local network.

Then after the wizard tries to fix the problems it shows as the pic below. It changes the FQDN of the receive connector we created before to remote.iagroep.com.

Fix problems
The 'connect to the internet wizard' detects the existing network. When it finishes, I get an error as shown below,

mail error
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 37819044
The Router error can be ignored as it always fails unless you have uPnP enabled.

The rest seems to have been fixed.

Can you re-run the Connect to the Internet Wizard please.
0
 
LVL 7

Author Comment

by:SvenIA
ID: 37819083
Same error again.

error
Can I find somewhere what the cause of this error is? In the logfiles or something?
0
 
LVL 7

Author Comment

by:SvenIA
ID: 37819107
I see now that the Default Receive Connector is gone. Can I just recreate it?
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 37819143
Please check your Group Memberships as per the following MS article:

http://support.microsoft.com/kb/2501155

If you change any group memberships, please re-run the wizard.
0
 
LVL 7

Author Closing Comment

by:SvenIA
ID: 37819149
I got it to work!!

Somehow the default receive connector was shown in the list, but when i clicked i got the message that it was not there.

I recreated it, after that the wizards ran succesfully and all my 100.000 test email came right into my internal mailbox.

Thank you so much for all the help! To bad I can only give you 500 points
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 37819170
Great news - glad I was able to help you sort it out.  Hope it behaves happily for you from now on and thanks for the points.

Alan
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 37819193
If you send mail out the same IP address as you receive, you will need to configure Reverse DNS on your IP address by calling your ISP and asking them to set it up for you.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Check out this step-by-step guide for using the newly updated Experts Exchange mobile app—released on May 30.
A couple of months ago we ran into an issue that necessitated re-creating our Edge Subscriptions. However, when we attempted to execute the command: New-EdgeSubscription -filename C:\NewEdgeSub_01.xml we received an error indicating that the LDAP se…
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
Suggested Courses

766 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question