meteorman
asked on
cannot add email account to smart phone
I am running a 2003 small business server. I cannot add my exchange account to my smart phone. web mail works. On my droid it keeps telling me username or password is incorrect but it is.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
@victornegri - What has RPC over HTTPS got to do with setting up a mobile phone?
Also, a 3rd party SSL certificate is NOT a requirement to make Activesync work. They work happily with self-issued certificates, if the certificate is correctly named.
Also, a 3rd party SSL certificate is NOT a requirement to make Activesync work. They work happily with self-issued certificates, if the certificate is correctly named.
ASKER
It looks like there is a SSL security from Go daddy that has expired. If I call go daddy to renew it does it automaticlly renew on server? Alanhardisty can you tell me what you mean by relevant virtual directory in ISS.
An SSL expiring won't help - you need to use IIS manager to generate a renewal request, then go to GoDaddy, copy/paste the contents of the renewal request file generated from IIS into the website in the CSR box, request a renewal and once renewed, download the certificate and use IIS to install the certificate.
By relevant, I am referring to the ones listed in my article, just below where it mentions the relevant virtual directory and the image of the virtual directories.
By relevant, I am referring to the ones listed in my article, just below where it mentions the relevant virtual directory and the image of the virtual directories.
ASKER
In that case can I buy the ssl certificate from NO IP who is hosting the domain. Do have any suggestions? This server has been around.
Either way you will need to generate a request, either a renewal one, or you need to remove the existing certificate using IIS then generate a new request, so I would go for the renewal as it should be easier and quicker.
ASKER
Alanhardisty can you please guide me on how to how to generate a request?
Sure - open up IIS Manager, expand the tree so that you can see the Default Website, then right-click the Default Website and choose Properties. Click onto the Directory Security Tab and then on there, click on the Server Certificate Button, click Next, select Renew the Certificate and complete the Wizard. That should write a Certificate Request file somewhere of your choice. Open that file up in Notepad and copy the entire contents and paste that into the GoDaddy site where you will request a renewal for the certificate.
ASKER
Thank you kindly.
ASKER
What do I do once it is renewed?
Once the cert is renewed, download the new cert, copy it to the server, return to IIS and go back to the Default Website Properties> Directory Security Tab> Server Certificate button and install the certificate.
Point the wizard to the new certificate (you may need to change the file type to make it happy), then finish the wizard and job done.
Point the wizard to the new certificate (you may need to change the file type to make it happy), then finish the wizard and job done.
ASKER
I will try. Your articale is very impressive.
Thank you - shout if you get stuck anywhere.
ASKER
when I tried to generate the cert it came back with
The requested common name, nyserver01, is not a fully-qualified common name. You must use a fully-qualified common name.
What should I use?
I took a snap shot of the certificate I deleted. It says issued to mail.dwq-arch.com is that what I should use?
The requested common name, nyserver01, is not a fully-qualified common name. You must use a fully-qualified common name.
What should I use?
I took a snap shot of the certificate I deleted. It says issued to mail.dwq-arch.com is that what I should use?
Yes - the name must resolve externally in DNS back to the IP Address of your server. The nyserver01 is your server name and will only resolve internally, which means your phones will only be able to resolve the name when connected to your WiFi (assuming you have WiFi) inside your company.
Using mail.dwq-arch.com will resolve happily (as long as it is configured to point to the right IP) and will work happily.
Alan
Using mail.dwq-arch.com will resolve happily (as long as it is configured to point to the right IP) and will work happily.
Alan
ASKER
The Cert installed. Does it take time on the internet to see if it had any effect?
No - should work straight away.
Visit https://testexchangeconnectivity.com and run the Activesync test (no Autodiscover anything) and see what results you get.
ASKER
Should I run outside the network?
No - it's fine anywhere. The test checks externally, so it makes no difference.
ASKER
connectivity test failed
Host name domain.com doesn't match any name found on the server certificate CN=mail.domain.com, OU=Domain Control Validated, O=mail.domain.com.
Host name domain.com doesn't match any name found on the server certificate CN=mail.domain.com, OU=Domain Control Validated, O=mail.domain.com.
ASKER
ExRCA successfully obtained the remote SSL certificate.
Additional Detail
Remote Certificate Subject: CN=mail.domain.com, OU=Domain Control Validated, O=mail.domain.com, Issuer: SERIALNUMBER=XXXXXXXX, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US.
Additional Detail
Remote Certificate Subject: CN=mail.domain.com, OU=Domain Control Validated, O=mail.domain.com, Issuer: SERIALNUMBER=XXXXXXXX, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US.
Make sure you specify mail.domain.com not domain.com - you have to use the same FQDN as specified in the certificate name.
ASKER
Client certificate authentication wasn't detected.
Additional Details
Testing HTTP Authentication Methods for URL https://mail.domain.com/Microsoft-Server-ActiveSync/.
The HTTP authentication test failed.
Additional Details
An HTTP 403 forbidden response was received. The response appears to have come from IIS6. Body of the response: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>You are not authorized to view this page</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=Windows-1252">
<STYLE type="text/css">
BODY { font: 8pt/12pt verdana }
H1 { font: 13pt/15pt verdana }
H2 { font: 8pt/12pt verdana }
A:link { color: red }
A:visited { color: maroon }
</STYLE>
</HEAD><BODY><TABLE width=500 border=0 cellspacing=10><TR><TD>
<h1>You are not authorized to view this page</h1>
The Web server you are attempting to reach has a list of IP addresses that are not allowed to access the Web site, and the IP address of your browsing computer is on this list.
<hr>
<p>Please try the following:</p>
<ul>
<li>Contact the Web site administrator if you believe you should be able to view this directory or page.</li>
</ul>
<h2>HTTP Error 403.6 - Forbidden: IP address of the client has been rejected.<br>Internet Information Services (IIS)</h2>
<hr>
<p>Technical Information (for support personnel)</p>
<ul>
<li>Go to <a href="http://go.microsoft.com/fwlink/?linkid=8180">Microsoft Product Support Services</a> and perform a title search for the words <b>HTTP</b> and <b>403</b>.</li>
<li>Open <b>IIS Help</b>, which is accessible in IIS Manager (inetmgr),
and search for topics titled <b>About Security</b>, <b>Limiting Access by IP Address</b>, <b>IP Address Access Restrictions</b>, and <b>About Custom Error Messages</b>.</li>
</ul>
</TD></TR></TABLE></BODY>< /HTML>
Additional Details
Testing HTTP Authentication Methods for URL https://mail.domain.com/Microsoft-Server-ActiveSync/.
The HTTP authentication test failed.
Additional Details
An HTTP 403 forbidden response was received. The response appears to have come from IIS6. Body of the response: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>You are not authorized to view this page</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=Windows-1252">
<STYLE type="text/css">
BODY { font: 8pt/12pt verdana }
H1 { font: 13pt/15pt verdana }
H2 { font: 8pt/12pt verdana }
A:link { color: red }
A:visited { color: maroon }
</STYLE>
</HEAD><BODY><TABLE width=500 border=0 cellspacing=10><TR><TD>
<h1>You are not authorized to view this page</h1>
The Web server you are attempting to reach has a list of IP addresses that are not allowed to access the Web site, and the IP address of your browsing computer is on this list.
<hr>
<p>Please try the following:</p>
<ul>
<li>Contact the Web site administrator if you believe you should be able to view this directory or page.</li>
</ul>
<h2>HTTP Error 403.6 - Forbidden: IP address of the client has been rejected.<br>Internet Information Services (IIS)</h2>
<hr>
<p>Technical Information (for support personnel)</p>
<ul>
<li>Go to <a href="http://go.microsoft.com/fwlink/?linkid=8180">Microsoft Product Support Services</a> and perform a title search for the words <b>HTTP</b> and <b>403</b>.</li>
<li>Open <b>IIS Help</b>, which is accessible in IIS Manager (inetmgr),
and search for topics titled <b>About Security</b>, <b>Limiting Access by IP Address</b>, <b>IP Address Access Restrictions</b>, and <b>About Custom Error Messages</b>.</li>
</ul>
</TD></TR></TABLE></BODY><
Okay - please refer to my article and check the IIS Virtual Directory settings and make sure the IP Address Restrictions are as per my article.
You have currently got access restricted to internal IP's only on either the microsoft-server-activesyn c or Exchange virtual directories.
You have currently got access restricted to internal IP's only on either the microsoft-server-activesyn
ASKER
domain is registered with register.com
hosted by no-ip
ssl from godaddy
do you think this could generate the IP restrictions?
hosted by no-ip
ssl from godaddy
do you think this could generate the IP restrictions?
No - the restrictions are set in the IIS settings on the virtual directories> Directory Security Tab.
It is all explained in my article.
It is all explained in my article.
ASKER
I'm trying to folow your steps but i think I might be making changes to the wrong subfolders
here is a list
exchange
exchange-oma
exchweb
Microsoft server activsync
which one is which?
here is a list
exchange
exchange-oma
exchweb
Microsoft server activsync
which one is which?
Okay - you need to look at the following virtual directories:
Exchange 2003 (Part of Small Business Server):
Exchange Virtual Directory
• Authentication = Integrated & Basic
• Default Domain = NetBIOS domain name - e.g., yourcompany*
• Realm = yourcompany.com
• IP Address Restrictions = Granted Access
• Secure Communications = Require SSL IS ticked (very important)
Microsoft-Server-Activesyn c Virtual Directory
• Authentication = Basic
• Default Domain = NETBIOS domain name - e.g., yourcompany*
• Realm = NETBIOS name
• IP Address Restrictions = Granted Access
• Secure Communications = Require SSL and Require 128-Bit Encryption NOT ticked
Exchange-oma Virtual Directory
• Authentication = Integrated & Basic
• Default Domain = NETBIOS domain name - e.g., yourcompany*
• Realm = NETBIOS name
• IP Address Restrictions = Restricted to IP Address of Server
• Secure Communications = Require SSL and Require 128-Bit Encryption NOT ticked
OMA Virtual Directory
• Authentication = Basic
• Default Domain = NETBIOS domain name - e.g., yourcompany*
• Realm = NETBIOS name
• IP Address Restrictions = Granted Access
• Secure Communications = Require SSL and Require 128-Bit Encryption NOT ticked
Most likely the Microsoft-Server-Activesyn c virtual Directory is the one with the restricted IPs configured.
Exchange 2003 (Part of Small Business Server):
Exchange Virtual Directory
• Authentication = Integrated & Basic
• Default Domain = NetBIOS domain name - e.g., yourcompany*
• Realm = yourcompany.com
• IP Address Restrictions = Granted Access
• Secure Communications = Require SSL IS ticked (very important)
Microsoft-Server-Activesyn
• Authentication = Basic
• Default Domain = NETBIOS domain name - e.g., yourcompany*
• Realm = NETBIOS name
• IP Address Restrictions = Granted Access
• Secure Communications = Require SSL and Require 128-Bit Encryption NOT ticked
Exchange-oma Virtual Directory
• Authentication = Integrated & Basic
• Default Domain = NETBIOS domain name - e.g., yourcompany*
• Realm = NETBIOS name
• IP Address Restrictions = Restricted to IP Address of Server
• Secure Communications = Require SSL and Require 128-Bit Encryption NOT ticked
OMA Virtual Directory
• Authentication = Basic
• Default Domain = NETBIOS domain name - e.g., yourcompany*
• Realm = NETBIOS name
• IP Address Restrictions = Granted Access
• Secure Communications = Require SSL and Require 128-Bit Encryption NOT ticked
Most likely the Microsoft-Server-Activesyn
ASKER
Is virtual directory part of the title
exchange next to a globe means exchange virtual directory next to a globe icon
I noticed in ttaht the website properties have no ip address selected is this a problem?
exchange next to a globe means exchange virtual directory next to a globe icon
I noticed in ttaht the website properties have no ip address selected is this a problem?
The Virtual Directory is a directory under the Default Website and most of them have a Globe showing as per the image in my article below the section showing this:
4. Open up IIS Manager (Start> Programs> Administrative Tools> Internet Information Services (IIS) Manager), expand ‘Web Sites’ then ‘Default Web Site’ then right-click on the relevant Virtual Directory (see below) and choose properties, then click on the Directory Security Tab):
Right-click the Microsoft-Server-Activesyn c Virtual Directory and choose Properties, then click on the Directory Security Tab, then on the middle Edit Button and that is where the IP Restrictions are set.
4. Open up IIS Manager (Start> Programs> Administrative Tools> Internet Information Services (IIS) Manager), expand ‘Web Sites’ then ‘Default Web Site’ then right-click on the relevant Virtual Directory (see below) and choose properties, then click on the Directory Security Tab):
Right-click the Microsoft-Server-Activesyn
ASKER
Netbios name for the realm is the machine name?
Don't worry about that part please - just follow what I am asking you to do and nothing else.
Just focus on the IP Restrictions. Once you have changed that, run iisreset and re-run the test.
Based on the results of the test, we can either celebrate or adjust more settings.
Just focus on the IP Restrictions. Once you have changed that, run iisreset and re-run the test.
Based on the results of the test, we can either celebrate or adjust more settings.
ASKER
An HTTP 401 Unauthorized response was received from the server. This may be the result of invalid credentials or a configuration problem on the Exchange Server.
Okay - as this is SBS, please just run the Connect To The Internet Wizard, change nothing, let the wizard complete and then re-run the test on the test site.
The Wizard is found by clicking Start> Server Management> To Do List> Connect To The Internet
The Wizard is found by clicking Start> Server Management> To Do List> Connect To The Internet
ASKER
An HTTP 401 Unauthorized response was received from the server. This may be the result of invalid credentials or a configuration problem on the Exchange Server.
again
for the domain when I run the test I'm using domain.com\username
again
for the domain when I run the test I'm using domain.com\username
Your domain name won't be domain.com - you need to use your internal NETBIOS domain name which can be obtained from a command prompt by typing SET and pressing enter - look for USERDOMAIN.
It may be domain\username
See what the internal netbios name is and then re-run the test please.
It may be domain\username
See what the internal netbios name is and then re-run the test please.
ASKER
I tried my email address. it gives me that option.
still get An HTTP 401 Unauthorized response was received from the server. This may be the result of invalid credentials or a configuration problem on the Exchange Server.
still get An HTTP 401 Unauthorized response was received from the server. This may be the result of invalid credentials or a configuration problem on the Exchange Server.
Please just use domain\username
ASKER
I keep getting the same error
Okay - what is your USERDOMAIN when you type SET in a command prompt?
ASKER
domain\username
Okay - please check the 4 virtual directories (as per comment http:#a38685866) and make sure you have the IP Restrictions set correctly.
If you change anything, run iisreset from a command prompt and then re-test please.
If you change anything, run iisreset from a command prompt and then re-test please.
ASKER
No luck. I noticed another virtual folder called exchweb.
Okay - please just run through my article, check each and every stage, make sure your IIS settings match my article (don't worry too much about the realm\domain settings) and then test. If you get errors, look for the error in the article and follow the suggestions.
If you are still stuck, then please let me know and I'll see what else I can suggest.
Are you sure you are on Exchange 2003 SP2?
If you are still stuck, then please let me know and I'll see what else I can suggest.
Are you sure you are on Exchange 2003 SP2?
ASKER
Will you be available tomorow
Yes - I'm not usually too far away from Experts-Exchange.
Have to install a new PC for a customer but other than that, I'm fairly clear.
Alan
Have to install a new PC for a customer but other than that, I'm fairly clear.
Alan
ASKER
Now I'm getting
Exchange ActiveSync returned an HTTP 500 response.
Exchange ActiveSync returned an HTTP 500 response.
There can be many reasons for that, but the first way to try and fix is to follow method 2 of KB883380
Try that and then re-test please.
Alan
Try that and then re-test please.
Alan
ASKER
New development. no outgoing mail from withih. I havn't done KB883380 is it related
ASKER
your message did not reach some or all of the intended recipients.
Subject: RE: Your SSL Certificate Has Been Issued
Sent: 12/13/2012 9:27 AM
The following recipient(s) cannot be reached:
Boris Fant on 12/13/2012 9:27 AM
You do not have permission to send to this recipient. For assistance, contact your system administrator.
<domain.com #5.7.1 smtp;530 5.7.1 Authentication required>
Subject: RE: Your SSL Certificate Has Been Issued
Sent: 12/13/2012 9:27 AM
The following recipient(s) cannot be reached:
Boris Fant on 12/13/2012 9:27 AM
You do not have permission to send to this recipient. For assistance, contact your system administrator.
<domain.com #5.7.1 smtp;530 5.7.1 Authentication required>
When you ran the Connect To The Internet Connection Wizard, did you change anything.
Your SMTP Connector may need settings for authentication to be put back if you did change something and you use a Smarthost not DNS to send out emails.
Your SMTP Connector may need settings for authentication to be put back if you did change something and you use a Smarthost not DNS to send out emails.
ASKER
How do I check?
ASKER
I'm re running connect to internet Wizard and when it come to the web server certificate I gues I need to add the new cert at that point?
ASKER
I think when it asked me to configure email and internet connection the default was enable internet e-mail when I should of selected do not change internet e-mail configuration
does this mess me up?
does this mess me up?
ASKER
Connection type: broadband connection using a local router device with an IP address
Router connection information:
Local IP address of the router: 10.10.21.254
Preferred DNS server: 167.206.112.138
Alternate DNS server: 167.206.7.4
The firewall on your computer running Small Business Server could not be configured. You must configure a firewall to secure your local network from the Internet. For more information about configuring firewall settings for your Small Business Server network, see Help and Support.
Web services on your server's default Web site to be available through the firewall to users on the Internet:
Outlook Web Access
Remote Web Workplace
Outlook Mobile Access
Outlook via the Internet
Business Web site (wwwroot)
Do not change current Web server certificate
Email: Enable Exchange for Internet e-mail with the following settings:
E-mail delivery:
Route e-mail to the Internet via the following e-mail server at your ISP: smtp-auth.no-ip.com.
E-mail retrieval:
Use Exchange to retrieve SMTP e-mail.
Email retrieval method:
Route e-mail from the Internet directly to Exchange.
Registered Internet e-mail domain name: domain.com.
Mail delivery schedule: Deliver mail for Exchange mailboxes by using the defined schedule.
E-mail attachments: Remove e-mail attachments from Internet e-mail as specified in the wizard.
For more detailed information about the configurations performed by this wizard, click the link at the bottom of this page to open Icwdetails.htm in C:\Program Files\Microsoft Windows Small Business Server\Networking\Icw.
Note: each time the Configure E-mail and Internet Connection Wizard is run, a new .htm file is automatically generated to preserve the previous settings. For example, Icwdetails1.htm, Icwdetails2.htm, and so on.
Router connection information:
Local IP address of the router: 10.10.21.254
Preferred DNS server: 167.206.112.138
Alternate DNS server: 167.206.7.4
The firewall on your computer running Small Business Server could not be configured. You must configure a firewall to secure your local network from the Internet. For more information about configuring firewall settings for your Small Business Server network, see Help and Support.
Web services on your server's default Web site to be available through the firewall to users on the Internet:
Outlook Web Access
Remote Web Workplace
Outlook Mobile Access
Outlook via the Internet
Business Web site (wwwroot)
Do not change current Web server certificate
Email: Enable Exchange for Internet e-mail with the following settings:
E-mail delivery:
Route e-mail to the Internet via the following e-mail server at your ISP: smtp-auth.no-ip.com.
E-mail retrieval:
Use Exchange to retrieve SMTP e-mail.
Email retrieval method:
Route e-mail from the Internet directly to Exchange.
Registered Internet e-mail domain name: domain.com.
Mail delivery schedule: Deliver mail for Exchange mailboxes by using the defined schedule.
E-mail attachments: Remove e-mail attachments from Internet e-mail as specified in the wizard.
For more detailed information about the configurations performed by this wizard, click the link at the bottom of this page to open Icwdetails.htm in C:\Program Files\Microsoft Windows Small Business Server\Networking\Icw.
Note: each time the Configure E-mail and Internet Connection Wizard is run, a new .htm file is automatically generated to preserve the previous settings. For example, Icwdetails1.htm, Icwdetails2.htm, and so on.
ASKER
It is using a smarthost but I didn't change that
ASKER
alanhardisty can you help me my compony email is down and I don't know what to do next
Sorry - I'm back. Been onsite and home now.
What is down? Inbound and/or outbound email or both?
What is down? Inbound and/or outbound email or both?
ASKER
both. able to log in to webmail but cannot send. Thanks for being there
Okay - Your inbound mail comes via a 3rd party I believe. Does your outbound mail also get sent via the same 3rd party?
You are welcome.
You are welcome.
ASKER
Not sure. How would I find that out?
ASKER
There is a mail reflecter configured on NO-ip
Well - I was hoping that it would be something you would have known.
You are presumably on a Dynamic IP address. Is that correct?
You are presumably on a Dynamic IP address. Is that correct?
ASKER
Static. the smpt connector is set to forward smtp-auth.no-ip.com. Should I change it to use DNS
If you are on a Static IP, then there should not be any problems using DNS to send out emails, but you will need to make sure you have Reverse DNS configured (if not done already you need to get it sorted asap otherwise some will reject your emails).
Is inbound mail working properly?
Is inbound mail working properly?
ASKER
I changed it to DNS and there is a reverse lookup pointed server IP address. Should I reboot?
No need to reboot. It should work straight away. Are your outbound queues reducing?
ASKER
Shows 0 through out.
Sounds good. So is inbound mail working happily?
ASKER
incoming is working but outgoing is still queing up but not sending
Plus I ran remote connectity anilyzer and still getiing
An HTTP 401 Unauthorized response was received from the server. This may be the result of invalid credentials or a configuration problem on the Exchange Server.
Plus I ran remote connectity anilyzer and still getiing
An HTTP 401 Unauthorized response was received from the server. This may be the result of invalid credentials or a configuration problem on the Exchange Server.
Okay - please make sure you don't have any credentials configured on your Default SMTP Virtual Server properties> Delivery Tab> Outbound Security Button> Select Anonymous Access.
Also check your Smallbusiness SMTP Connector Properties> Advanced Tab> Outbound Security Button> Select Anonymous Access.
Then restart your Simple Mail Transfer Protocol Service.
Also check your Smallbusiness SMTP Connector Properties> Advanced Tab> Outbound Security Button> Select Anonymous Access.
Then restart your Simple Mail Transfer Protocol Service.
ASKER
Should enable anonymous user be checked on each of the four virtual directories?
That has nothing to do with inbound or outbound emails.
ASKER
where is that SMTP Virtual Server properties>
this one I found
Smallbusiness SMTP Connector Properties and is set to Anonymous Access
this one I found
Smallbusiness SMTP Connector Properties and is set to Anonymous Access
It is under Exchange System Manager> Servers> Servername> Protocols> SMTP> Default SMTP Virtual Server
ASKER
It is set to Anonymous access
the other setting in that window are checked as well
basic authentication is sent in clear text. Does that matter
the other setting in that window are checked as well
basic authentication is sent in clear text. Does that matter
You can only select one method, so if Basic is selected, then you need to select anonymous and click OK, then restart the SMTP Service.
ASKER
You do that by right clicking on the Default SMTP Virtual Server stopping and then restarting it
You can do or just open up the services (Start> Run [type] services.msc [press enter].
Then restart the Simple Mail Transfer Protocol Service
Then restart the Simple Mail Transfer Protocol Service
ASKER
Oh ya I was looking msexchange services.
the smpt virtual server \ delivery \ outbound security and checked anonymous.in the advanced delivry tab under smart host points to smtp-auth.no-ip.com and preform reverse dns lookup is dissabled
the smpt virtual server \ delivery \ outbound security and checked anonymous.in the advanced delivry tab under smart host points to smtp-auth.no-ip.com and preform reverse dns lookup is dissabled
Okay - if you want to use DNS, remove the SmartHost then restart the service.
ASKER
An HTTP 401 Unauthorized response was received from the server. This may be the result of invalid credentials or a configuration problem on the Exchange Server.
still getting this fffffffffffff
still getting this fffffffffffff
Okay - but is your mail leaving the server now?
ASKER
email is still in the Queues not going out
ASKER
when I use MX tollbox its still pointing to NO-IP
You will need to change your MX records to point the mail directly to your server if that is what you want to do.
ASKER
there is no mx record set for the exchange server on NO-IP
This is what I see for your domain's MX records:
Two or more different MX records exist within the zone. This is good and ensures consistent and fail-safe mail deliverability. The MX records are:
preference = 10 mail2.noip.com. [69.65.5.110]
preference = 5 mail1.noip.com. [8.23.224.50]
Two or more different MX records exist within the zone. This is good and ensures consistent and fail-safe mail deliverability. The MX records are:
preference = 10 mail2.noip.com. [69.65.5.110]
preference = 5 mail1.noip.com. [8.23.224.50]
ASKER
What should I do? Should use DNS to do the work or should I re-configure the server to NO-IP settings. I have static ip and port 25 is open and I have a server poweredge 2900.
It's still not sending mail out.
It's still not sending mail out.
It should be if you are using DNS and Anonymous Authentication.
ASKER
I got the instructions from NO-IP, My going item by item. Yes and yes
ASKER
It's working. I can send
ASKER
smpt outbound connections were set to 3325 instead of 25
Okay - excellent.
So where are we at with the original question now?
So where are we at with the original question now?
ASKER
Mobile phone will not connect. Still with the fffffffffffffauthenticatio n problems
ASKER
re-checked the settings and rebooted the server and it all started to work.
Thank you Alanhardisty. You're a genius wizard
Thank you Alanhardisty. You're a genius wizard
https://www.testexchangeconnectivity.com/
Make sure you use an account you can delete after running it so you don't compromise your network security
Also check out this article and follow the steps to configure RPC over HTTP on SBS 2003
http://technet.microsoft.com/en-us/library/bb123622%28v=exchg.65%29.aspx
Did you purchase a 3rd party SSL certificate? I know that iPhones require it, not too sure about Android devices. iPhones don't like the self signed cert that Exchange creates.