Solved

Exchange 2010 on SBS 2011 not sending mail after migration

Posted on 2013-02-04
15
1,082 Views
Last Modified: 2013-02-10
Hi guys,

I've recently completed a migration of SBS 2003 to SBS 2011 without two many hiccups.
Server has been running nicely for the past 2 weeks and just today has lost the ability to send external mail.

Mail coming in is no problem at all, ports 25 and 587 open and accepting.

When I'm trying to telnet out on either port 25 or port 587 I can't seem to get any communication - nothing will talk back.

I've created a new Send Connector, and have used a smarthost just for testing.
This send connector is sitting on port 26 and communication is working perfectly.
This is purely a workaround.

The error when I switch back is:
451 4.4.0 Primary target IP address responded with:"421 4.2.1 Unable to connect." Attempted failover to alternate host, but that did not succeed. Either there are no alternate hosts, or delivery failed to all alternate hosts.

Windows firewall is not on, and Wireshark demonstrates that DNS can see the external party...

192.168.4.10      203.147.156.194      TCP      62      15074 > 26 [SYN] Seq=0 Win=8192 Len=0 MSS=1460 SACK_PERM=1


Firstly thought that the 2003 server may have had a hand in what was happening, but no routing groups exist from the old server, and nothing I can see in powershell points to it wanting to communicate with the old unit.

Any help would be amazing!!

Cheers,

Chenz
0
Comment
Question by:Cyb3tT3ch
  • 5
  • 3
  • 2
  • +3
15 Comments
 
LVL 16

Expert Comment

by:Carol Chisholm
ID: 38853861
Is there any mail in the queues on the old server?
Did this happen after you moved all the mailboxes?
Could Exchange 2010 might be doing some load balancing by sending mail via the least loaded server?
0
 

Author Comment

by:Cyb3tT3ch
ID: 38853876
No mail in the old queue, and Exchange has been disabled on the SBS 2003 unit.
All mailboxes were moved about 2 weeks ago, and no issues over the past two weeks.
No load balancing has been configured on either server unless that is part of the migration wizard?
0
 
LVL 16

Expert Comment

by:Carol Chisholm
ID: 38853954
Just an idea.
It seems very strange.
Do you have a NAT rule in your firewall for incoming port 25 that might send the traffic to another address?
0
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

 
LVL 4

Expert Comment

by:Thomas WERNHER
ID: 38853989
Hi,

i installed an exchange 2010 yesterday for the first time and had the same problem with the external sent mails.

i configured the connectors and receivers and used a smart host on an external relay for the connector in the hub transport.
didn't work.

Finally, i got it working after resolving an issue with the external mails not being recognize as valid by the receiving system (in this case it was a gmail mailbox that i wanted to send mail to)

Cheers.

T
0
 
LVL 18

Assisted Solution

by:Andrew Davis
Andrew Davis earned 250 total points
ID: 38854045
Recap of issue, correct me if i am wrong.
Receiving is no issue.
Sending mail fails.
Was sending fine for a couple of weeks but is now failing.
New send connector pointing to smarthost on port 26 is working as a temporary fix.

1st step with all SBS boxes should be to rerun the wizards.
       1. Open  "Windows Small Business Server 2011 Console"
       2. Expand "Getting started Tasks" on "Home" page.
       3. run through the wizards under "Connect to internet".

Now having said that, have you checked that your ISP is not blocking outgoing communications on port 25.
         1. For the purpose of the test we will see if our server can communicate with Gmail's server.
         2. open a command prompt and type telnet gmail-smtp-in.l.google.com 25
         3. you should get a reply like "220 mx.google.com ESMTP q4si21801500pav.212 - gsmtp"
 if you get a reply you know that your server can communicate with the outside world on port 25. If this is the case, how is your normal send connector setup? Do you use a smart host or not?

you can check the send connector configuration by opening Exchange management shell and typing "Get-SendConnector | ft Id*,Sm*s,po*". this will tell you if using a smarthost and on what port.

Let us know how you go with the above.

Cheers
Andrew
0
 
LVL 57

Accepted Solution

by:
Cliff Galiher earned 250 total points
ID: 38854054
If telnetting is not working either this is either your network edge device (router, firewall, etc) or your ISP. ISPs are consistently adding port 25 blocks on their end to reduce spam , and I've seen far too often legitimate accounts get blocked by an over-eager ISP admin. Check your router. Look for port 25 outbound traffic. And call your ISP.
0
 
LVL 18

Expert Comment

by:Andrew Davis
ID: 38854055
@corolchi
"Could Exchange 2010 might be doing some load balancing by sending mail via the least loaded server? "
No this is SBS so there should be no other Exchange server. If there was we would be seeing bigger issues.

"Do you have a NAT rule in your firewall for incoming port 25 that might send the traffic to another address? "
That would affect incoming not outgoing email.
0
 

Author Comment

by:Cyb3tT3ch
ID: 38861602
Thanks for all the suggestions guys - did help a lot in diagnosing the issue remotely.

Unfortunately it was a SnapGear firewall that was causing all the issues - she randomly decided to start blocking ports 25 and 587 for all outgoing traffic.

Cheers,

Chenz
0
 

Author Comment

by:Cyb3tT3ch
ID: 38862048
I've requested that this question be closed as follows:

Accepted answer: 0 points for Cyb3tT3ch's comment #a38861602

for the following reason:

hardware issue
0
 
LVL 18

Expert Comment

by:Andrew Davis
ID: 38862046
.
0
 
LVL 18

Expert Comment

by:Andrew Davis
ID: 38862049
Recommend points split between myself and cgaliher. We identified testing outgoing port 25 telnet test, and identified the posibility that failure could be caused by Edge router.

Why would you not want to award the points? What did we tell you that was incorrect?

Remember that in most cases you are not going to get  answers like "Its your SnapGear Firewall blocking the outgoing connection, Randomly"

What you do get is idea's and things to check that will hopefully lead you to discovering the answer.

Cheers
Andrew
0
 
LVL 18

Expert Comment

by:Andrew Davis
ID: 38862756
0
 
LVL 1

Expert Comment

by:modus_operandi
ID: 38873733
I've requested that this question be closed as follows:

Accepted answer: 250 points for AndrewJDavis's comment #a38854045
Assisted answer: 250 points for cgaliher's comment #a38854054

for the following reason:

Starting auto-close process to implement the recommendations of the participating Expert(s).
 
modus_operandi
EE Admin
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

MS Outlook is a world-class email client application that is mainly used for e-communication globally.  In this article, we will discuss the basic idea about MS Outlook, its advanced features, and types of MS Outlook File formats.
This article explains how to install and use the NTBackup utility that comes with Windows Server.
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question