Exchange 2010 on SBS 2011 not sending mail after migration

Hi guys,

I've recently completed a migration of SBS 2003 to SBS 2011 without two many hiccups.
Server has been running nicely for the past 2 weeks and just today has lost the ability to send external mail.

Mail coming in is no problem at all, ports 25 and 587 open and accepting.

When I'm trying to telnet out on either port 25 or port 587 I can't seem to get any communication - nothing will talk back.

I've created a new Send Connector, and have used a smarthost just for testing.
This send connector is sitting on port 26 and communication is working perfectly.
This is purely a workaround.

The error when I switch back is:
451 4.4.0 Primary target IP address responded with:"421 4.2.1 Unable to connect." Attempted failover to alternate host, but that did not succeed. Either there are no alternate hosts, or delivery failed to all alternate hosts.

Windows firewall is not on, and Wireshark demonstrates that DNS can see the external party...      TCP      62      15074 > 26 [SYN] Seq=0 Win=8192 Len=0 MSS=1460 SACK_PERM=1

Firstly thought that the 2003 server may have had a hand in what was happening, but no routing groups exist from the old server, and nothing I can see in powershell points to it wanting to communicate with the old unit.

Any help would be amazing!!


Who is Participating?
Cliff GaliherConnect With a Mentor Commented:
If telnetting is not working either this is either your network edge device (router, firewall, etc) or your ISP. ISPs are consistently adding port 25 blocks on their end to reduce spam , and I've seen far too often legitimate accounts get blocked by an over-eager ISP admin. Check your router. Look for port 25 outbound traffic. And call your ISP.
Carol ChisholmCommented:
Is there any mail in the queues on the old server?
Did this happen after you moved all the mailboxes?
Could Exchange 2010 might be doing some load balancing by sending mail via the least loaded server?
Cyb3tT3chAuthor Commented:
No mail in the old queue, and Exchange has been disabled on the SBS 2003 unit.
All mailboxes were moved about 2 weeks ago, and no issues over the past two weeks.
No load balancing has been configured on either server unless that is part of the migration wizard?
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Carol ChisholmCommented:
Just an idea.
It seems very strange.
Do you have a NAT rule in your firewall for incoming port 25 that might send the traffic to another address?
Thomas WERNHERConfiguration ManagerCommented:

i installed an exchange 2010 yesterday for the first time and had the same problem with the external sent mails.

i configured the connectors and receivers and used a smart host on an external relay for the connector in the hub transport.
didn't work.

Finally, i got it working after resolving an issue with the external mails not being recognize as valid by the receiving system (in this case it was a gmail mailbox that i wanted to send mail to)


Andrew DavisConnect With a Mentor ManagerCommented:
Recap of issue, correct me if i am wrong.
Receiving is no issue.
Sending mail fails.
Was sending fine for a couple of weeks but is now failing.
New send connector pointing to smarthost on port 26 is working as a temporary fix.

1st step with all SBS boxes should be to rerun the wizards.
       1. Open  "Windows Small Business Server 2011 Console"
       2. Expand "Getting started Tasks" on "Home" page.
       3. run through the wizards under "Connect to internet".

Now having said that, have you checked that your ISP is not blocking outgoing communications on port 25.
         1. For the purpose of the test we will see if our server can communicate with Gmail's server.
         2. open a command prompt and type telnet 25
         3. you should get a reply like "220 ESMTP q4si21801500pav.212 - gsmtp"
 if you get a reply you know that your server can communicate with the outside world on port 25. If this is the case, how is your normal send connector setup? Do you use a smart host or not?

you can check the send connector configuration by opening Exchange management shell and typing "Get-SendConnector | ft Id*,Sm*s,po*". this will tell you if using a smarthost and on what port.

Let us know how you go with the above.

Andrew DavisManagerCommented:
"Could Exchange 2010 might be doing some load balancing by sending mail via the least loaded server? "
No this is SBS so there should be no other Exchange server. If there was we would be seeing bigger issues.

"Do you have a NAT rule in your firewall for incoming port 25 that might send the traffic to another address? "
That would affect incoming not outgoing email.
Cyb3tT3chAuthor Commented:
Thanks for all the suggestions guys - did help a lot in diagnosing the issue remotely.

Unfortunately it was a SnapGear firewall that was causing all the issues - she randomly decided to start blocking ports 25 and 587 for all outgoing traffic.


Cyb3tT3chAuthor Commented:
I've requested that this question be closed as follows:

Accepted answer: 0 points for Cyb3tT3ch's comment #a38861602

for the following reason:

hardware issue
Andrew DavisManagerCommented:
Andrew DavisManagerCommented:
Recommend points split between myself and cgaliher. We identified testing outgoing port 25 telnet test, and identified the posibility that failure could be caused by Edge router.

Why would you not want to award the points? What did we tell you that was incorrect?

Remember that in most cases you are not going to get  answers like "Its your SnapGear Firewall blocking the outgoing connection, Randomly"

What you do get is idea's and things to check that will hopefully lead you to discovering the answer.

I've requested that this question be closed as follows:

Accepted answer: 250 points for AndrewJDavis's comment #a38854045
Assisted answer: 250 points for cgaliher's comment #a38854054

for the following reason:

Starting auto-close process to implement the recommendations of the participating Expert(s).
EE Admin
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.