Avatar of shadowtuck
shadowtuck asked on

Getting weird warning in App log with Forefront on MB server

I have used Forefront on Exchange many times in the past on Exchange 2007 and 2010. I am getting this warning relating to smtp in the App log.

Event ID 2064 - Unexpected SMTP server response. Expected: 220, actual: 500, whole response: 500 5.3.3 Unrecognized command

I found the article below which addresses this supposedly. I was a little concerned about creating another Receive Connector in Exchange just for Forefront. I never had to do this in the past. Yes, our default RC does have anonymous enabled. I need it this way to accept inbound emails just like the article states. Was wondering if anyone else ran into this problem and found another way to resolve it? It appears to be an issue with Forefront on the MB server trying to send notifications using the CAS. I am not getting any email alerts from the MB servers regarding scanning, updates etc.....

http://johanveldhuis.nl/en/forefront-protection-for-exchange-2010-unexpected-smtp-server-response-expected-220-actual-500-whole-response-500-5-3-3-unrecognized-command/
Microsoft Forefront ISA Server

Avatar of undefined
Last Comment
shadowtuck

8/22/2022 - Mon
unknown_routine

Receive connector on Hub Transport server must have Exchange Servers option in Authentication and Permissions tabs.

Is this the case for your situation?
ASKER
shadowtuck

Yes and those are the default settings. The only thing different about this RC from the default is anonymous is checked but that is needed to receive inbound emails from our gateway. The article mentions this and states that Forefront is sending anonymous TLS and that is why it's failing. The solution is to create another RC without anonymous being checked. This has to be something different with Forefront because I never had to do this in the past. If this is a common issue, I don't understand why MS doesn't have a tech article on it.
ASKER
shadowtuck

I guess what my concern here is creating another Receive Connector. I want to make sure I don't interrupt the flow of email. I am not changing any settings on the two Receive Connectors I have now. I am just adding a third Connector for Forefront. Is there any particular type I should be using Choices are Internet, Internal, Custom etc....I am guessing if I don't specify a type, it should default to what I currently have.
This is the best money I have ever spent. I cannot not tell you how many times these folks have saved my bacon. I learn so much from the contributors.
rwheeler23
ASKER CERTIFIED SOLUTION
shadowtuck

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
See how we're fighting big data
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
ASKER
shadowtuck

I solved my own issue using testing.