fireguy1125
asked on
Outbound E-mail from Exchange 2010 Hub Server
We have an issue where our firewall is blocking a message being sent from one of our Exchange Hub servers to a blacklisted IP address, from the inside IP of our exchange server on port 57638 to the outside IP port 25. My concern is that the internal Hub server should not be sending any e-mail to an outside IP, since it should be routed through the Edge server and then sent from there. How can I investigate this on the Exchange/Server side and see why this is happening?
Last Comment
Look at your SMTP Connector for internet email. Do you allow the hub server the ability to send over that connector?
Also see this article on how to achieve what you're seeing, then check to see if you have it setup that way. If you don't want it to send directly, this should give you an idea of what settings need to be changed/removed:
http://technet.microsoft.c
http://technet.microsoft.c
ASKER
I have the following send connectors enabled on my Hub Transport:
EdgeSync smtp to address space -- Cost 100, routing mail through smart, associated with both edge servers
Outbound email to address space * Cost 1, associated with both hub servers
How can I find out which message is being sent out from the queue viewer to this IP? Since the traffic is being blocked by the firewall, will this cause it to be in a retry state? Would it even appear in the queue viewer? Are there any other logs I can check or enable checking, the traffic seems to occur in 5 minute intervals.
EdgeSync smtp to address space -- Cost 100, routing mail through smart, associated with both edge servers
Outbound email to address space * Cost 1, associated with both hub servers
How can I find out which message is being sent out from the queue viewer to this IP? Since the traffic is being blocked by the firewall, will this cause it to be in a retry state? Would it even appear in the queue viewer? Are there any other logs I can check or enable checking, the traffic seems to occur in 5 minute intervals.
If the server is able to determine the next hop address, but unable to connect to the next hop, it will go into the retry queue. If the server is unable to find the next hop, it should error.
As for your outbound email with the address space of *, that's an indication of an internet bound message (* indicates all possible destination domains). Is there a smarthost configured on that connector? If there is, that means the smarthost should be receiving the messages to then relay over that connector. If no smarthost is configured, then the associated hub transport servers would send over that connector.
Check message tracking within Exchange. It should show you the path of the message and what server sent it. If you're not sure of a particular message that took this route, send a test message from a mailbox attached to that hub server and use that as your tracking message.
As for your outbound email with the address space of *, that's an indication of an internet bound message (* indicates all possible destination domains). Is there a smarthost configured on that connector? If there is, that means the smarthost should be receiving the messages to then relay over that connector. If no smarthost is configured, then the associated hub transport servers would send over that connector.
Check message tracking within Exchange. It should show you the path of the message and what server sent it. If you're not sure of a particular message that took this route, send a test message from a mailbox attached to that hub server and use that as your tracking message.
ASKER
No smarthost configured on the outbound email with address space *.
My Edgesync connector has a smart host configured as -- and is associated with both edge servers. I believe that is going through our load balancers, although i'm not certain.
I was able to find the message by going through my message queue and ran a mxlookup at all the retry messages and found the ip culprit.
The retry message was: 451 4.4.0 Primary target IP address responded with: ""421 4.2.1 Unable to connect."" Attempted failover to alternate host, but that did not succeed. Either there are no alternate hosts, or delivery failed to all alternate hosts
I believe this is because our firewall was blocking the traffic, but I am concerned about the settings, i would imagine that with the edgesync configuration it would know to route mail through the edge servers for outbound mail.
My Edgesync connector has a smart host configured as -- and is associated with both edge servers. I believe that is going through our load balancers, although i'm not certain.
I was able to find the message by going through my message queue and ran a mxlookup at all the retry messages and found the ip culprit.
The retry message was: 451 4.4.0 Primary target IP address responded with: ""421 4.2.1 Unable to connect."" Attempted failover to alternate host, but that did not succeed. Either there are no alternate hosts, or delivery failed to all alternate hosts
I believe this is because our firewall was blocking the traffic, but I am concerned about the settings, i would imagine that with the edgesync configuration it would know to route mail through the edge servers for outbound mail.
ASKER CERTIFIED SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
I also want to mention that I'm not sure what the address space designator of "--" will do for you. Every setup I've ever seen has always used * as the address space when designating an internet connector.
ASKER
Thanks for helping me understand
NP, thanks for the grade and good luck! Holler at us if you have any other questions.
Exchange
Exchange is the server side of a collaborative application product that is part of the Microsoft Server infrastructure. Exchange's major features include email, calendaring, contacts and tasks, support for mobile and web-based access to information, and support for data storage.
213K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
TRUSTED BY
