Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Mulitple Domains

Posted on 2014-01-21
25
Medium Priority
?
188 Views
Last Modified: 2014-02-07
Setup:

Exchange  2010 SP3

Company A Default Authoritative Domain

Company B Second Authoritative Domain

Exchange 2010 was originally setup with as company A (user@companyA.com)

Added a second Authoritative Domain for other users to use (user@companyB.com)

Users in Company A can send/receive with no problems
Users in Company B can only send but not receive

Created an A record to point to Company A External Mail IP
Created MX records to point to Company A MXs

What am I missing in order for users in Company B be able to receive emails?
0
Comment
Question by:Lead Consultant
  • 11
  • 10
  • 4
25 Comments
 
LVL 27

Expert Comment

by:MAS
ID: 39799120
Did you create or update email address policy for the newly added domain (company B)?
if not pls create/update it now

please check this
0
 

Author Comment

by:Lead Consultant
ID: 39799133
Yes. I apologize for not mentioning it before but email address policy is in place. Users in Company B are in their own separate OU and email address policy is in effect to that OU.
0
 
LVL 27

Expert Comment

by:MAS
ID: 39799191
Did you create MX record for companyB.com domain pointing to the same IP of companyA.com?

if not please create it ASAP

You can test your domainB.com from this
https://testconnectivity.microsoft.com/

Did you add domainB.com in your antispam software/appliance?

domainB.com users receiving internal emails or no?
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 

Author Comment

by:Lead Consultant
ID: 39800291
@ Andrew

I followed the guideline provided by the link to make sure I didn't miss anything and I followed everything exactly as it is. Still not functioning.
0
 

Author Comment

by:Lead Consultant
ID: 39800298
@ MAS

As I stated above:

Created an A record to point to Company A External Mail IP
Created MX records to point to Company A MX records

Also Internal email works between user@companyA.com to user@companyB.com and Vice Versa.

This is the NDR I get when I email from outside:

Delivery is delayed to these recipients or distribution lists:

User

Subject: Test

This message has not yet been delivered. Microsoft Exchange will continue to try delivering the message on your behalf.

Delivery of this message will be attempted until 1/23/2014 11:09:34 PM (GMT-06:00) Central Time (US & Canada). Microsoft Exchange will notify you if the message can't be delivered by that time.
0
 
LVL 27

Expert Comment

by:MAS
ID: 39802091
What is the result of the inbound test from this site?

https://testconnectivity.microsoft.com/
0
 

Author Comment

by:Lead Consultant
ID: 39802101
@ MAS

Only Error Received:

The server returned status code 451 - Error in processing. The server response was: Could not load DRD for domain (companyB.com) rcpt (user@company B.com)
Exception details:
Message: Error in processing. The server response was: Could not load DRD for domain (companyB.com) rcpt (user@company B.com)
Type: System.Net.Mail.SmtpException
Stack trace:
at System.Net.Mail.RecipientCommand.CheckResponse(SmtpStatusCode statusCode, String response)
at System.Net.Mail.RecipientCommand.Send(SmtpConnection conn, String to, String& response)
at System.Net.Mail.SmtpTransport.SendMail(MailAddress sender, MailAddressCollection recipients, String deliveryNotify, Boolean allowUnicode, SmtpFailedRecipientException& exception)
at System.Net.Mail.SmtpClient.Send(MailMessage message)
at Microsoft.Exchange.Tools.ExRca.Tests.SmtpMessageTest.PerformTestReally()
Elapsed Time: 252 ms.
0
 
LVL 19

Expert Comment

by:Andrew Davis
ID: 39802111
from the outside can you try to telnet test the server with a companyB email address and let us know of any response that is not standard.

See http://www.port25.com/how-to-check-an-smtp-connection-with-a-manual-telnet-session-2/  for a how to and the standard style of responses.

Cheers
Andrew
0
 
LVL 19

Expert Comment

by:Andrew Davis
ID: 39802119
here is a cut and paste of what i would expect to see. (note the parts that i typed are in bold).

c:\>telnet remote.MyDom.com.au 25
220 remote.MyDom.com.au Microsoft ESMTP MAIL Service ready at Thu, 23 Jan 2014 15
:02:46 +0930
ehlo
250-remote.MyDom.com.au Hello [101.165.121.20]
250-SIZE 104857600
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-STARTTLS
250-AUTH
250-8BITMIME
250-BINARYMIME
250 CHUNKING
mail from: test@testing.com
250 2.1.0 Sender OK
rcpt to: ada@OtherDom.com.au
250 2.1.5 Recipient OK
DATA
354 Start mail input; end with <CRLF>.<CRLF>
this is a test
.

250 2.6.0 <1d4aa44d-db86-416e-88c1-db1a50ee2fb5@MyDomSBS.MyDom.local> [InternalId=
976] Queued mail for delivery


Cheers
Andrew
0
 
LVL 19

Expert Comment

by:Andrew Davis
ID: 39802139
i have never seen a DRD message from Exchange. This is usually associated with a gateway device. Either smarthost going out, or an incoming proxy (Spam/virus filter).

Can you let us know if there is anything like this in play.

if so can you try a telnet as above, bypassing any gateway device/service.

Cheers
Andrew
0
 

Author Comment

by:Lead Consultant
ID: 39802171
@ Andrew

Telnet Output:

220 mail.companyA.com Microsoft ESMTP MAIL Service ready at Thu, 23 Jan 2014 0
0:39:45 -0600
ehlo
250-mail.companyA.com Hello [162.194.18.203]
250-SIZE 104857600
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-STARTTLS
250-AUTH GSSAPI NTLM
250-8BITMIME
250-BINARYMIME
250 CHUNKING
mail from:test@testing.com
250 2.1.0 Sender OK
rcpt to:user@companyB.com
250 2.1.5 Recipient OK
Data
354 Start mail input; end with <CRLF>.<CRLF>
This is a test
.
250 2.6.0 <86c67483-895d-4c70-86ec-1a45018fc029@FQDNServer.domain.com> [In
ternalId=53452] Queued mail for delivery
0
 

Author Comment

by:Lead Consultant
ID: 39802174
@ Andrew

We are currently using Spam Soap as our Third Party Spam Filter and it is only set for inbound Filtering.
0
 
LVL 19

Expert Comment

by:Andrew Davis
ID: 39802175
now try the same but in
rcpt to:
use a domain B address

Thanks
0
 

Author Comment

by:Lead Consultant
ID: 39802181
@ Andrew

That's what is listed in the Telnet Output above:

rcpt to:user@compnayB.com
0
 
LVL 19

Expert Comment

by:Andrew Davis
ID: 39802182
sorry i miss-read.
I note that you did send that to user@companyB.com
And i will assume that if that was a genuine email address then you did receive it.

I think you will find your problem is with spam soap.

I am not familiar with their product. but they should have a way of confirming the settings.

Can you let me know if user@companyB.com did receive the message.

Cheers
Andrew
0
 

Author Comment

by:Lead Consultant
ID: 39802189
@ Andrew

Email was genuine.

I have access to Spam Soap Admin console so I can remove the inbound filtering to try.

User@companyB.com did not receive the email.
0
 
LVL 19

Expert Comment

by:Andrew Davis
ID: 39802192
The above telnet, looks like that was to directly to your Exchange server and bypassing spam soap. Can you confirm?

if it was then the exchange accepted the message and queued it, if not delivered within a couple of minutes can you use message tracking in exchange to see what happened to it.

Cheers
0
 
LVL 19

Assisted Solution

by:Andrew Davis
Andrew Davis earned 240 total points
ID: 39802203
had a quick look at Spam soap. it appears that they are based on mxlogic (mcafee) with their own front end.

see https://support.mcafeesaas.com/MCAFEE/_cs/AnswerDetail.aspx?sSessionID=564175229CQUGZLHWZOKKPSIX%5BYJGGYERMPWBCIZ&inc=31043&caller=~%2FFindAnswers.aspx%3FlstFilter_a%3D3%26txtCriteria%3D451+Could+not+verify+recipients%26sSessionid%3D564175229CQUGZLHWZOKKPSIX%5BYJGGYERMPWBCIZ 
This shows the error, cause, solution for the issue that you are seeing. It may be of assistance to you.

Cheers
Andrew
0
 

Author Comment

by:Lead Consultant
ID: 39805416
@ Andrew

The telnet was a connection directly to the Exchange Server and no message appeared using the message tracking.

Also I have a support case open with Spam Soap to make sure it is nothing on their end.
0
 
LVL 19

Expert Comment

by:Andrew Davis
ID: 39805683
If the telnet above was directly to the exchange (and it certainly looks that way), then you should have received it.

Can you try the same telnet but to CompanyA and confirm that the message is received.

I suspect that it will work fine for Company A.

With CompanyA and CompanyB address' are they both pointing to the same mailbox?

If not can you check that the CompanyB mailboxes are allowed to receive external emails (see Attached Pic1).

Also disable all (except Recipient filtering) Exchange Antispam filters as per pic2.
1.JPG
2.JPG
0
 
LVL 19

Expert Comment

by:Andrew Davis
ID: 39805687
Check Hub transport that the Domain is accepted and is authoritive. See Pic3

Sorry meant to add that one before submitting above post.

Cheers
Andrew
3.JPG
0
 

Accepted Solution

by:
Lead Consultant earned 0 total points
ID: 39819528
Issue has been resolved. Spam Soap was blocking incoming email for CompanyB. IP was blacklisted so incoming mail was being rejected. Since CompanyA was on Spam Soap and CompanyB was pointing CompanyA MX and A record and not on Spam Soap, also being blacklisted did not help, all emails were being rejected. Since then an account for CompanyB has been created on Spam Soap and all inbound/outbound traffic is flowing like it should.
0
 
LVL 27

Expert Comment

by:MAS
ID: 39819945
Glad to know it is fixed and thanks for adding the solution to EE database
0
 

Author Closing Comment

by:Lead Consultant
ID: 39841380
With the guidance on experts here, I was able to work the issue out with Spam Soap Support to determine the real cause of the problem.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Are you an Exchange administrator employed with an organization? And, have you encountered a corrupt Exchange database due to which you are not able to open its EDB file. This article will explain all the steps to repair corrupt Exchange database.
This month, Experts Exchange sat down with resident SQL expert, Jim Horn, for an in-depth look into the makings of a successful career in SQL.
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
Suggested Courses

926 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question