Solved

Exchange 2010 can't send mail

Posted on 2014-01-27
11
832 Views
Last Modified: 2014-02-05
Hello all

Our organization uses exchange 2010 mail server. Our mail server work well but can't send mail to one domain. Other domains are no problem. Domain is ccb.com. Mail entered queue and occurred following error:

451.4.4.0 Primary target IP address responded with: "421 internal can't stack B channel SSL filter [1]."Attempted failover to alternate host, but that did not succeed.
Either there are no alternate hosts, or delivery failed to all alternate hosts.

Our organization uses "Watchguard" firewall and is it depend that problem?
0
Comment
Question by:itsbm
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
  • 2
  • +1
11 Comments
 
LVL 12

Expert Comment

by:Md. Mojahid
ID: 39814095
YOu have to add that domain in  white list in your origination to be trust.

http://sysadminguides.com/index.php/applications/exchange/4-whitelist-domain-in-exchange-2010.html
0
 
LVL 1

Author Comment

by:itsbm
ID: 39814138
I added domain to Transport Rule and restarted exchange services. But error occurred.
0
 
LVL 5

Expert Comment

by:Dave Gould
ID: 39814306
Can you do a manual emulation of the smtp protocol by telneting to port 25 of the remote server?
0
Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39814327
That is not an Exchange error, that is a problem with the remote side, possibly trying to communicate with yours.
Does the Watchguard do anything with email? Are you using it as a smart host?
Try putting the remote domain through some of the tests at MXtoolbox and see if the error is coming back for others. If it is then it is their problem, not yours.

Simon.
0
 
LVL 1

Author Comment

by:itsbm
ID: 39814330
Yes. Telnet is working.
0
 
LVL 1

Author Comment

by:itsbm
ID: 39814379
Thanks Simon.

We don't use smart host. We tested remote domain by mxtoolbox and that domain is no errors. Watchguard can transfer other mail.
0
 
LVL 5

Expert Comment

by:Dave Gould
ID: 39817642
When you say that telnet works, are you doing it from your mail server ?
Have you atually tried to emulate the protocol as far as sending a mail?
ie telnet to the remote mail server (mx record from nslookup) on port 25

helo yourmaildomain
mail from: <any.user@yourdomain.com>
rcpt to: <any.user@ccb.com>
data
blah blah blah
.
quit

If this doesn't work either, then the problem is not on your exchange side. You might get a more informative error message too.
0
 
LVL 1

Author Comment

by:itsbm
ID: 39828687
Thanks trappa01.

I tried below command from my exchange mail server.

1.
New cmd opened.

===========
>nslookup
Default Server:  dc1.savingsbank.mn
Address:  192.168.20.1

> set q=mx
> ccb.com
Server:  dc1.savingsbank.mn
Address:  192.168.20.1

DNS request timed out.
    timeout was 2 seconds.
Non-authoritative answer:
ccb.com MX preference = 5, mail exchanger = mail-in3.ccb.com
ccb.com MX preference = 5, mail exchanger = mail-in4.ccb.com
ccb.com MX preference = 5, mail exchanger = mail-in1.ccb.com
ccb.com MX preference = 5, mail exchanger = mail-in2.ccb.com

mail-in3.ccb.com        internet address = 124.127.253.193
mail-in4.ccb.com        internet address = 124.127.253.194
mail-in1.ccb.com        internet address = 114.247.32.65
mail-in2.ccb.com        internet address = 114.247.32.66
=============

2.
New cmd opened. Then below command.

============
telnet mail-in3.ccb.com 25

220 CCB ESMTP Service ready
ehlo mail.statebank.mn
250-Requested mail action okay, completed
250-SIZE 10000000
250-AUTH PLAIN LOGIN
250-8BITMIME
250-STARTTLS
250 OK
mail from:<bat@statebank.mn>
250 Requested mail action okay, completed
rcpt to:<nm@ccb.com>
250 Requested mail action okay, completed
data
354 Start mail input; end with <CRLF>.<CRLF>
;This is test message
.
250 Requested mail action okay, completed
quit
221 Service closing transmission channel


Connection to host lost.
============


But mail can't send from my outlook and owa web.
0
 
LVL 5

Expert Comment

by:Dave Gould
ID: 39829012
My first impression was the same as Simon's but I'm less convinced now. Is the routing via the watchgard configured in exchange or does all traffic go via that firewall (essentially I'm trying to figure out the difference between a manual send and a send via the Exchange server)?
Presumably, the sender address is always @statebank.mn ?
0
 
LVL 1

Author Comment

by:itsbm
ID: 39829136
Exchange is routed by watchguard.  Sender address is @statebank.mn. I tried send mail from my exchange server to @ccb.com. But below error in queues.

451.4.4.0 Primary target IP address responded with: "421 internal can't stack B channel SSL filter [1]."Attempted failover to alternate host, but that did not succeed.
Either there are no alternate hosts, or delivery failed to all alternate hosts.

But command prompt is below message.

220 CCB ESMTP Service ready
ehlo mail.statebank.mn
250-Requested mail action okay, completed
250-SIZE 10000000
250-AUTH PLAIN LOGIN
250-8BITMIME
250-STARTTLS
250 OK
mail from:<bat@statebank.mn>
250 Requested mail action okay, completed
rcpt to:<nm@ccb.com>
250 Requested mail action okay, completed
data
354 Start mail input; end with <CRLF>.<CRLF>
;This is test message
.
250 Requested mail action okay, completed
quit
221 Service closing transmission channel

What do i do?
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 400 total points
ID: 39829919
As I have already said, it isn't an Exchange error. I am not familiar with the Watchguard products, so the only advice I can give is to look at bypassing it, so email is delivered directly.

Simon.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
EXCHANGE, ACTIVE DIRECTORY, VMWARE 5 112
exchange 2010 Dag failed 3 65
EXCH2013 Public Folder creation 1 48
Migrate EDB to PST 5 32
This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question