Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

MS Exchange Cannot connect 10060

Posted on 2014-03-20
15
Medium Priority
?
2,540 Views
Last Modified: 2014-04-20
Hi, I decided to setup a second email server in my company for POP3 purpose. My ServerA is a MS Exchange 2010 server with domainA.com. My ServerB is a POP3/IMAP server (smartermail) associated with domainB.com.

Both servers are on the same building but each has a different public IP. My router manages the two IP addresses and it is dispatching the TCP ports to the appropriate servers. The public address of domainB.com is 184.xxx.33.242.

Everything is working well except that my ServerA (MS Exchange, domainA.com) is incapable of sending emails to ServerB (smartermail, domainB.com).

ServerB receives all emails from everywhere I tested and is also able to send emails to ServerA/domainA. ServerA/domainA is capable of sending everywhere but to serverB/domainB.

All my policies in my router have been reviewed by the manufacturer and they say its A1. My MS Exchange is returning me this error when I try to send to ServerB/domainB:

2014-03-20T17:17:19.149Z,ServerA Exchange SMTP Connector,08D10BB7805F0579,1,,184.xxx.33.242:25,*,,"Failed to connect. Error Code: 10060, Error Message: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond 184.xxx.33.242:25"

My ServerA public address has a MX record set at my ISP (domainA.com) so that it can send emails directly but I did not do the for ServerB public address (kind of hard to do because it is a 4G connection (with fixed public IP address and no ports blocked, I am paying more for that).

Finally, if I set my MS Exchange to send through a SmartHost instead (my ISP smtp server), the emails are going through from ServerA to ServerB.

Would anyone know why this is happening?

Thanks.
0
Comment
Question by:benjilafouine
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 10
  • 5
15 Comments
 
LVL 43

Expert Comment

by:Adam Brown
ID: 39943779
This is likely because the Exchange server sees the domain on your internal DNS, but doesn't see an MX record in that DNS zone. You can either configure a Send connector for the domain that the POP3 server uses and set it to use the POP3 as a smart host or you can add MX records to the internal DNS zone for your domainb.com mail server.
0
 
LVL 1

Accepted Solution

by:
benjilafouine earned 0 total points
ID: 39943796
Why would my Exchange server see the domainB in my internal DNS? And how can I validate that?

Are you suggesting that I create a special send connector in MS Exchange just for sending to DomainB? How do I do that (never did that before)?

SmarterMail is definitely not linked with Ad (but is linked with IIS on the smartermail server).
0
 
LVL 1

Author Comment

by:benjilafouine
ID: 39943806
Wow!!!! I created the connector as you said in Exchange (to the best of my knowledge) and it worked!!!! Please explain this to me, I am dying for an explanation!!!

Benji.
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 
LVL 43

Expert Comment

by:Adam Brown
ID: 39943818
If you have domainb.com listed as a DNS forward lookup zone in your AD domain, then the Exchange server will use that DNS information for lookups and no external info will be available. Usually that external info includes MX records. By default, Exchange uses MX records to route mail, so if it queries its own DNS servers for a record in Domainb.com and it returns that the DNS server has records for that domain on it, but no MX records, it can't route mail.

At any rate, you can create a new send connector by going to Organization Config > Hub Transport. Click the Send Connectors Tab, right click in the middle window and select New Send Connector. Give the connector a unique name and click Next. Click Add, then enter domainb.com under Address Space and click OK, then Next. Select Route Mail through the following smart hosts, then click Add. Enter the IP of the POP3 server. Click OK, then next. The authentication page will depend on what type of security you have on the POP3 server, most likely you can just select None. Then accept the rest of the defaults and click New. Once that's done, all mail sent from users on the Exchange server to Domainb.com will go directly to the POP3 server's SMTP interface.
0
 
LVL 43

Expert Comment

by:Adam Brown
ID: 39943829
To continue (I edited my last response in case you missed it), setting up the send connector instructs the Exchange server to route mail destined to the domain you configure the send connector with directly to an SMTP server rather than using DNS lookups to get routing info for email.
0
 
LVL 1

Author Comment

by:benjilafouine
ID: 39943843
I understand very well how this new connector works (basically making an exception for domainB) but I am still trying to find where my Exchange server would pickup a wrong DNS record in AD. Unless the mix up happens at the router level (after all it manages both public IP addresses). This domainB has never been part of my MS Exchange and current AD structure as far as I know.

Where would I find such a record if it exists within my environment?
0
 
LVL 43

Expert Comment

by:Adam Brown
ID: 39943868
You would need to log in to a Domain Controller and open up DNS. Expand Forward Lookup Zones and see if DomainB.com is listed there. If it is, then your Exchange server is pulling DNS from there.
0
 
LVL 1

Author Comment

by:benjilafouine
ID: 39944030
I had already done that in anticipation of your answer: negative. This domainB never existed in my AD domain before (or in my Exchange server). I had used it in a lab in a separate domain since last year (on and off) and that's it.

Nevertheless, my main Exchange server did send some emails to this domainB when I tested it last year and in my Outlook cache, I still had this domainB address embedded in my "on the fly" Outlook address book, which I deleted of course (today). But, hey, there could still be a trace of it somewhere as I know for a fact that a MS Exchange server takes very long to "forget". I deleted a domain from my Exchange server last month and for two weeks it kept looking for it internally.

I will wait for a response from my ISP and my router manufacturer but your certainly deserve the points to close this question.
0
 
LVL 1

Author Comment

by:benjilafouine
ID: 39972364
I made some more testing. This situation only happens when both email servers are behind the same router (that has two fixed IP addresses). I moved my email server to a third site to test and everything was working.

My router manufacturer is still looking up the issue but creating the new connector is definitely the short route.
0
 
LVL 1

Author Comment

by:benjilafouine
ID: 39987599
The connector to bypass the situation was a good idea but it was not the solution. The issue was a "loopback" issue with the router, meaning that one public IP address was not trusting the other public address because the emails were trying to take a shortcut inside the router between the two interfaces.

The manufacturer finally resolved by adding "any-trusted" in the two smtp rules that I had. I wish I could give more info about the manufacturer, the ports and the solution but my company is keeping a low-profile on its security features for security reasons (you will certainly understand why).

So once more, I came up with my own solution. But I will award you the points because you helped prove my point to the manufacturer who at first, dismissed my issue.
0
 
LVL 1

Author Comment

by:benjilafouine
ID: 40002674
I've requested that this question be closed as follows:

Accepted answer: 0 points for benjilafouine's comment #a39943806

for the following reason:

The problem was in the router but the solution offered did work as a bypass.
0
 
LVL 43

Expert Comment

by:Adam Brown
ID: 40000342
You may want to change your close so it awards some points. Right now it awards none.
0
 
LVL 1

Author Comment

by:benjilafouine
ID: 40002665
I will assign points.
0
 
LVL 1

Author Comment

by:benjilafouine
ID: 40002675
I will retry closing this question.
0
 
LVL 1

Author Closing Comment

by:benjilafouine
ID: 40011157
Here is the close. Thanks.
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

New style of hardware planning for Microsoft Exchange server.
This month, Experts Exchange sat down with resident SQL expert, Jim Horn, for an in-depth look into the makings of a successful career in SQL.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question