[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Current Exchange Migration Coexist Servers: email flow from 2003 Exchange mailboxes not able to route into 2010 mailboxes

Posted on 2014-08-18
30
Medium Priority
?
663 Views
Last Modified: 2014-08-30
We are in the middle of an Exchange migration from 2003 to 2010. We have a test mailbox on Exchange 2010. The test account can send email to world and to all mailboxes on 2003. The problem is the 2003 users are not able to reply or send email to the test user. The 2003 user emails sent to 2010 test user, queue up in "messages with an unreachable destination" on 2003 server

 Some information that may be relevant...

Default SMTP Virtual Server sends email to a smart-host

Also...




BCEXCH - is exchange 2003 cluster
BC-PHX-EXCH01 - Exchange 2010
BC-PHX-EXCH02 - Exchange 2010
Both 2010 servers are in a DAG

Your help would be greatly appreciated.
0
Comment
Question by:jballiet5
  • 19
  • 9
29 Comments
 
LVL 12

Expert Comment

by:David Paris Vicente
ID: 40269209
Hi,

Do you have a smart host set in the SMTP Virtual Server?

You can take a look here, the problem is similar.

If the mail flow problem continues, let us know.

Regards
0
 

Author Comment

by:jballiet5
ID: 40274386
David, That did not work. But thanks.

Here is our routing group connectors. The 2003 servers are collecting email in the associated routing queue, but not being delivered to internal user mailboxes on 2010 servers...

Capture7.JPG
Also here are the details of our routing groups...

##phx-exch01-routing-connnector...

[PS] C:\Windows\system32> Get-RoutingGroupConnector -Identity "Interop RGC"

Name                      SourceRoutingGroup                                                   TargetRoutingGroup
----                           ------------------                                                                ------------------
Interop RGC            Exchange Routing Group (DWBGZMFD01QNBJR)       COMPANY
Interop RGC            COMPANY                                                                     Exchange Routing Group (DWBGZMFD01QNBJR)


[PS] C:\Windows\system32>Get-RoutingGroupCOnnector | fl


RunspaceId                                                            : e922fa68-f679-4f32-ba4e-8f3702eb4f77

TargetRoutingGroup                                             : COMPANY

Cost                                                                         : 100

TargetTransportServers                                        : {BCEXCH}

ExchangeLegacyDN                                               : /o=Company Name/ou=Exchange Administrative Group           (FYDIBOHF23SPDLT )/cn=Configuration/cn=Connections/cn=Interop RGC

PublicFolderReferralsEnabled : True

SourceRoutingGroup           : Exchange Routing Group (DWBGZMFD01QNBJR)

SourceTransportServers       : {BC-PHX-EXCH02}

HomeMTA                      : Microsoft MTA

HomeMtaServerId              : BC-PHX-EXCH02

MaxMessageSize               : unlimited
AdminDisplayName             :

ExchangeVersion              : 0.1 (8.0.535.0)

Name                         : Interop RGC

DistinguishedName            : CN=Interop RGC,CN=Connections,CN=Exchange Routing Group (DWBGZMFD01QNBJR),CN=Routing Gro
                               ups,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=Berke
                               ley Communications Corporation,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=COM
                               PANY,DC=com

Identity                     : Interop RGC

Guid                         : 85f0308c-0dee-4205-94e6-94d0aee93e13

ObjectCategory               : COMPANY.com/Configuration/Schema/ms-Exch-Routing-Group-Connector

ObjectClass                  : {top, msExchConnector, msExchRoutingGroupConnector}

WhenChanged                  : 8/19/2014 4:13:32 PM

WhenCreated                  : 8/19/2014 4:12:45 PM

WhenChangedUTC               : 8/19/2014 11:13:32 PM

WhenCreatedUTC               : 8/19/2014 11:12:45 PM

OrganizationId               :
OriginatingServer            : bc-phx-dc01.COMPANY.com

IsValid                      : True
____________________________________________________________________________________________________________________________________
RunspaceId                   : e922fa68-f679-4f32-ba4e-8f3702eb4f77

TargetRoutingGroup           : Exchange Routing Group (DWBGZMFD01QNBJR)

Cost                         : 100

TargetTransportServers       : {BC-PHX-EXCH02}

ExchangeLegacyDN             : /O=Company Name/OU=COMPANY/cn=Configuration/cn=Connections/cn=Int
                               erop RGC

PublicFolderReferralsEnabled : True

SourceRoutingGroup           : COMPANY

SourceTransportServers       : {BCEXCH}

HomeMTA                      : Microsoft MTA

HomeMtaServerId              : BCEXCH

MaxMessageSize               : unlimited

AdminDisplayName             :

ExchangeVersion              : 0.1 (8.0.535.0)

Name                         : Interop RGC

DistinguishedName            : CN=Interop RGC,CN=Connections,CN=COMPANY,CN=Routing Groups,CN=COMPANY,CN=Administrative
                               Groups,CN=Company Name,CN=Microsoft Exchange,CN=Services,CN=Confi
                               guration,DC=COMPANY,DC=com

Identity                     : Interop RGC

Guid                         : 97009baa-1db8-4082-b833-db9f2e82c5b3

ObjectCategory               : COMPANY.com/Configuration/Schema/ms-Exch-Routing-Group-Connector

ObjectClass                  : {top, msExchConnector, msExchRoutingGroupConnector}

WhenChanged                  : 8/19/2014 4:13:32 PM

WhenCreated                  : 8/19/2014 4:12:45 PM

WhenChangedUTC               : 8/19/2014 11:13:32 PM

WhenCreatedUTC               : 8/19/2014 11:12:45 PM

OrganizationId               :

OriginatingServer            : bc-phx-dc01.COMPANY.com

IsValid                      : True

=================================================================
##phx-exch02-routing-connnector...
=================================================================
Name                      SourceRoutingGroup                                                                                                                       TargetRoutingGroup
----                      ------------------                                                                                                                       ------------------
Interop RGC               Exchange Routing Group (DWBGZMFD01QNBJR)                                                                                                 COMPANY
Interop RGC               COMPANY                                                                                                                                  Exchange Routing Group (DWBGZMFD01QNBJR)


[PS] C:\Windows\system32>Get-RoutingGroupCOnnector | fl


RunspaceId                   : 2a363f8e-f24d-435b-a524-01c75fa62852
TargetRoutingGroup           : COMPANY
Cost                         : 100
TargetTransportServers       : {BCEXCH}
ExchangeLegacyDN             : /o=Company Name/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Configuration/cn=Connections/cn=Interop RGC

PublicFolderReferralsEnabled : True

SourceRoutingGroup           : Exchange Routing Group (DWBGZMFD01QNBJR)

SourceTransportServers       : {BC-PHX-EXCH02}

HomeMTA                      : Microsoft MTA

HomeMtaServerId              : BC-PHX-EXCH02

MaxMessageSize               : unlimited

AdminDisplayName             :

ExchangeVersion              : 0.1 (8.0.535.0)

Name                         : Interop RGC

DistinguishedName            : CN=Interop RGC,CN=Connections,CN=Exchange Routing Group (DWBGZMFD01QNBJR),CN=Routing Groups,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=Company Name,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=COMPANY
                               ,DC=com
                                            
Identity                     : Interop RGC

Guid                         : 85f0308c-0dee-4205-94e6-94d0aee93e13

ObjectCategory               : COMPANY.com/Configuration/Schema/ms-Exch-Routing-Group-Connector

ObjectClass                  : {top, msExchConnector, msExchRoutingGroupConnector}

WhenChanged                  : 8/19/2014 4:13:32 PM

WhenCreated                  : 8/19/2014 4:12:45 PM

WhenChangedUTC               : 8/19/2014 11:13:32 PM

WhenCreatedUTC               : 8/19/2014 11:12:45 PM

OrganizationId               :
OriginatingServer            : bc-phx-dc01.COMPANY.com

IsValid                      : True

RunspaceId                   : 2a363f8e-f24d-435b-a524-01c75fa62852

TargetRoutingGroup           : Exchange Routing Group (DWBGZMFD01QNBJR)

Cost                         : 100

TargetTransportServers       : {BC-PHX-EXCH02}

ExchangeLegacyDN             : /O=Company Name/OU=COMPANY/cn=Configuration/cn=Connections/cn=Interop RGC

PublicFolderReferralsEnabled : True

SourceRoutingGroup           : COMPANY

SourceTransportServers       : {BCEXCH}

HomeMTA                      : Microsoft MTA

HomeMtaServerId              : BCEXCH

MaxMessageSize               : unlimited

AdminDisplayName             :

ExchangeVersion              : 0.1 (8.0.535.0)

Name                         : Interop RGC

DistinguishedName            : CN=Interop RGC,CN=Connections,CN=COMPANY,CN=Routing Groups,CN=COMPANY,CN=Administrative Groups,CN=Company Name,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=COMPANY,DC=com

Identity                     : Interop RGC

Guid                         : 97009baa-1db8-4082-b833-db9f2e82c5b3

ObjectCategory               : COMPANY.com/Configuration/Schema/ms-Exch-Routing-Group-Connector

ObjectClass                  : {top, msExchConnector, msExchRoutingGroupConnector}

WhenChanged                  : 8/19/2014 4:13:32 PM

WhenCreated                  : 8/19/2014 4:12:45 PM

WhenChangedUTC               : 8/19/2014 11:13:32 PM

WhenCreatedUTC               : 8/19/2014 11:12:45 PM

OrganizationId               :
OriginatingServer            : bc-phx-dc01.COMPANY.com
0
 

Author Comment

by:jballiet5
ID: 40274635
after creating the new routing group connectors last night, this is what I now have in the Exchange 2003 System Manager...

Capture9.JPG
0
Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

 

Author Comment

by:jballiet5
ID: 40274638
the smart host still exists in the default SMTP Virtual Server.
0
 

Author Comment

by:jballiet5
ID: 40274643
What is the difference between the Exchange Administrator Group routing groups and the non Admin Routing group connectors?
0
 

Author Comment

by:jballiet5
ID: 40274792
i also moved the exchange routing master to the active server 2003 exchange cluster. The server that it was bound to was dead and no longer active, but still showing up in Exchange.
0
 
LVL 12

Expert Comment

by:David Paris Vicente
ID: 40274833
Hi jbaliet,

The issue you reported in the majority of the cases is related with entries in the Smart Host box on the SMTP virtual server so you need to remove it and replace it with an SMTP Connector.

Exchange uses SMTP to communicate between the servers. Using a Smart Host on the "Default SMTP Virtual Server" will stop the messages going between the servers, and if you also use External DNS on the "Default SMTP Virtual Server"  you need to remove it from the SMTP virtual server. This can stop DNS from finding your new server.
If DNS lookups don't work correctly without those set, then configure forwarders on the DNS Server in your domain controllers.

So you need to check in the 2003 the Default SMTP Virtual Server properties > Delivery > Advanced
then in the same window check if an entry exists in the configure External DNS servers.

You should also check if the Authentication on the Default receive connector on the 2010 is enabled for anonymous.

Let us know if this helped.
0
 

Author Comment

by:jballiet5
ID: 40275028
ok. you where right. I removed the smarthost from Default SMTP virtual server, then created arouting connector to the smarthost. This works. For some reason this also allows my Admin Group routing connector to work.

So I have the following mailflow...

Internet<-->smarthost<-->2003<-->2010

I need this...

Internet<-->smarthost<-->2003<-->2010-->smarthost-->internet

... This will allow for us to start moving mailboxes safely.
0
 

Author Comment

by:jballiet5
ID: 40275043
Here are my queues on 2010 for outbound internet. The emails are stuck...

[PS] C:\Windows\system32>get-transportserver | get-queue

Identity                                                    DeliveryType Status MessageCount NextHopDomain
--------                                                       ------------ ------ ------------ -------------
bc-phx-exch01\16                                   DnsConnec... Retry  8              gmail.com
bc-phx-exch01\18                                   DnsConnec... Retry  2              lmhspc.com
bc-phx-exch01\Submission                   Undefined    Ready  0              Submission
bc-phx-exch01\Shadow\9                      ShadowRed... Ready  3            bc-phx-exch02.company.com
bc-phx-exch02\Submission                   Undefined    Ready  0              Submission
bc-phx-exch02\Shadow\9                      ShadowRed... Ready  2            bc-phx-exch01.company.com


I have a send connector pretty much setup with * address space with internet, using dns to send mail, the source servers are both my 2010 servers. This should work, but it does not.
0
 
LVL 12

Expert Comment

by:David Paris Vicente
ID: 40275121
Can you insert here the logs.
In most cases they are in "C:\Program Files\Microsoft\Exchange Server\V14\TransportRoles\Logs\ProtocolLog\SmtpSend "

On the queue viewer in EMC there any last errors?

You should also troubleshoot DNS issues.
Check if your MX record is correct with NSLOOKUP or using the MXTools Website

Are you using internal or external DNS?

On your send connector did you use the FQDN for the EHLO response?
You also can use the remote connectivity analyzer.
0
 

Author Comment

by:jballiet5
ID: 40279997
No logs under...  
"C:\Program Files\Microsoft\Exchange Server\V14\TransportRoles\Logs\ProtocolLog\SmtpSend "

No errors in queue viewer...
Capture10.JPG
internal DNS MX records for new exchange servers are good

We forward the outbound email to a Cisco Iron-port smarthost

Here is a delivery report of a test email...

Delivery Report for  XXX


Submitted
8/22/2014 4:20 PM BC-PHX-EXCH01.COMPANY.com
The message was submitted to bc-phx-exch02.COMPANY.com.

Pending
8/22/2014 4:20 PM bc-phx-exch02.COMPANY.com
The message has been queued on server 'bc-phx-exch02.COMPANY.com' since 8/22/2014 4:20:02 PM (UTC-08:00) Pacific Time (US & Canada). The last attempt to send the message was at 8/22/2014 5:15:07 PM (UTC-08:00) Pacific Time (US & Canada) and generated the error '451 4.4.0 Primary target IP address responded with: "421 4.2.1 Unable to connect." Attempted failover to alternate host, but that did not succeed. Either there are no alternate hosts, or delivery failed to all alternate hosts.'.

8/22/2014 5:24 PM bc-phx-exch02.COMPANY.com
Message delivery is taking longer than expected. There may be system delays. For more information, contact your helpdesk.
0
 
LVL 28

Expert Comment

by:MAS
ID: 40280565
Try
type telnet exchange2010IP 25
then type ehlo and post the result here
0
 

Author Comment

by:jballiet5
ID: 40282244
ehlo
250-bc-phx-exch02.company.com Hello [10.100.50.5]
250-SIZE
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-STARTTLS
250-X-ANONYMOUSTLS
250-AUTH NTLM
250-X-EXPS GSSAPI NTLM
250-8BITMIME
250-BINARYMIME
250-CHUNKING
250-XEXCH50
250-XRDST
250 XSHADOW

ehlo
250-bc-phx-exch02.company.com Hello [10.100.50.5]
250-SIZE
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-X-ANONYMOUSTLS
250-AUTH NTLM
250-X-EXPS GSSAPI NTLM
250-8BITMIME
250-BINARYMIME
250-CHUNKING
250-XEXCH50
250-XRDST
250 XSHADOW
0
 
LVL 12

Expert Comment

by:David Paris Vicente
ID: 40282324
Did you check your IronPort settings?

Did you define the Exchange as relay host in the OUtbound Listener on IronPort side?

Can you check the logs in the IronPort and see messages related with the Exchange Communications?

Can you insert the logs from the IronPort here so we can help you analyze it?
0
 

Author Comment

by:jballiet5
ID: 40283864
iron port is open, allows all outbound email to go out.  nothing in the logs. logs are outdated. when email tried to hit ironport, email was stuck in queue indefinitely


When I deleted our two  send connectors for outbound traffic, it allowed email out to internet destinations.  However, I believe the email may be back tracking to the old 2003 exchange servers and out the smarthost.

Here is our current send and receive connectors...

[PS] C:\Windows\system32>get-sendconnector

Identity                                                                                                  AddressSpaces
--------                                                                                                    -------------
SendMailOut                                                                                         {SMTP:*;1}


[PS] C:\Windows\system32>Get-ReceiveConnector

Identity                                                                                                                     Bindings
--------                                                                                                                         --------
BC-PHX-EXCH01\Default BC-PHX-EXCH01                                                                 {:::25, 0.0.0.0:25}
BC-PHX-EXCH01\Client BC-PHX-EXCH01                                                                  {:::587, 0.0.0.0:587}
BC-PHX-EXCH02\Default BC-PHX-EXCH02                                                                 {:::25, 0.0.0.0:25}
BC-PHX-EXCH02\Client BC-PHX-EXCH02                                                                  {:::587, 0.0.0.0:587}
0
 

Author Comment

by:jballiet5
ID: 40283904
delivery report shows my test emails going back through to 2003 email servers and out to smarthost.

I am going to rebuild the send connector on   2010 exchange server.
0
 
LVL 12

Expert Comment

by:David Paris Vicente
ID: 40283954
Hi jballiet5,

This starts to be a little confusing, sorry.

Just to clear the things a little bit.

Can you send mails from Exchange 2003 to the User in Exchange 2010? Yes Or NO
The users in Exchange 2003 can send emails to the internet?
The user in Exchange 2010 can send Email to Exchange 2003 and to Internet?
0
 
LVL 12

Expert Comment

by:David Paris Vicente
ID: 40283959
Sorry I was composing the last post and I didn´t see your last Post.

Can you enabled verbose logging in the connector and put it here.
0
 

Author Comment

by:jballiet5
ID: 40284015
2003<-->2010 Good
2003-->Internet Good

2010-->Internet - Broken, when I configure any kind of send connector.
2010-->2003-->Internet - Good, when there is no send connector

The goal is 2010-->Internet using send connector.

I have tried every possible combination of send connector configuration without success.
0
 

Author Comment

by:jballiet5
ID: 40284024
Here is the send log
SEND20140825-1.LOG
0
 
LVL 12

Expert Comment

by:David Paris Vicente
ID: 40284132
By the log that you provided it seems that something is blocking the port.

So you need to check if Windows firewall is disabled, check if the necessary ports 25 and 587 are open in IronPort, and by the way check if the RRAS service is enabled or disabled, if enabled disable it.
0
 

Author Comment

by:jballiet5
ID: 40284326
RRAS is disabled by another application, probably DAG.

Can you be more specific about the Windows firewall. Which is currently enabled on both exchange servers.

port 587 is not open on iron port. I did not see anything in the logs regarding port 587. (when I grepped the file)
0
 

Author Comment

by:jballiet5
ID: 40284383
Delivery Report for
Submitted
8/25/2014 3:20 PM BC-PHX-EXCH01.company.com
The message was submitted to bc-phx-exch01.company.com.
Pending
8/25/2014 3:20 PM bc-phx-exch01.company.com
The message has been queued on server 'bc-phx-exch01.company.com' since 8/25/2014 3:20:30 PM (UTC-08:00) Pacific Time (US & Canada). The last attempt to send the message was at 8/25/2014 3:21:11 PM (UTC-08:00) Pacific Time (US & Canada) and generated the error '451 4.4.0 Primary target IP address responded with: "421 4.2.1 Unable to connect." Attempted failover to alternate host, but that did not succeed. Either there are no alternate hosts, or delivery failed to all alternate hosts.'.
0
 
LVL 12

Accepted Solution

by:
David Paris Vicente earned 2000 total points
ID: 40284409
Try disabling both Windows firewall for test purposes.
And I´m sorry I didn´t meant to open 587 on the IronPort, it was to check on the Windows side if it was open.

What are the permission set on the send connector?
Are you sure that your ISP don´t block communications on port 25?
0
 

Author Comment

by:jballiet5
ID: 40284415
I am sure ISP does not block port 25 because that is what we use for our 2003 server.
0
 

Assisted Solution

by:jballiet5
jballiet5 earned 0 total points
ID: 40284430
ok. we found the problem. it was a firewall blocking some traffic between exchange servers and smarthost
0
 
LVL 12

Expert Comment

by:David Paris Vicente
ID: 40284454
Great. :)
It was like I was saying something was blocking communications, but only you can do the real troubleshoot in your environment.

I just don´t understand  why you asked to close this question.

Regards
0
 

Author Comment

by:jballiet5
ID: 40286912
I am not well versed with the interface and all the processes. still kind of confusing. so i may end of pushing buttons when i should have not. :-)
0
 

Author Closing Comment

by:jballiet5
ID: 40294261
we found the firewall ACL blocking some traffic between smarthost and exchange
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The main intent of this article is to make you aware of ‘Exchange fail to mount’ error, its effects, causes, and solution.
Mailbox Corruption is a nightmare every Exchange DBA wishes he never has. Recovering from it can be super-hectic if not entirely futile. And though techniques like the New-MailboxRepairRequest cmdlet have been designed to help with fixing minor corr…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses
Course of the Month18 days, 20 hours left to enroll

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question