Receive connector 0.0.0.0:25 requires Transport Layer Security (TLS) before the MailFrom command can be run, but the server can't achieve it. Check this connector's authentication setting.

We have an SBS 2011 with Exchange 2010 and all of a sudden we we're not receiving any inbound email from the internet.  Senders are reporting the following NDR:

Unknown recipient channel
A problem occurred while delivering this message to this email address. Try sending this message again. If the problem continues, please contact your helpdesk.

Event viewer on the server shows the following errors:
Receive connector 127.0.0.1:25 requires Transport Layer Security (TLS) before the MailFrom command can be run, but the server can't achieve it. Check this connector's authentication setting.

The only thing was changed was anti-spam content filtering.  
Can anyone help to get this resolved?
Thanks!
rsmhawaiiAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

PerarduaadastraCommented:
If you reverse the anti-spam content filtering change does the problem go away?
0
Mohammed TahirMicrosoft Exchange and O365 AdministratorCommented:
-- Are you made any changes in default Receive Connector?
-- Check the DNS settings on server, SBS server should point itself as Primary DNS server.

Tahir
0
rsmhawaiiAuthor Commented:
Hi Perarduaadastra, yes i reversed out the anti-spam settings and still have the same problem.
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

rsmhawaiiAuthor Commented:
Md_tahir21, no changes made to the default receive connector and DNS settings weren't changed as well  Yes it does point to itself as the primary DNS server.

Users can send out email but when I try to reply I get the following NDR
server gave this error: Unknown recipient channel

In event viewer I see the following:
Authentication Setting Receive connector 0.0.0.0:25 requires Transport Layer Security (TLS) before the MailFrom command can be run, but the server can't achieve it. Check this connector's authentication setting.

I've tried "unchecking" and "checking" the Transport Layer Security box in both receive connectors and still no luck.
0
rsmhawaiiAuthor Commented:
Here's more detail from testconnectivity.microsoft.com

      
The server returned status code 501 - Syntax error in parameters or arguments. The server response was: Unknown recipient channel
Exception details:
Message: Syntax error in parameters or arguments. The server response was: Unknown recipient channel
Type: System.Net.Mail.SmtpException
Stack trace:
at System.Net.Mail.RecipientCommand.CheckResponse(SmtpStatusCode statusCode, String response)
at System.Net.Mail.RecipientCommand.Send(SmtpConnection conn, String to, String& response)
at System.Net.Mail.SmtpTransport.SendMail(MailAddress sender, MailAddressCollection recipients, String deliveryNotify, Boolean allowUnicode, SmtpFailedRecipientException& exception)
at System.Net.Mail.SmtpClient.Send(MailMessage message)
at Microsoft.Exchange.Tools.ExRca.Tests.SmtpMessageTest.PerformTestReally()
Elapsed Time: 771 ms.
0
Mohammed TahirMicrosoft Exchange and O365 AdministratorCommented:
How your inbound emails are designed to flow? I mean are you using any third party Email filtering vendor to filter your inbound emails? Try to send mail via telnet (Telnet to your MX record) if not receives again try via telnet but this time telnet directly your Exchange server's Publich IP adddress and drop an email to internal recipient.

Tahir
0
rsmhawaiiAuthor Commented:
Hi Tahir,
Inbound emails are designed to flow directly to the exchange server.  I tried to send email via telnet to mx record and directly to public IP address and each time I get at "501 syntax error in parameters" when i enter "Mail From:myemail@address.com" (i entered my valid email address).

Laurence
0
rsmhawaiiAuthor Commented:
Now i'm getting event ID 1009 The Microsoft Exchange Mail Submission service is currently unable to contact any Hub Transport servers in the local Active Directory site. The servers may be too busy to accept new connections at this time.
0
VirastaRUC Tech Consultant Commented:
Hi,

OK, Try this, Run
Exchange Performance Troubleshooter – EXTRA
http://msexchangeteam.in/exchange-performance-troubleshooter-extra

But instead of "Performance Troubleshooter" select "Mailflow Troubleshooter" and select relevant sub-options and see what you get if you are not getting anywhere share the results to get more insight about the issue.

Hope that helps :)
0
VirastaRUC Tech Consultant Commented:
Hi,

Step1:
Enabling TLS for Exchange Server 2010
http://terenceluk.blogspot.com/2013/09/enabling-tls-for-exchange-server-2010.html

Step2:
Run the Fix My Network Wizard
http://technet.microsoft.com/en-us/library/cc546095.aspx

Hope that helps :)
0
rsmhawaiiAuthor Commented:
Thanks for all your comments to find a resolution.  After a whole weekend of searching and troubleshooting and using your recommendations, I call Microsoft Support and it turned out that an application was installed on the server (without anyone telling me) that used Java.  That Java piece was listening on port 25 which caused the SMTP inbound email issues.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
rsmhawaiiAuthor Commented:
I was able obtain the solution by working directly with Microsoft.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.