My company has an Exchange Sever 2013. It stoppde to send/to receive external emails

Posted on 2014-08-27
Last Modified: 2014-10-19
We only can send / receive internal emails.
I checked the inbound - outbound connectors : the server ip is correct

The CNAME record points to Microsoft EOP:   and
The MX record :xxxxx
please help
Question by:francisco Soto
    LVL 27

    Expert Comment

    sending & receiving uses different facilities so treat them as separate issues until proved otherwise. bit odd theyd both at the same time tho....

    firstly, has anyone (internal or external) had a boundback? these would be really useful to start with.

    secondly, do you use any external mail filtering or smarthosts?

    has you internet/firewall been changed or amended?

    Author Comment

    by:francisco Soto
    yes we get bounback.

    Received: from ( by ( with Microsoft SMTP Server
     (TLS) id 15.0.712.24 via Mailbox Transport; Wed, 27 Aug 2014 16:32:16 -0400
    MIME-Version: 1.0
    From: Microsoft Outlook
    To: <>
    Date: Wed, 27 Aug 2014 16:32:16 -0400
    Content-Type: multipart/report; report-type=delivery-status;
    X-MS-Exchange-Organization-SCL: -1
    Content-Language: en-US
    Message-ID: <>
    In-Reply-To: <>
    References: <>
    Thread-Topic: test
    Thread-Index: AQHPwhJT4WFlcZqVLkSeZ3GSy4r+QJvk59ZN
    Subject: Delivery delayed:test
    Auto-Submitted: auto-replied
    X-MS-Exchange-Organization-AuthAs: Internal
    X-MS-Exchange-Organization-AuthMechanism: 05
    X-MS-Exchange-Organization-Network-Message-Id: 7b0aeb8b-b5b3-45af-f6b7-08d1904d2013
    X-MS-Exchange-Organization-AVStamp-Enterprise: 1.0
    Return-Path: <>
    the external mail filtering is Microsoft Online Protection
    the firewall is managed for level3. no changes

    Author Comment

    by:francisco Soto
    Delivery has failed to these recipients or groups:

    '' (
     Your message wasn't delivered due to a permission or security issue. It may have been rejected by a moderator, the address may only accept email from certain senders, or another restriction may be preventing delivery.

    The following organization rejected your message:
    LVL 27

    Expert Comment

    you haven't specific whether these bouncebacks are incoming or outgoing.

    could you also please advise if is your server or someone elses?

    Author Comment

    by:francisco Soto
    yes, this is our server.
    both incoming and outgoing
    we have internal mail flow perfect.
    LVL 27

    Assisted Solution

    still a bit odd really. it is very rare that you would get the same issue both incoming and outgoing. is the bounceback message the same?

    lets look at one issue at a time....

    things to check on incoming:
    receive connector - anonymous messages enabled
    mailbox/disty group - 'require all senders to be authenticated' uncheckd
    firewall - check port 25 goes to correct server

    try running a manual test to confirm if traffic flows ok.

    Accepted Solution

    Issue fixed. It was a firewall issue.
    From: <>
    Sent: Thursday, September 4, 2014 4:20 PM
    To: Francisco Soto

    Subject: RE: Level (3) Ticket #: 8302553, Dual Temp Co. Inc.-Dual Temp Company, Inc., Ticket Updated, Customer Ticket ID:

    Good afternoon,

    The inbound nat object was not being called upon properly, once we adjusted the rule it allowed natting to take place properly. It was configured so that was reaching out over the external interface and when the traffic was coming back in the natted object was not being activated.

    Very respectfully,

    Charles Eakes
    Level 3 Communications

    Author Comment

    by:francisco Soto
    I've requested that this question be closed as follows:

    Accepted answer: 0 points for francisco Soto's comment #a40359502

    for the following reason:

    LVL 27

    Expert Comment

    Bit  unfair to just accept your own solution there mate. In addition to the help I offered I also pointed you in the direction of the firewall in post 40322154.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    IT, Stop Being Called Into Every Meeting

    Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

    Occasionally you run into the website or two that will not resolve properly using your own DNS servers.  Some people simply set up global forwarders for their DNS server.  I don’t recommend doing this because it can cause problems resolving addresse…
    Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…
    Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…

    779 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    21 Experts available now in Live!

    Get 1:1 Help Now