Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 183
  • Last Modified:

Sending unauthenticated email through the mailserver from remote subnet. (Send connector issue?)

Hi

I have an APC UPS with a management card. Within the interface I can set my server IP, smtp port, sender, recipient for sending notifications (power outages, temperature etc).

I use this on my main site without issue, emails bounce off the exchange box and come in from APC_Server1@attwater.com completely unauthenticated.

The problem occurs when I replicate this setup on a remote network segment (connected through VPN). It fails/times out, with very little detail in the available log.

Initially I though it was a firewall issue (I have seen them have issues with remote subnets). I discounted this by turning off the firewall.

So it must be an exchange issue, presumably with permissions on the send connector. I have added the ip range of the remote segment to the Default Receive Connector, but still no joy.

I am running SBS 2008 with exchange 2007.

Any ideas how to test / debug?
0
noooodlez
Asked:
noooodlez
  • 6
  • 3
3 Solutions
 
Simon Butler (Sembee)ConsultantCommented:
SBS 2008 doesn't use the Default Connector for receiving email, if it was setup with the wizards. It will have another connector which is the one you need to modify. You shouldn't touch the Default Connector at all.

If you have something on the remote site that you can run telnet on, then you can telnet to the server and see what the response is.

However I always use an external email server to send the alerts from the UPS. I can usually keep the internet connectivity up longer than the server, so have a higher chance of an alert going out before the power fails.

Simon.
0
 
noooodlezAuthor Commented:
Good idea on the telnet. I get a timeout and fail from the remote subnet.
I have tweaked all sorts of receive connector settings and cannot get it to work.

I have attached a couple of images of my setup.
DefaultReceiveConnector.jpg
DefaultReceiveConnector2.jpg
0
 
Simon Butler (Sembee)ConsultantCommented:
SBS doesn't use the Default Connector, it uses its own.
Therefore if you have been changing the default connector then you haven't been resolving anything.

You need to run the fix my network wizard and allow it to correct the settings back to the default.
Then once you have done that, create a new Receive Connector that is restricted to just the remote IP address range.

Simon.
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
noooodlezAuthor Commented:
That deleted the....

Windows SBS Internet Receive Connector

I had to Enable the external connector. I have created a new receive connector for the remote subnet of 'custom' type. I have tried allsorts of settings (presumably I need

FQDN set to NETBIOS.
Network, bound to NIC on port 25. remote subnet set (192.168.2.0/24).
Basic Authentication (although windows should work as they are located on the same domain).
Anonymous users.

Enabling connectivity logging doesn't show my connection attempts.
Turning verbose logging on my new receive connector doesn't show my connection attempts. (I presume these log in C:\program files\Microsoft\Exchange Server\TransportRoles\Logs\ProtocolLog\SmtpReceive)!!!!?

Testing through telnet with firewall off at BOTH ends. STILL FAILING.

I understand your comments about bouncing off an internet mailserver, but the management card will not allow this!

I think the issues may be some sort of conflict between the connectors. IF I CHANGE MY DEFAULT CONNECTOR TO PORT 26 IT WORKS FINE!!!!

Doesn't help me much but Im running out of options WRT logging and testing!
0
 
noooodlezAuthor Commented:
(sorry, when I say default connector, I mean my new connector)
0
 
noooodlezAuthor Commented:
I also tried extending out the range of my default connector (as created by fix my network) as my subnets are sequential.

Still no joy.
0
 
Simon Butler (Sembee)ConsultantCommented:
Odd that the wizard removed your Receive Connector.
You will need to run the configuration wizards within the SBS console to get it configured correctly. Once you have done that, then create a new connector for this remote server.

Simon.
0
 
noooodlezAuthor Commented:
Hi

I managed to resolve this.
I think I messed with the receive connector in the past (created a new one). This one was deleted, but the default one was not re-enabled. No big deal!

The receive connector config was correct. The fact that port 26 worked gave me a clue. I have a firewall IP filter on my router which only allows incoming (tcp25) from my smarthost / cloud spam solution.

It seems that my draytek 3900 classes VPN traffic as WAN traffic and applies SPI rules to all data running through it.

Thanks for your help. I will give you the points as your advice on debugging and setup assisted greatly.
0
 
noooodlezAuthor Commented:
I resolved myself with the assistance of sembee.
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

  • 6
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now