Solved

Sending unauthenticated email through the mailserver from remote subnet. (Send connector issue?)

Posted on 2015-01-13
9
169 Views
Last Modified: 2015-02-11
Hi

I have an APC UPS with a management card. Within the interface I can set my server IP, smtp port, sender, recipient for sending notifications (power outages, temperature etc).

I use this on my main site without issue, emails bounce off the exchange box and come in from APC_Server1@attwater.com completely unauthenticated.

The problem occurs when I replicate this setup on a remote network segment (connected through VPN). It fails/times out, with very little detail in the available log.

Initially I though it was a firewall issue (I have seen them have issues with remote subnets). I discounted this by turning off the firewall.

So it must be an exchange issue, presumably with permissions on the send connector. I have added the ip range of the remote segment to the Default Receive Connector, but still no joy.

I am running SBS 2008 with exchange 2007.

Any ideas how to test / debug?
0
Comment
Question by:noooodlez
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 3
9 Comments
 
LVL 63

Assisted Solution

by:Simon Butler (Sembee)
Simon Butler (Sembee) earned 500 total points
ID: 40547044
SBS 2008 doesn't use the Default Connector for receiving email, if it was setup with the wizards. It will have another connector which is the one you need to modify. You shouldn't touch the Default Connector at all.

If you have something on the remote site that you can run telnet on, then you can telnet to the server and see what the response is.

However I always use an external email server to send the alerts from the UPS. I can usually keep the internet connectivity up longer than the server, so have a higher chance of an alert going out before the power fails.

Simon.
0
 

Author Comment

by:noooodlez
ID: 40583556
Good idea on the telnet. I get a timeout and fail from the remote subnet.
I have tweaked all sorts of receive connector settings and cannot get it to work.

I have attached a couple of images of my setup.
DefaultReceiveConnector.jpg
DefaultReceiveConnector2.jpg
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 40585922
SBS doesn't use the Default Connector, it uses its own.
Therefore if you have been changing the default connector then you haven't been resolving anything.

You need to run the fix my network wizard and allow it to correct the settings back to the default.
Then once you have done that, create a new Receive Connector that is restricted to just the remote IP address range.

Simon.
0
Instantly Create Instructional Tutorials

Contextual Guidance at the moment of need helps your employees adopt to new software or processes instantly. Boost knowledge retention and employee engagement step-by-step with one easy solution.

 

Assisted Solution

by:noooodlez
noooodlez earned 0 total points
ID: 40586064
That deleted the....

Windows SBS Internet Receive Connector

I had to Enable the external connector. I have created a new receive connector for the remote subnet of 'custom' type. I have tried allsorts of settings (presumably I need

FQDN set to NETBIOS.
Network, bound to NIC on port 25. remote subnet set (192.168.2.0/24).
Basic Authentication (although windows should work as they are located on the same domain).
Anonymous users.

Enabling connectivity logging doesn't show my connection attempts.
Turning verbose logging on my new receive connector doesn't show my connection attempts. (I presume these log in C:\program files\Microsoft\Exchange Server\TransportRoles\Logs\ProtocolLog\SmtpReceive)!!!!?

Testing through telnet with firewall off at BOTH ends. STILL FAILING.

I understand your comments about bouncing off an internet mailserver, but the management card will not allow this!

I think the issues may be some sort of conflict between the connectors. IF I CHANGE MY DEFAULT CONNECTOR TO PORT 26 IT WORKS FINE!!!!

Doesn't help me much but Im running out of options WRT logging and testing!
0
 

Author Comment

by:noooodlez
ID: 40586069
(sorry, when I say default connector, I mean my new connector)
0
 

Author Comment

by:noooodlez
ID: 40586071
I also tried extending out the range of my default connector (as created by fix my network) as my subnets are sequential.

Still no joy.
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 40589984
Odd that the wizard removed your Receive Connector.
You will need to run the configuration wizards within the SBS console to get it configured correctly. Once you have done that, then create a new connector for this remote server.

Simon.
0
 

Accepted Solution

by:
noooodlez earned 0 total points
ID: 40593453
Hi

I managed to resolve this.
I think I messed with the receive connector in the past (created a new one). This one was deleted, but the default one was not re-enabled. No big deal!

The receive connector config was correct. The fact that port 26 worked gave me a clue. I have a firewall IP filter on my router which only allows incoming (tcp25) from my smarthost / cloud spam solution.

It seems that my draytek 3900 classes VPN traffic as WAN traffic and applies SPI rules to all data running through it.

Thanks for your help. I will give you the points as your advice on debugging and setup assisted greatly.
0
 

Author Closing Comment

by:noooodlez
ID: 40602748
I resolved myself with the assistance of sembee.
0

Featured Post

Free eBook: Backup on AWS

Everything you need to know about backup and disaster recovery with AWS, for FREE!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As tax season makes its return, so does the increase in cyber crime and tax refund phishing that comes with it
This article will help to fix the below error for MS Exchange server 2010 I. Out Of office not working II. Certificate error "name on the security certificate is invalid or does not match the name of the site" III. Make Internal URLs and External…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question