Issue in Exchange server 2013 send /receive

I have setup an exchange server 2013 cu7 on Windows 2012 R2 Standard.
I have seperate AD server running on the same OS mentioned above.

My Exchange installation was fine but aster installation i couldn't send and receive email from outside. Internal is working fine.

When i send to couple of external email ids like gmail i am getting error like rejected your message to the following email addresses:

Your message wasn't delivered due to a permission or security issue. It may have been rejected by a moderator, the address may only accept email from certain senders, or another restriction may be preventing delivery. gave this error:
[ 12] Our system has detected that this message is likely unsolicited mail. To reduce the amount of spam sent to Gmail, this message has been blocked. Please visit for more information. qu4si7170968pbb.17 - gsmtp

Couple of emails are qued up and not sending.

Also  when i send email to my exchange user i am not receiving.

I tried Microsoft remote connectivty analyser and i am getting the error.

      Testing TCP port 25 on host to ensure it's listening and open.
       The specified port is either blocked, not listening, or not producing the expected response.

I am using a fortigate firewall and using fortigate dyndns.
The domain is from 1and1 and i created the mx recored and it is pointing to the firewall.

I also done the port forwarding also.

Please help me in resolving the issue.

Raneesh AIT EngineerAsked:
Who is Participating?
hecgomrecConnect With a Mentor Commented:
From your errors above I can tell you it seems your IP is Blacklisted.  Your emails are going out but there is an error on the SMTP transport.

Check all these:

Your public IP should be mapped (NAT) on your firewall to your internal server's IP (with all or required ports)
You must have public DNS and MX records matching your server's certificates ( or owa.ato....,etc)
You must be passing your SMTP communication to the same ISP.  You can't send over SMTP using an IP range from another ISP (   -- and when I ping your server I got  So make sure you are using the right server IP to send your SMTP.

Check you internal DNS and MX records to match your server's internal IP so when you look for within your network you'll get your internal IP.
Kash2nd Line EngineerCommented:
have you got port 25 open on the firewall and nating/pointing to the exchange ?

are you able to send emails at all i.e: apart from google, have you tried sending to any other recipient. are you getting the same error message
Raneesh AIT EngineerAuthor Commented:
yes i have allowed all port to the exchange ip including nat..
i tried to send to another domain and is stuck in mail queue.
Free tool for managing users' photos in Office 365

Easily upload multiple users’ photos to Office 365. Manage them with an intuitive GUI and use handy built-in cropping and resizing options. Link photos with users based on Azure AD attributes. Free tool!

The NDR was generated by Google, there for the mail did get sent and was bounced from outside your organization.  Therefore it's not likely to be a firewall issue.  It looks like Google thinks it's SPAM.  You could try hot mail or yahoo etc...  This would tell you a lot.
Raneesh AIT EngineerAuthor Commented:
my server name is and i changed the mx record as (owa,ecp...) and created A record in dns server for mail and autodiscover to point to exchange server .

I tried sending to other domains and received error
Generating server:
Receiving server: (
Remote Server at ( returned '400 4.4.7 Message delayed'
2/23/2015 3:04:32 PM - Remote Server at ( returned '451-4.4.0 Primary target IP address responded with: " (mxeueus002) Nemesis ESMTP Service not available 451-4.4.0 554-No SMTP service 451 4.4.0 554 invalid DNS PTR resource record." Attempted failover to alternate host, but that did not succeed. Either there are no alternate hosts, or delivery failed to all alternate hosts. The last endpoint attempted was'

For Hotmail

Generating server:
Remote Server returned '550 OU-002 (COL004-MC1F40) Unfortunately, messages from weren't sent. Please contact your Internet service provider since part of their network is on our block list. You can also refer your provider to'
Raneesh AIT EngineerAuthor Commented:
Also this the error i got from google when i tried to send an email to our exchnage user

Delivery to the following recipient has been delayed:

Message will be retried for 1 more day(s)

Technical details of temporary failure:
The recipient server did not accept our requests to connect. Learn more at
[(10) []:25: socket error]
Kash2nd Line EngineerCommented:
NDR is normally received when your emails hit another server. It is telling us that you are on RBLs.

Try using a smart host first to rule out any NDR issues. If after using smarthost you can't send then I would start looking at other issues.
Raneesh AIT EngineerAuthor Commented:
I think my isp is blocking port 25.
When i tried smart host in send connector the emails are going. but not receiving emails to exchange  .
Raneesh AIT EngineerAuthor Commented:
Issue resolved . it was because of our dyndns .
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.