We help IT Professionals succeed at work.

SBS2011 - suddenly can't receive external emails, internal ok  and can send ok.

Joemt
Joemt asked
on
Help currently on site

Suddenly can't  receive external emails. Can send ok and internal email is fine. Cell phones out in the filed cannot get email.

- 71 gb of space on drive c:

- Ran the remote connectivity analyzer and it had one error (see pic)
- Have one LSAsvr error in event logs - about no authentication protocol available. Seems to be ok at this point
- Ran exchange mail flow troubleshoot assistance:  Mail acceptance test failed: service not available, closing transmission channel Server response 4.3.2 service not available....2nd message Server does not support secure connections.
- EX Mail submission service is running.

Need some advice...not sure where to look from here?  Not sure what changed today.......Q: is the exchange stor included in the Drive C: total used space?   if the Ex DB stor is over 71 GB's is that the issue?

Question: I have 71 GB of space on drive C:.

mailreject.jpgremote-connectivity-error.jpg
Comment
Watch Question

Top Expert 2016

Commented:
smtp       mail.beallawfirm.com       Warning - Reverse DNS does not match SMTP Banner       
smtp       mail.beallawfirm.com       Warning - Does not support TLS.

you have a certificate error

Author

Commented:
How did you determine that?   (for learning purposes)

How do I go about fixing it.........what would suddenly cause that to take place on a server?
Top Expert 2016
Commented:
mxtoolbox.com ..

reverse dns .. add a reverse zone in your dns settings that point to your mail server

Author

Commented:
Could you please point me to a "how to" ?

I see two entries in the server DNS Reverse lookup zones.

Author

Commented:
Is there anyone who can help me create this reverse dns entry?

Author

Commented:
I'm seeing an expired certificate on the server (2014)Certificate that is expired
I'm not sure on which choices to choose to create just the IIS certificate.

Can some one help

Author

Commented:
Ok Ran "Fix my network": It found a certificate error. told it to fix it.  
 It added 2 certificates and now I can't get to owa or remote any longer (could prior)
........just the "There is a problem with this website’s security certificate"
 

Please can someone help me get this straightened out.
Exchange-experts-certifcates-2newl.jpg
Top Expert 2016

Commented:
did your purchased certificate expire and what is the certificate error you are getting
Commented:
Hi, you definitely have a certificate error, you can run the "fix my network" wizard which will create a certificate on the server, you do not need to purchase a 3rd party certificate, it saves the updated certificate here: C:\Users\Public\Downloads
Go and check that the certificate is there and that it is updated, install the certificate on the server and do a reboot, let me know if you still get the cert. error?

Author

Commented:
I ran the "fix my network". It created 2 new certificates.  I'm not sure why. Is it common for certificates to break?

I can acccess the owa and remote with IE - had to delete old certicate from IE. I tried to import the certificate to IE, appeared to work but is not listed in the "Trusted root cert auth".

New issue:  

1. is the certifcate not be a root certificate? The certificate distribution package has the old certificate.  Is there an easy way to update this?
 
2. The clients cell phones are no longer getting email as of this morning. was working late last night. They use their exchange account.

Author

Commented:
Here is a screen shot of the certificates
experts-new-cert-marked.jpg

Author

Commented:
Questions:

1. Should I delete the old certificate?
2. the services are different on the new certificates - is this whats causing trouble with the iphones?
Technical Director
Top Expert 2015
Commented:
Hello,

It looks like your SonicWall is answering port 25?  Are you using this for filtering??

The certificate date and name on OWA is valid.  

If you haven't already, check the queues from EMC.  Restart the Exchange Transport Service and the mail submission service.

Can you confirm how much free disk space you have on all drives?

Author

Commented:
- Drive. c: 63.7 GB of space - Data drive over 764 gb free

- Queues are empty

- restarted the two services  -  One phone started working.......other phone attempted to add email account failed - could not authenticate....I have asked for exact error message

Question for mobile device access:  
EMC > Organization Config > Hub Transport > Accepted Domains    <domain>.local is not the default - should it be?
the default is the .com

As for port 25 - not sure

Author

Commented:
Phones once soft reset are working.........thank you.  I'm going to give it a couple hours and see if all is good.
David AtkinTechnical Director
Top Expert 2015

Commented:
Ok let us know.  

The accepted domains is fine.

Have you got the latest Exchange Service Pack and rollups installed?

Author

Commented:
Revisions:

expert-version.jpg