SBS2011 - suddenly can't receive external emails, internal ok and can send ok.

Help currently on site

Suddenly can't  receive external emails. Can send ok and internal email is fine. Cell phones out in the filed cannot get email.

- 71 gb of space on drive c:

- Ran the remote connectivity analyzer and it had one error (see pic)
- Have one LSAsvr error in event logs - about no authentication protocol available. Seems to be ok at this point
- Ran exchange mail flow troubleshoot assistance:  Mail acceptance test failed: service not available, closing transmission channel Server response 4.3.2 service not available....2nd message Server does not support secure connections.
- EX Mail submission service is running.

Need some advice...not sure where to look from here?  Not sure what changed today.......Q: is the exchange stor included in the Drive C: total used space?   if the Ex DB stor is over 71 GB's is that the issue?

Question: I have 71 GB of space on drive C:.

Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

David Johnson, CD, MVPOwnerCommented:
smtp       Warning - Reverse DNS does not match SMTP Banner       
smtp       Warning - Does not support TLS.

you have a certificate error
JoemtAuthor Commented:
How did you determine that?   (for learning purposes)

How do I go about fixing it.........what would suddenly cause that to take place on a server?
David Johnson, CD, MVPOwnerCommented: ..

reverse dns .. add a reverse zone in your dns settings that point to your mail server
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

JoemtAuthor Commented:
Could you please point me to a "how to" ?

I see two entries in the server DNS Reverse lookup zones.
JoemtAuthor Commented:
Is there anyone who can help me create this reverse dns entry?
JoemtAuthor Commented:
I'm seeing an expired certificate on the server (2014)Certificate that is expired
I'm not sure on which choices to choose to create just the IIS certificate.

Can some one help
JoemtAuthor Commented:
Ok Ran "Fix my network": It found a certificate error. told it to fix it.  
 It added 2 certificates and now I can't get to owa or remote any longer (could prior)
........just the "There is a problem with this website’s security certificate"

Please can someone help me get this straightened out.
David Johnson, CD, MVPOwnerCommented:
did your purchased certificate expire and what is the certificate error you are getting
Hi, you definitely have a certificate error, you can run the "fix my network" wizard which will create a certificate on the server, you do not need to purchase a 3rd party certificate, it saves the updated certificate here: C:\Users\Public\Downloads
Go and check that the certificate is there and that it is updated, install the certificate on the server and do a reboot, let me know if you still get the cert. error?
JoemtAuthor Commented:
I ran the "fix my network". It created 2 new certificates.  I'm not sure why. Is it common for certificates to break?

I can acccess the owa and remote with IE - had to delete old certicate from IE. I tried to import the certificate to IE, appeared to work but is not listed in the "Trusted root cert auth".

New issue:  

1. is the certifcate not be a root certificate? The certificate distribution package has the old certificate.  Is there an easy way to update this?
2. The clients cell phones are no longer getting email as of this morning. was working late last night. They use their exchange account.
JoemtAuthor Commented:
Here is a screen shot of the certificates
JoemtAuthor Commented:

1. Should I delete the old certificate?
2. the services are different on the new certificates - is this whats causing trouble with the iphones?
David AtkinTechnical DirectorCommented:

It looks like your SonicWall is answering port 25?  Are you using this for filtering??

The certificate date and name on OWA is valid.  

If you haven't already, check the queues from EMC.  Restart the Exchange Transport Service and the mail submission service.

Can you confirm how much free disk space you have on all drives?

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
JoemtAuthor Commented:
- Drive. c: 63.7 GB of space - Data drive over 764 gb free

- Queues are empty

- restarted the two services  -  One phone started working.......other phone attempted to add email account failed - could not authenticate....I have asked for exact error message

Question for mobile device access:  
EMC > Organization Config > Hub Transport > Accepted Domains    <domain>.local is not the default - should it be?
the default is the .com

As for port 25 - not sure
JoemtAuthor Commented:
Phones once soft reset are working.........thank you.  I'm going to give it a couple hours and see if all is good.
David AtkinTechnical DirectorCommented:
Ok let us know.  

The accepted domains is fine.

Have you got the latest Exchange Service Pack and rollups installed?
JoemtAuthor Commented:

It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.