Avatar of SMCDMT
 asked on

Mail Flow Issue to new Exchange 2013 Server

I've run into a snag implementing an on-premesis Exchange 2013 Server with an Exchange 2007 Coexistence.  I've migrated one mailbox to the EX2013 server for testing and can send mail from that account Outbound, but have no Inbound Mail Flow.

I cannot Telnet to ports 25 or 587 on the Exchange 2013 server, but I can Telnet port 2525.  I just get the blinking cursor on failed Telnet attempts and return to a prompt when I hit a key.  I can, of course, Telnet to 25 and 587 on the existing Ex2007 server.  The Exchange 2007 server is intended to remain as the Transport server for the near future, with just mailbox and CAS roles on the Ex2013.

The other primary clue I have is the delayed delivery messages I see for messages sent to the mailbox on Ex2013.  On the Ex2007 server, I have a hub version 15 queue and the Delivery Failure message is 451 440 Primary Target IP address responded with "421 4.4.2 Connection dropped." Attempted failover to alternate host, but that did not succeed. Either there are no alternate hosts or delivery failed to all alternate hosts.

Lastly, I can tell you both Exchange Servers are on the same, internal subnet.  Its a single site and all servers are behind a Sonicwall firewall - which shouldn't be in the way anyway.  I've tried turning off Windows Firewall on both and neither has any AV program installed.

Internet / Email SoftwareEmail Software

Avatar of undefined
Last Comment

8/22/2022 - Mon
Simon Butler (Sembee)

Windows Firewall is not the cause of this, therefore I would start by enabling that again.
The usual cause is AV software - McAfee and some other products will block connections to local SMTP servers if you aren't careful. The flashing cursor is a classic sign of blocked ports.

On the Exchange 2007 server, ensure that the Default Receive connector allows the Exchange 2013 server to connect - so any restrictions include the Exchange 2013 server.

"The Exchange 2007 server is intended to remain as the Transport server for the near future, with just mailbox and CAS roles on the Ex2013."

The hub transport role doesn't exist on Exchange 2013, so the Exchange 2013 server will be doing mail transport, whether you like it or not. Therefore you need to ensure that it is configured correctly.


Thank you for your comments, Sembee.  I did re-enable all Windows Firewalls after learning the problem existed regardless of that state.  Also, I've triple checked for the presence of any AV app and there is none.

Regarding your point on the Exchange 2007 Default Receive Connector, the Network tab is set to allow traffic on all available IPs for both IPv4 and IPv6.  The Authentication Tab has Exchange Server Authentication and Integrated Windows Authentication checked and in the Permission Groups Tab, all entities are allowed (checked) except for Partners, which I thought to be irrelevant here.  I had tighter settings prior and actually tried loosening things a bit to see if that helped.  If I'm misinterpreting your point, please advise.

Lastly, one detail I didn't yet mention is a warning shown in the results of ExBPA.  It's indicating the FrontEnd Transport Component on the Ex2013 is "Inactive."  Could that be the show stopper here?
Simon Butler (Sembee)

View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.

Sembee, thanks for pointing me in the direction of the FrontEnd Transport.  The Component Status for this function and several others were shown as "Inactive," per the Exchange Best Practice Analyzer. Making them Active and restarting the Transport Service on the Exchange 2013 server seems to have done the trick.
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy