YaYangTeah
asked on
Exchange Server can not send to internal exchange server
We face the funny issue in our email system. Both email system is sit in same network .But send and received to external party is no problem. Those issue since last months after change firewall but we already escalate to network senior engineer and open ticket to cisco help us to check, there is nothing wrong with the new cisco firewall. But obviously is after changing to new firewall all the issue occur .Please advice
Problem:
a) If I send email from abc.com to cba.com .cba.com will rejected.(Intermittent)
From: Microsoft Outlook <MicrosoftExchange329e71ec 88ae4615bb c36ab6ce41 109e@abc.c om>
Date: 14 August 2015 11:03:23 am SGT
To: <user@abc.com>
Subject: Undeliverable: test 1
web187 rejected your message to the following e-mail addresses:
'user@cba.com' (user@cba.com)
web187 gave this error:
Unable to relay for user@cba.com
Your message wasn't delivered due to a permission or security issue. It may have been rejected by a moderator, the address may only accept e-mail from certain senders, or another restriction may be preventing delivery.
b.) received a lot of spam mail.
c.) Internet speed slow.
I do a test speed, sometime is fast and some time is slow. Even I start all the network devices also same.
1. Exchange Server 2010
Domain abc.com
Roles: Domain Controller and exchange server
IP Address:
192.168.10.11
255.255.255.0(Mask)
192.168.10.1(Gateway)
192.168.10.11(Primary DNS)
192.168.10.12(Secondary DNS).—new add
2. Exchange Server 2010
Domain cba.com
Roles: Domain Controller and exchange server
IP Address:
192.168.10.12
255.255.255.0(Mask)
192.168.10.1(Gateway)
192.168.10.12(Primary DNS)
192.168.10.11 (Secondary DNS)—new add
Problem:
a) If I send email from abc.com to cba.com .cba.com will rejected.(Intermittent)
From: Microsoft Outlook <MicrosoftExchange329e71ec
Date: 14 August 2015 11:03:23 am SGT
To: <user@abc.com>
Subject: Undeliverable: test 1
web187 rejected your message to the following e-mail addresses:
'user@cba.com' (user@cba.com)
web187 gave this error:
Unable to relay for user@cba.com
Your message wasn't delivered due to a permission or security issue. It may have been rejected by a moderator, the address may only accept e-mail from certain senders, or another restriction may be preventing delivery.
b.) received a lot of spam mail.
c.) Internet speed slow.
I do a test speed, sometime is fast and some time is slow. Even I start all the network devices also same.
1. Exchange Server 2010
Domain abc.com
Roles: Domain Controller and exchange server
IP Address:
192.168.10.11
255.255.255.0(Mask)
192.168.10.1(Gateway)
192.168.10.11(Primary DNS)
192.168.10.12(Secondary DNS).—new add
2. Exchange Server 2010
Domain cba.com
Roles: Domain Controller and exchange server
IP Address:
192.168.10.12
255.255.255.0(Mask)
192.168.10.1(Gateway)
192.168.10.12(Primary DNS)
192.168.10.11 (Secondary DNS)—new add
ASKER
Do these domains have a transitive trust, Separate AD not a child?
Ans:Both are holding different AD and does not have transitive trust
Do these domains reside on the same AD, same forest child domain?
Ans:Those domain is reside on the same AD.
Did you check the HUB transport to make sure the proper ports and Rules are setup?
Ans:Yes ,we never change any thing from there ,please advice what to check in detail.
If this started when the firewall was replaced did you check to see if the SMTP and port forwarding rules were copied from the old one to ensure proper traffic flow.
Ans:As i said ,we are no problem to send and receive to external and just is internal have issue.We are using NAT for the server and open port 25 directly .
Ans:Both are holding different AD and does not have transitive trust
Do these domains reside on the same AD, same forest child domain?
Ans:Those domain is reside on the same AD.
Did you check the HUB transport to make sure the proper ports and Rules are setup?
Ans:Yes ,we never change any thing from there ,please advice what to check in detail.
If this started when the firewall was replaced did you check to see if the SMTP and port forwarding rules were copied from the old one to ensure proper traffic flow.
Ans:As i said ,we are no problem to send and receive to external and just is internal have issue.We are using NAT for the server and open port 25 directly .
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
The issue has been solve by my senior but he don't want to share with us what is the root cause.He just said is firewall issue but i ask him is that mail scanning on firewall issue but he said not .He mention mail scanning on firewall issue in PIX only now days no more this issue.
Do these domains have a transitive trust, Separate AD not a child?
Do these domains reside on the same AD, same forest child domain?
Did you check the HUB transport to make sure the proper ports and Rules are setup?
If this started when the firewall was replaced did you check to see if the SMTP and port forwarding rules were copied from the old one to ensure proper traffic flow.