Solved

Exchange 2007 (SBS2008): SMTP Send Connector using Smart Hosts with Go Daddy failing

Posted on 2016-08-30
6
31 Views
Last Modified: 2016-09-05
Hi All,
My client with SBS 2008 is having intermittent failures when trying to send emails.  They have a couple GoDaddy POP accounts, so I've had Exchange 2007 configured to use Smart Hosts in the Send Connector tab.  I have 2 Smart Hosts defined by IP address (rather than FQDN), which has worked reasonably well till recently.  Now they often get NDRs indicating failed attempts to send.  Below is the output from a PS cmd (Get-SendConnector "GoDaddy" | Format-List)):

AddressSpaces                : {SMTP:*;1}
AuthenticationCredential     : System.Management.Automation.PSCredential
Comment                      :
ConnectedDomains             : {}
ConnectionInactivityTimeOut  : 00:10:00
DNSRoutingEnabled            : False
DomainSecureEnabled          : False
Enabled                      : True
ForceHELO                    : False
Fqdn                         :
HomeMTA                      : Microsoft MTA
HomeMtaServerId              : SBS2008
Identity                     : GoDaddy
IgnoreSTARTTLS               : False
IsScopedConnector            : False
IsSmtpConnector              : True
LinkedReceiveConnector       :
MaxMessageSize               : 10MB
Name                         : GoDaddy
Port                         : 80
ProtocolLoggingLevel         : Verbose
RequireTLS                   : False
SmartHostAuthMechanism       : BasicAuth
SmartHosts                   : {[173.201.192.101], [68.178.252.101]}
SmartHostsString             : [173.201.192.101],[68.178.252.101]
SourceIPAddress              : 0.0.0.0
SourceRoutingGroup           : Exchange Routing Group (DWBGZMFD01QNBJR)
SourceTransportServers       : {SBS2008}
UseExternalDNSServersEnabled : False

Open in new window



And below is a snippet from the Exchange SMTPSend log file (note the line that lists "454 TLS not available..."
2016-08-30T21:02:14.206Z,GoDaddy,08D3D118EAFDA110,0,,68.178.252.101:80,*,,attempting to connect
2016-08-30T21:02:14.284Z,GoDaddy,08D3D118EAFDA110,1,10.10.0.2:13149,68.178.252.101:80,+,,
2016-08-30T21:02:14.346Z,GoDaddy,08D3D118EAFDA110,2,10.10.0.2:13149,68.178.252.101:80,<,220 p3plsmtpa11-03.prod.phx3.secureserver.net :SMTPAUTH: ESMTP,
2016-08-30T21:02:14.346Z,GoDaddy,08D3D118EAFDA110,3,10.10.0.2:13149,68.178.252.101:80,>,EHLO SBS2008.domain.local,
2016-08-30T21:02:14.425Z,GoDaddy,08D3D118EAFDA110,4,10.10.0.2:13149,68.178.252.101:80,<,"250-p3plsmtpa11-03.prod.phx3.secureserver.net hello [72.76.243.160], secureserver.net",
2016-08-30T21:02:14.425Z,GoDaddy,08D3D118EAFDA110,5,10.10.0.2:13149,68.178.252.101:80,<,250-HELP,
2016-08-30T21:02:14.425Z,GoDaddy,08D3D118EAFDA110,6,10.10.0.2:13149,68.178.252.101:80,<,250-AUTH LOGIN PLAIN,
2016-08-30T21:02:14.425Z,GoDaddy,08D3D118EAFDA110,7,10.10.0.2:13149,68.178.252.101:80,<,250-SIZE 30000000,
2016-08-30T21:02:14.425Z,GoDaddy,08D3D118EAFDA110,8,10.10.0.2:13149,68.178.252.101:80,<,250-PIPELINING,
2016-08-30T21:02:14.425Z,GoDaddy,08D3D118EAFDA110,9,10.10.0.2:13149,68.178.252.101:80,<,250-8BITMIME,
2016-08-30T21:02:14.425Z,GoDaddy,08D3D118EAFDA110,10,10.10.0.2:13149,68.178.252.101:80,<,250-STARTTLS,
2016-08-30T21:02:14.425Z,GoDaddy,08D3D118EAFDA110,11,10.10.0.2:13149,68.178.252.101:80,<,250 OK,
2016-08-30T21:02:14.425Z,GoDaddy,08D3D118EAFDA110,12,10.10.0.2:13149,68.178.252.101:80,>,STARTTLS,
2016-08-30T21:02:14.487Z,GoDaddy,08D3D118EAFDA110,13,10.10.0.2:13149,68.178.252.101:80,<,454 TLS not available due to temporary reason,
2016-08-30T21:02:14.503Z,GoDaddy,08D3D118EAFDA110,14,10.10.0.2:13149,68.178.252.101:80,*,2,sending message
2016-08-30T21:02:14.503Z,GoDaddy,08D3D118EAFDA110,15,10.10.0.2:13149,68.178.252.101:80,>,MAIL FROM:<Debbie@domain.com> SIZE=4381,
2016-08-30T21:02:14.503Z,GoDaddy,08D3D118EAFDA110,16,10.10.0.2:13149,68.178.252.101:80,>,RCPT TO:<mike@recipient.com>,
2016-08-30T21:02:14.565Z,GoDaddy,08D3D118EAFDA110,17,10.10.0.2:13149,68.178.252.101:80,<,530 authentication required,
2016-08-30T21:02:14.675Z,GoDaddy,08D3D118EAFDA110,18,10.10.0.2:13149,68.178.252.101:80,<,503 need MAIL before RCPT,
2016-08-30T21:02:14.675Z,GoDaddy,08D3D118EAFDA110,19,10.10.0.2:13149,68.178.252.101:80,>,QUIT,
2016-08-30T21:02:14.753Z,GoDaddy,08D3D118EAFDA110,20,10.10.0.2:13149,68.178.252.101:80,<,221 p3plsmtpa11-03.prod.phx3.secureserver.net :SMTPAUTH: closing connection,
2016-08-30T21:02:14.753Z,GoDaddy,08D3D118EAFDA110,21,10.10.0.2:13149,68.178.252.101:80,-,,Local

Open in new window


I've called GoDaddy tech support, and even sent them the log snippet.  But they offered no support.  Seems it is over their heads.  I did see some other people have this same 454 TLS warning when I Googled it, but they too complained of GoDaddy's lack of support.  Any ideas?  Any SMTP gurus that can interpret the log snippet?

TIA,
-Mike
0
Comment
Question by:Reed_Mike
  • 4
  • 2
6 Comments
 

Author Comment

by:Reed_Mike
ID: 41777234
Another solution would be to switch to another company for SMTP services.  Hopefully, one with tech support that isn't scared of Exchange server support :)  Any suggestions greatly appreciated!
0
 

Author Comment

by:Reed_Mike
ID: 41778118
Hmmm, no replies.  Maybe I posted to an incorrect area of used incorrect tags?  Or it's too technical?
0
 
LVL 19

Expert Comment

by:Delphineous Silverwing
ID: 41778481
I have had authentication issues with the 68 address server. I am currently only using the 173 without issues. You might want to remove the 68 address smarthost until GoDaddy figures out their problem.
0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 

Accepted Solution

by:
Reed_Mike earned 0 total points
ID: 41778543
Delphineous - I tried removing the 68 address, but problem occurs on 173 too.  After 10 hours of trying many things, I think I fixed it.  I turned on Verbose logging for the Send Connector and examined the smtp log files.  I compared a failed session vs a good one.  In the failed session the GoDaddy smtp server issued a "250-STARTTLS" command, then our server replied with "STARTTLS" command.  GoDaddy server then replied "454 TLS not available due to temporary reason".  Some more commands followed, but I believe at this point the session failed...  So, after some research I found that you can configure a Send Connector to ignore STARTTLS requests.  My Send Connector is named "GoDaddy", so I opened the Exchange Mgmt Shell and entered this command:

Set-SendConnector -identity "GoDaddy" -IgnoreSTARTTLS $true

I then restarted The MS Exchange Transport service and problem was fixed.  I was having 100% failures trying to send emails from workstations running Outlook 2010.  After this fix all test emails went right thru.  Keeping my fingers crossed that this fixes it for good :)

As far as GoDaddy tech support, I tried calling a 2nd time today, but they continued to say this was beyond the scope of what they support.  Yes their voicemail message says "we LOVE helping cutomers"!  But only if it's a simple problem.  Anything past webmail errors or basic client email setup, and they abandon ship.  IMAGINE IF THEY KEPT A KNOWLEDGEBASE OF ARTICLES WITH SOLUTIONS LIKE THE EXCHANGE SERVER ISSUE WE RAN INTO TO!  I'm bolding it because I am forwarding a link to this question to the 2 GoDaddy techs that "helped" me.  Maybe GoDaddy can rethink their support policies and work a little harder at supporting their customers.  I am no SMTP log guru by any means - but I'll bet you anything GoDaddy has plenty of advanced tech guys that could have resolved this in minutes for me.  IF THEY TOOK THE TIME AND INTEREST...
1
 
LVL 19

Expert Comment

by:Delphineous Silverwing
ID: 41779211
After I made my post, the problem started again with the 173 address. ignoreStartTLS fixed my problem too - Thanks!
0
 

Author Closing Comment

by:Reed_Mike
ID: 41784475
Cause it worked :)  No thanks to the tech support people at Go Daddy!!
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now