Exchange 2007 Inbound/Outbound

jbaellojbaello Member Posts: 1,191 ■■■□□□□□□□
Can anyone help me configure my inbound/outbound message connectivity, my Exchange is working and configured correctly, except when I tried sending messages in and out of on 1 of my Exchange recipient it failed.
«1

Comments

  • jbaellojbaello Member Posts: 1,191 ■■■□□□□□□□
    I've enabled port forwarding on Port 25 (SMTP) and was able to test it via telnet, works fine...

    I also have a domain registered via godaddy.com - soggyrice.com, and already created my MX record.
  • royalroyal Member Posts: 3,352 ■■■■□□□□□□
    Does it fail in both Outlook and OWA? If so, Exchange problem.

    Does it fail only in Outlook but OWA works fine? If so, Outlook problem.

    Have you tried to use telnet to send mail?

    Check event logs. Anything?

    Message tracking logs. Anything?

    Try turning on verbose logging on the connectors via EMC.

    Receive Conector Logs after turning on verbose:
    \Exchange Server\TransportRoles\Logs\ProtocolLog\SmtpReceive

    Send Connector Logs after turning on verbose:
    \Exchange Server\TransportRoles\Logs\ProtocolLog\SmtpSend

    You can also do a Get-EventLogLevel (Diagnostic Logging for 2007) and find the relevant settings and do a Set-EventLogLevel service level here. Read more here: http://technet.microsoft.com/en-us/library/bb201670(EXCHG.80).aspx

    You may be able to use SMTPDIAG. Not sure if it's compatible with Exchange 2007 though.
    “For success, attitude is equally as important as ability.” - Harry F. Banks
  • royalroyal Member Posts: 3,352 ■■■■□□□□□□
    jbaello wrote:
    I've enabled port forwarding on Port 25 (SMTP) and was able to test it via telnet, works fine...

    I also have a domain registered via godaddy.com - soggyrice.com, and already created my MX record.

    So you tested doing:

    1. RCPT TO: using the problematic user's e-mail address and someone else's 100% functional account using MAIL FROM: account?
    2. MAIL FROM: using the problematic user's e-mail address and someone else's functional account using RCPT TO: account?

    If so and both 1 and 2 works fine, it's not an Exchange problem.
    “For success, attitude is equally as important as ability.” - Harry F. Banks
  • jbaellojbaello Member Posts: 1,191 ■■■□□□□□□□
    This is the configuration that I currently have for my mail.

    ISP DNS

    A Record

    @ points to 208.127.172.232
    cowmail points to 208.127.172.232 (do I need to use a different public address?)

    MX Record

    @ (Host) Goest to - cowmail.soggyrice.com

    On my actual domain controller I am using soggyrice.com as well, I'm wondering if I configured this correctly.
  • jbaellojbaello Member Posts: 1,191 ■■■□□□□□□□
    Outbound at port 25 is fine on server and on LAN client.

    Result:

    220 w2k3en64s03.soggyrice.com Microsoft ESMTP MAIL Service ready at Sun, 1 Jun 2008 15:01:56 -0700
  • jbaellojbaello Member Posts: 1,191 ■■■□□□□□□□
    jbaello wrote:
    Outbound at port 25 is fine on server and on LAN client.

    Result:

    220 w2k3en64s03.soggyrice.com Microsoft ESMTP MAIL Service ready at Sun, 1 Jun 2008 15:01:56 -0700

    220 w2k3en64s03.soggyrice.com Microsoft ESMTP MAIL Service ready at Sun, 1 Jun 2
    008 15:16:38 -0700
    HELO namaste.techknowlink.com
    250 w2k3en64s03.soggyrice.com Hello [192.168.1.101]
    MAIL FROM: <jpbaello@yahoo.com>
    250 2.1.0 Sender OK
    RCPT TO: <dshack@soggyrice.com>
    250 2.1.5 Recipient OK
    DATA
    354 Start mail input; end with <CRLF>.<CRLF>
    Subject: test message
    From: jpbaello@yahoo.com
    To: dshack@soggyrice.com

    Hello,
    This is a test.
    Goodbye
    .
    250 2.6.0 <ec3749f8-dd6f-4e5e-84bd-74bac02debee@w2k3en64s03.soggyrice.com> Queue
    d mail for delivery
  • jbaellojbaello Member Posts: 1,191 ■■■□□□□□□□
    Inbound is working Exchange 2007 mailbox client is able to receive an email, but unable to reply back or send out to external recipient.

    At least we're getting somewhere :P

    This is weird outbound worked on my gmail account, but won't work on my yahoo account...
  • royalroyal Member Posts: 3,352 ■■■■□□□□□□
    You never answered me with OWA Vs Outlook. Did you enable verbose logging on the Send Connector? What do the message tracking logs say when trying to reply or send? Did you enable any of the EventLogLevels at Expert Level for SMTP?

    Something may be wrong with Yahoo receiving mail atm since it's working to gmail.
    “For success, attitude is equally as important as ability.” - Harry F. Banks
  • jbaellojbaello Member Posts: 1,191 ■■■□□□□□□□
    I missed that off my radar, I'm just using OWA, I enable Verbose Mode on OC\HT\Send Connector\PLL - Verbose Mode. I'm unsure how to enable event logging on Exchange yet. I will try to figure that next.

    I selected EventID Receive and no logs.
  • royalroyal Member Posts: 3,352 ■■■■□□□□□□
    I already told you how to enable event logging, go do it. Did you not even read my post?
    “For success, attitude is equally as important as ability.” - Harry F. Banks
  • jbaellojbaello Member Posts: 1,191 ■■■□□□□□□□
    I noticed that my Send Connectors\Outbound doesn't have a FQDN specified on the general tab, now I'm unsure if I setup the MX record FQDN for this, or my Exchange Server hostname FQDN.
  • royalroyal Member Posts: 3,352 ■■■■□□□□□□
    For the third time. What do the message logs say.
    “For success, attitude is equally as important as ability.” - Harry F. Banks
  • jbaellojbaello Member Posts: 1,191 ■■■□□□□□□□
    royal wrote:
    I already told you how to enable event logging, go do it. Did you not even read my post?

    I checked the folder Exchange Server\TransportRoles\Logs\ProtocolLog\SmtpReceive and Send - no log was generated.

    Royal Wrote:

    You can also do a Get-EventLogLevel (Diagnostic Logging for 2007) and find the relevant settings and do a Set-EventLogLevel service level here. Read more here: http://technet.microsoft.com/en-us/library/bb201670(EXCHG.80).aspx

    I'm just now reading this part.
  • royalroyal Member Posts: 3,352 ■■■■□□□□□□
    jbaello wrote:
    I noticed that my Send Connectors\Outbound doesn't have a FQDN specified on the general tab, now I'm unsure if I setup the MX record FQDN for this, or my Exchange Server hostname FQDN.

    The MX record is based on domain. Having the FQDN different than the A/CNAME record your MX record is pointed to won't cause SMTP to fail. It's still a best practice to change it though.

    And one thing to note, and everyone working on Exchange 2007 should know this. If you change the Default Receive Connector to anything other than blank, netbios, or netbios.domain.com, mail flow will fail internally. If you want to have your receive connector match the MX record FQDN, you will have to create a dedicated Internet Receive Connector. This will force all Internet traffic to go through that connector which you modify the FQDN. Since Exchange Servers Authentication is not enabled on that connector, internal mail flow will still go through your Default Receive Connector and all will be good.
    “For success, attitude is equally as important as ability.” - Harry F. Banks
  • royalroyal Member Posts: 3,352 ■■■■□□□□□□
    jbaello wrote:
    royal wrote:
    I already told you how to enable event logging, go do it. Did you not even read my post?

    I checked the folder Exchange Server\TransportRoles\Logs\ProtocolLog\SmtpReceive and Send - no log was generated.

    Hm, maybe someone changed the location of the logs. You should be able to do a Get-ransportServer Servername and see where the location is of the logs.

    You're sure you enabled verbose logging on the relevant connector, right?

    Here's some more info:
    http://technet.microsoft.com/en-us/library/bb124531.aspx
    “For success, attitude is equally as important as ability.” - Harry F. Banks
  • jbaellojbaello Member Posts: 1,191 ■■■□□□□□□□
    royal wrote:
    jbaello wrote:
    royal wrote:
    I already told you how to enable event logging, go do it. Did you not even read my post?

    I checked the folder Exchange Server\TransportRoles\Logs\ProtocolLog\SmtpReceive and Send - no log was generated.

    Hm, maybe someone changed the location of the logs. You should be able to do a Get-ransportServer Servername and see where the location is of the logs.

    You're sure you enabled verbose logging on the relevant connector, right?

    Here's some more info:
    http://technet.microsoft.com/en-us/library/bb124531.aspx

    I already enabled Verbose on Receive and Send Connectors on Organizational and Server Configuration Hub Transport.

    I also tried cmdlet "get-transportserver servername" I get a return that MessageTrackingLogEnabled = True
  • jbaellojbaello Member Posts: 1,191 ■■■□□□□□□□
    http://technet.microsoft.com/en-us/library/bb124531.aspx I'll check this link, it's pretty long.

    The "message tracking" is unable to process any "EventID" logs whatsoever, I just tried for multiple EventID such as send/receive/fail and also, I specified Recipient/Server etc.
  • royalroyal Member Posts: 3,352 ■■■■□□□□□□
    Message tracking doesn't write to the Event Logs. It writes to its own log files in which you can launch the Message Tracking portion of the TRA from the EMC Toolbox. SMTP Logs is different than Message Tracking Logs. SMTP logs you should open and import into Excel using the Text Import Wizard.
    “For success, attitude is equally as important as ability.” - Harry F. Banks
  • jbaellojbaello Member Posts: 1,191 ■■■□□□□□□□
    royal wrote:
    Message tracking doesn't write to the Event Logs. It writes to its own log files in which you can launch the Message Tracking portion of the TRA from the EMC Toolbox. SMTP Logs is different than Message Tracking Logs. SMTP logs you should open and import into Excel using the Text Import Wizard.

    I see so does it pull it's log files from a central logs database? I would think that this is the case, and if I do not have a central log database (just my little label for it) then message tracking cannot generate a log files.

    Excuse my lingo Royal, I'm still new and a bit confused with Exchange, this is my 1st Exchange Server experience.

    Oh well Outbound is working Inbound is not, I'll just move on with my lab study, maybe this will fix itself :P icon_lol.gif , it's not a production box hehe I'm glad...
  • jbaellojbaello Member Posts: 1,191 ■■■□□□□□□□
    Time to hit a little GTA IV on my brand new Samsung LN46A650 icon_lol.gif I'll continue later...

    Thanks a lot Royal...
  • blargoeblargoe Member Posts: 4,174 ■■■■■■■■■□
    What is the contents of the non-delivery email message that you get when replying to the message fails?
    IT guy since 12/00

    Recent: 11/2019 - RHCSA (RHEL 7); 2/2019 - Updated VCP to 6.5 (just a few days before VMware discontinued the re-cert policy...)
    Working on: RHCE/Ansible
    Future: Probably continued Red Hat Immersion, Possibly VCAP Design, or maybe a completely different path. Depends on job demands...
  • jbaellojbaello Member Posts: 1,191 ■■■□□□□□□□
    Hi. This is the qmail-send program at yahoo.com.
    I'm afraid I wasn't able to deliver your message to the following addresses.
    This is a permanent error; I've given up. Sorry it didn't work out.

    <dshack@soggyrice.com>:
    64.202.166.12 does not like recipient.
    Remote host said: 553 sorry, relaying denied from your location [206.190.48.175] (#5.7.1)
    Giving up on 64.202.166.12.

    --- Below this line is a copy of the message.

    Return-Path: <jpbaello@yahoo.com>
    Received: (qmail 25546 invoked by uid 60001); 1 Jun 2008 20:28:09 -0000
    DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
    s=s1024; d=yahoo.com;
    h=Received:X-Mailer:Date:From:Reply-To:Subject:To:MIME-Version:Content-Type:Message-ID;
    b=v4Es78Nsg1/FUVXloySQxUdW0EokbE4n1kgV/M6TKI+wHghKGaDdTcl65qhSO4M31n+2CLRSL6y/Ozh9R+ExG9kzztVFOgG/ajzUg5QVJVy5zDPUD86v9CbNtp0LcKzgcmUCUV0jGPCd2AhDfZux8HOrRf0hIqIEaJSkMvjDABE=;
    Received: from [208.127.172.232] by web52412.mail.re2.yahoo.com via HTTP; Sun, 01 Jun 2008 13:28:08 PDT
    X-Mailer: YahooMailWebService/0.7.199
    Date: Sun, 1 Jun 2008 13:28:08 -0700 (PDT)
    From: Jeffrey Baello <jpbaello@yahoo.com>
    Reply-To: jpbaello@yahoo.com
    Subject: test
    To: dshack@soggyrice.com
    MIME-Version: 1.0
    Content-Type: text/plain; charset=us-ascii
    Message-ID: <211565.25144.qm@web52412.mail.re2.yahoo.com>

    test
  • shackdaddyshackdaddy Member Posts: 6 ■□□□□□□□□□
    Did you set the Default Receive Connector permissions to allow Anonymous access? That's the typical reason for the issue you're running into, as far as I can tell from the message header you posted.

    Dave
  • blargoeblargoe Member Posts: 4,174 ■■■■■■■■■□
    On the same vein, how many Receive connectors do you have? If you only have the Default one, make sure it has not been modified, and you should create another Receive connector for your inbound Internet email following the instructions in the Exchange Management Console.
    IT guy since 12/00

    Recent: 11/2019 - RHCSA (RHEL 7); 2/2019 - Updated VCP to 6.5 (just a few days before VMware discontinued the re-cert policy...)
    Working on: RHCE/Ansible
    Future: Probably continued Red Hat Immersion, Possibly VCAP Design, or maybe a completely different path. Depends on job demands...
  • shackdaddyshackdaddy Member Posts: 6 ■□□□□□□□□□
    When you first install, there will be two receive connectors, one called Client and one called Default. The Client one is for internal communication between servers and roles. The Default one is the one you'd want to enable Anonymous access on.

    The default configuration does not do this because M$ assumes that everyone is going to set up an Edge role to handle inbound, but I've found that in the installations I've been around (small and midsized businesses), only about 20% actually utilize Edge. I'm assuming that it gets more use at the Enterprise level. I've seen more ISA 2006 than Edge.

    Dave
  • blargoeblargoe Member Posts: 4,174 ■■■■■■■■■□
    Ya, forgot about the Client Receive connector. I wish they didn't list it there, it seems out of place to me, but anyway...

    Just checking Anonymous users on the default receive connector should work too. Having screwed up a Default connector before, I don't like messing with it, I prefer to make it clear to myself and others that come after me which connector is OK to mess with by creating a separate connector. I also like to change the FQDN and limit the hosts that from which it can recieve, which isn't good to change on a Default connector.

    jbaello, is the domain soggyrice.com in your list of accepted domains?

    Org Config -> Hub Transport -> Accepted Domains
    IT guy since 12/00

    Recent: 11/2019 - RHCSA (RHEL 7); 2/2019 - Updated VCP to 6.5 (just a few days before VMware discontinued the re-cert policy...)
    Working on: RHCE/Ansible
    Future: Probably continued Red Hat Immersion, Possibly VCAP Design, or maybe a completely different path. Depends on job demands...
  • blargoeblargoe Member Posts: 4,174 ■■■■■■■■■□
    I think it's DNS...

    Internet DNS thinks the MX for soggy rice.com is at secureserver.net... which if I remember correctly is Go Daddy. You need to give your Exchange Server's Internet IP an A record on your Internet DNS (ie, manage your domain at go daddy and enter it there), and change the MX record at go daddy to that name. Go Daddy's SMTP server is the one that is bouncing you, this is the 64.x.x.x IP address in the NDR message that says that it didn't like the recipient address and it wouldn't relay you. It's never making it back to your Exchange server, the Internet thinks your mail server is Go Daddy.

    > set type=mx
    > soggyrice.com
    Server: dc1.domain.local
    Address: 10.137.50.10

    Non-authoritative answer:
    soggyrice.com MX preference = 0, mail exchanger = smtp.secureserver.net
    soggyrice.com MX preference = 10, mail exchanger = mailstore1.secureserver.net
    IT guy since 12/00

    Recent: 11/2019 - RHCSA (RHEL 7); 2/2019 - Updated VCP to 6.5 (just a few days before VMware discontinued the re-cert policy...)
    Working on: RHCE/Ansible
    Future: Probably continued Red Hat Immersion, Possibly VCAP Design, or maybe a completely different path. Depends on job demands...
  • jbaellojbaello Member Posts: 1,191 ■■■□□□□□□□
    I blew out my IIS as a result the "Default Web Site" lost OWA IIS configuration, so what I'm doing right now, is blowing the whole Exchange 2007 64 Bit installation, and re-installing it, until I figure out how to restore "OWA on IIS", I'm back on using stonage technique.

    Thanks you very much for the reply, I could have really missed enabling anonymous access, hopefully this install goes fast, so I can test this, I'm running a dual WD Raptor on a raid 0 icon_twisted.gif so hopefuly it gets r done ASAP.

    I also followed the instruction on Trainsignal which is a separate box for my AD/Domain, just to give you guys more info.
  • jbaellojbaello Member Posts: 1,191 ■■■□□□□□□□
    blargoe wrote:
    I think it's DNS...

    Internet DNS thinks the MX for soggy rice.com is at secureserver.net... which if I remember correctly is Go Daddy. You need to give your Exchange Server's Internet IP an A record on your Internet DNS (ie, manage your domain at go daddy and enter it there), and change the MX record at go daddy to that name. Go Daddy's SMTP server is the one that is bouncing you, this is the 64.x.x.x IP address in the NDR message that says that it didn't like the recipient address and it wouldn't relay you. It's never making it back to your Exchange server, the Internet thinks your mail server is Go Daddy.

    > set type=mx
    > soggyrice.com
    Server: dc1.domain.local
    Address: 10.137.50.10
    Non-authoritative answer:
    soggyrice.com MX preference = 0, mail exchanger = smtp.secureserver.net
    soggyrice.com MX preference = 10, mail exchanger = mailstore1.secureserver.net

    I believe this is the answer to my question, cause as far as I can remember I already enabled anonymous access for Client Receive Connector and there is infact two one default the other one client.

    Also I remember seeing secureserver.net, they are found on MX and tons on CNAMES record, perhaps blowing out this record will fix this issue, isn't there always something on the way that halts you from moving forward arghhh...

    I remember blewing out all the secureserver MX records, but forgot to check CNAMES, there's a load in there that might be conflicting with this, or maybe not since CNAME are just alias, I should still be able to connect to the correct domain.
  • blargoeblargoe Member Posts: 4,174 ■■■■■■■■■□
    Let us know if you get it working.

    I would strongly recommend a refresher on DNS before you delve too far into Exchange. You have to understand DNS to be able to implement and troubleshoot Exchange.
    IT guy since 12/00

    Recent: 11/2019 - RHCSA (RHEL 7); 2/2019 - Updated VCP to 6.5 (just a few days before VMware discontinued the re-cert policy...)
    Working on: RHCE/Ansible
    Future: Probably continued Red Hat Immersion, Possibly VCAP Design, or maybe a completely different path. Depends on job demands...
Sign In or Register to comment.