Exchange 2007 Inbound/Outbound
jbaello
Member Posts: 1,191 ■■■□□□□□□□
Can anyone help me configure my inbound/outbound message connectivity, my Exchange is working and configured correctly, except when I tried sending messages in and out of on 1 of my Exchange recipient it failed.
Comments
-
jbaello Member Posts: 1,191 ■■■□□□□□□□I've enabled port forwarding on Port 25 (SMTP) and was able to test it via telnet, works fine...
I also have a domain registered via godaddy.com - soggyrice.com, and already created my MX record. -
royal Member Posts: 3,352 ■■■■□□□□□□Does it fail in both Outlook and OWA? If so, Exchange problem.
Does it fail only in Outlook but OWA works fine? If so, Outlook problem.
Have you tried to use telnet to send mail?
Check event logs. Anything?
Message tracking logs. Anything?
Try turning on verbose logging on the connectors via EMC.
Receive Conector Logs after turning on verbose:
\Exchange Server\TransportRoles\Logs\ProtocolLog\SmtpReceive
Send Connector Logs after turning on verbose:
\Exchange Server\TransportRoles\Logs\ProtocolLog\SmtpSend
You can also do a Get-EventLogLevel (Diagnostic Logging for 2007) and find the relevant settings and do a Set-EventLogLevel service level here. Read more here: http://technet.microsoft.com/en-us/library/bb201670(EXCHG.80).aspx
You may be able to use SMTPDIAG. Not sure if it's compatible with Exchange 2007 though.“For success, attitude is equally as important as ability.” - Harry F. Banks -
royal Member Posts: 3,352 ■■■■□□□□□□jbaello wrote:I've enabled port forwarding on Port 25 (SMTP) and was able to test it via telnet, works fine...
I also have a domain registered via godaddy.com - soggyrice.com, and already created my MX record.
So you tested doing:
1. RCPT TO: using the problematic user's e-mail address and someone else's 100% functional account using MAIL FROM: account?
2. MAIL FROM: using the problematic user's e-mail address and someone else's functional account using RCPT TO: account?
If so and both 1 and 2 works fine, it's not an Exchange problem.“For success, attitude is equally as important as ability.” - Harry F. Banks -
jbaello Member Posts: 1,191 ■■■□□□□□□□This is the configuration that I currently have for my mail.
ISP DNS
A Record
@ points to 208.127.172.232
cowmail points to 208.127.172.232 (do I need to use a different public address?)
MX Record
@ (Host) Goest to - cowmail.soggyrice.com
On my actual domain controller I am using soggyrice.com as well, I'm wondering if I configured this correctly. -
jbaello Member Posts: 1,191 ■■■□□□□□□□Outbound at port 25 is fine on server and on LAN client.
Result:
220 w2k3en64s03.soggyrice.com Microsoft ESMTP MAIL Service ready at Sun, 1 Jun 2008 15:01:56 -0700 -
jbaello Member Posts: 1,191 ■■■□□□□□□□jbaello wrote:Outbound at port 25 is fine on server and on LAN client.
Result:
220 w2k3en64s03.soggyrice.com Microsoft ESMTP MAIL Service ready at Sun, 1 Jun 2008 15:01:56 -0700
220 w2k3en64s03.soggyrice.com Microsoft ESMTP MAIL Service ready at Sun, 1 Jun 2
008 15:16:38 -0700
HELO namaste.techknowlink.com
250 w2k3en64s03.soggyrice.com Hello [192.168.1.101]
MAIL FROM: <jpbaello@yahoo.com>
250 2.1.0 Sender OK
RCPT TO: <dshack@soggyrice.com>
250 2.1.5 Recipient OK
DATA
354 Start mail input; end with <CRLF>.<CRLF>
Subject: test message
From: jpbaello@yahoo.com
To: dshack@soggyrice.com
Hello,
This is a test.
Goodbye
.
250 2.6.0 <ec3749f8-dd6f-4e5e-84bd-74bac02debee@w2k3en64s03.soggyrice.com> Queue
d mail for delivery -
jbaello Member Posts: 1,191 ■■■□□□□□□□Inbound is working Exchange 2007 mailbox client is able to receive an email, but unable to reply back or send out to external recipient.
At least we're getting somewhere :P
This is weird outbound worked on my gmail account, but won't work on my yahoo account... -
royal Member Posts: 3,352 ■■■■□□□□□□You never answered me with OWA Vs Outlook. Did you enable verbose logging on the Send Connector? What do the message tracking logs say when trying to reply or send? Did you enable any of the EventLogLevels at Expert Level for SMTP?
Something may be wrong with Yahoo receiving mail atm since it's working to gmail.“For success, attitude is equally as important as ability.” - Harry F. Banks -
jbaello Member Posts: 1,191 ■■■□□□□□□□I missed that off my radar, I'm just using OWA, I enable Verbose Mode on OC\HT\Send Connector\PLL - Verbose Mode. I'm unsure how to enable event logging on Exchange yet. I will try to figure that next.
I selected EventID Receive and no logs. -
royal Member Posts: 3,352 ■■■■□□□□□□I already told you how to enable event logging, go do it. Did you not even read my post?“For success, attitude is equally as important as ability.” - Harry F. Banks
-
jbaello Member Posts: 1,191 ■■■□□□□□□□I noticed that my Send Connectors\Outbound doesn't have a FQDN specified on the general tab, now I'm unsure if I setup the MX record FQDN for this, or my Exchange Server hostname FQDN.
-
royal Member Posts: 3,352 ■■■■□□□□□□For the third time. What do the message logs say.“For success, attitude is equally as important as ability.” - Harry F. Banks
-
jbaello Member Posts: 1,191 ■■■□□□□□□□royal wrote:I already told you how to enable event logging, go do it. Did you not even read my post?
I checked the folder Exchange Server\TransportRoles\Logs\ProtocolLog\SmtpReceive and Send - no log was generated.
Royal Wrote:
You can also do a Get-EventLogLevel (Diagnostic Logging for 2007) and find the relevant settings and do a Set-EventLogLevel service level here. Read more here: http://technet.microsoft.com/en-us/library/bb201670(EXCHG.80).aspx
I'm just now reading this part. -
royal Member Posts: 3,352 ■■■■□□□□□□jbaello wrote:I noticed that my Send Connectors\Outbound doesn't have a FQDN specified on the general tab, now I'm unsure if I setup the MX record FQDN for this, or my Exchange Server hostname FQDN.
The MX record is based on domain. Having the FQDN different than the A/CNAME record your MX record is pointed to won't cause SMTP to fail. It's still a best practice to change it though.
And one thing to note, and everyone working on Exchange 2007 should know this. If you change the Default Receive Connector to anything other than blank, netbios, or netbios.domain.com, mail flow will fail internally. If you want to have your receive connector match the MX record FQDN, you will have to create a dedicated Internet Receive Connector. This will force all Internet traffic to go through that connector which you modify the FQDN. Since Exchange Servers Authentication is not enabled on that connector, internal mail flow will still go through your Default Receive Connector and all will be good.“For success, attitude is equally as important as ability.” - Harry F. Banks -
royal Member Posts: 3,352 ■■■■□□□□□□jbaello wrote:royal wrote:I already told you how to enable event logging, go do it. Did you not even read my post?
I checked the folder Exchange Server\TransportRoles\Logs\ProtocolLog\SmtpReceive and Send - no log was generated.
Hm, maybe someone changed the location of the logs. You should be able to do a Get-ransportServer Servername and see where the location is of the logs.
You're sure you enabled verbose logging on the relevant connector, right?
Here's some more info:
http://technet.microsoft.com/en-us/library/bb124531.aspx“For success, attitude is equally as important as ability.” - Harry F. Banks -
jbaello Member Posts: 1,191 ■■■□□□□□□□royal wrote:jbaello wrote:royal wrote:I already told you how to enable event logging, go do it. Did you not even read my post?
I checked the folder Exchange Server\TransportRoles\Logs\ProtocolLog\SmtpReceive and Send - no log was generated.
Hm, maybe someone changed the location of the logs. You should be able to do a Get-ransportServer Servername and see where the location is of the logs.
You're sure you enabled verbose logging on the relevant connector, right?
Here's some more info:
http://technet.microsoft.com/en-us/library/bb124531.aspx
I already enabled Verbose on Receive and Send Connectors on Organizational and Server Configuration Hub Transport.
I also tried cmdlet "get-transportserver servername" I get a return that MessageTrackingLogEnabled = True -
jbaello Member Posts: 1,191 ■■■□□□□□□□http://technet.microsoft.com/en-us/library/bb124531.aspx I'll check this link, it's pretty long.
The "message tracking" is unable to process any "EventID" logs whatsoever, I just tried for multiple EventID such as send/receive/fail and also, I specified Recipient/Server etc. -
royal Member Posts: 3,352 ■■■■□□□□□□Message tracking doesn't write to the Event Logs. It writes to its own log files in which you can launch the Message Tracking portion of the TRA from the EMC Toolbox. SMTP Logs is different than Message Tracking Logs. SMTP logs you should open and import into Excel using the Text Import Wizard.“For success, attitude is equally as important as ability.” - Harry F. Banks
-
jbaello Member Posts: 1,191 ■■■□□□□□□□royal wrote:Message tracking doesn't write to the Event Logs. It writes to its own log files in which you can launch the Message Tracking portion of the TRA from the EMC Toolbox. SMTP Logs is different than Message Tracking Logs. SMTP logs you should open and import into Excel using the Text Import Wizard.
I see so does it pull it's log files from a central logs database? I would think that this is the case, and if I do not have a central log database (just my little label for it) then message tracking cannot generate a log files.
Excuse my lingo Royal, I'm still new and a bit confused with Exchange, this is my 1st Exchange Server experience.
Oh well Outbound is working Inbound is not, I'll just move on with my lab study, maybe this will fix itself :P , it's not a production box hehe I'm glad... -
jbaello Member Posts: 1,191 ■■■□□□□□□□Time to hit a little GTA IV on my brand new Samsung LN46A650 I'll continue later...
Thanks a lot Royal... -
blargoe Member Posts: 4,174 ■■■■■■■■■□What is the contents of the non-delivery email message that you get when replying to the message fails?IT guy since 12/00
Recent: 11/2019 - RHCSA (RHEL 7); 2/2019 - Updated VCP to 6.5 (just a few days before VMware discontinued the re-cert policy...)
Working on: RHCE/Ansible
Future: Probably continued Red Hat Immersion, Possibly VCAP Design, or maybe a completely different path. Depends on job demands... -
jbaello Member Posts: 1,191 ■■■□□□□□□□Hi. This is the qmail-send program at yahoo.com.
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.
<dshack@soggyrice.com>:
64.202.166.12 does not like recipient.
Remote host said: 553 sorry, relaying denied from your location [206.190.48.175] (#5.7.1)
Giving up on 64.202.166.12.
--- Below this line is a copy of the message.
Return-Path: <jpbaello@yahoo.com>
Received: (qmail 25546 invoked by uid 60001); 1 Jun 2008 20:28:09 -0000
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
s=s1024; d=yahoo.com;
h=Received:X-Mailer:Date:From:Reply-To:Subject:To:MIME-Version:Content-Type:Message-ID;
b=v4Es78Nsg1/FUVXloySQxUdW0EokbE4n1kgV/M6TKI+wHghKGaDdTcl65qhSO4M31n+2CLRSL6y/Ozh9R+ExG9kzztVFOgG/ajzUg5QVJVy5zDPUD86v9CbNtp0LcKzgcmUCUV0jGPCd2AhDfZux8HOrRf0hIqIEaJSkMvjDABE=;
Received: from [208.127.172.232] by web52412.mail.re2.yahoo.com via HTTP; Sun, 01 Jun 2008 13:28:08 PDT
X-Mailer: YahooMailWebService/0.7.199
Date: Sun, 1 Jun 2008 13:28:08 -0700 (PDT)
From: Jeffrey Baello <jpbaello@yahoo.com>
Reply-To: jpbaello@yahoo.com
Subject: test
To: dshack@soggyrice.com
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-ID: <211565.25144.qm@web52412.mail.re2.yahoo.com>
test -
shackdaddy Member Posts: 6 ■□□□□□□□□□Did you set the Default Receive Connector permissions to allow Anonymous access? That's the typical reason for the issue you're running into, as far as I can tell from the message header you posted.
Dave -
blargoe Member Posts: 4,174 ■■■■■■■■■□On the same vein, how many Receive connectors do you have? If you only have the Default one, make sure it has not been modified, and you should create another Receive connector for your inbound Internet email following the instructions in the Exchange Management Console.IT guy since 12/00
Recent: 11/2019 - RHCSA (RHEL 7); 2/2019 - Updated VCP to 6.5 (just a few days before VMware discontinued the re-cert policy...)
Working on: RHCE/Ansible
Future: Probably continued Red Hat Immersion, Possibly VCAP Design, or maybe a completely different path. Depends on job demands... -
shackdaddy Member Posts: 6 ■□□□□□□□□□When you first install, there will be two receive connectors, one called Client and one called Default. The Client one is for internal communication between servers and roles. The Default one is the one you'd want to enable Anonymous access on.
The default configuration does not do this because M$ assumes that everyone is going to set up an Edge role to handle inbound, but I've found that in the installations I've been around (small and midsized businesses), only about 20% actually utilize Edge. I'm assuming that it gets more use at the Enterprise level. I've seen more ISA 2006 than Edge.
Dave -
blargoe Member Posts: 4,174 ■■■■■■■■■□Ya, forgot about the Client Receive connector. I wish they didn't list it there, it seems out of place to me, but anyway...
Just checking Anonymous users on the default receive connector should work too. Having screwed up a Default connector before, I don't like messing with it, I prefer to make it clear to myself and others that come after me which connector is OK to mess with by creating a separate connector. I also like to change the FQDN and limit the hosts that from which it can recieve, which isn't good to change on a Default connector.
jbaello, is the domain soggyrice.com in your list of accepted domains?
Org Config -> Hub Transport -> Accepted DomainsIT guy since 12/00
Recent: 11/2019 - RHCSA (RHEL 7); 2/2019 - Updated VCP to 6.5 (just a few days before VMware discontinued the re-cert policy...)
Working on: RHCE/Ansible
Future: Probably continued Red Hat Immersion, Possibly VCAP Design, or maybe a completely different path. Depends on job demands... -
blargoe Member Posts: 4,174 ■■■■■■■■■□I think it's DNS...
Internet DNS thinks the MX for soggy rice.com is at secureserver.net... which if I remember correctly is Go Daddy. You need to give your Exchange Server's Internet IP an A record on your Internet DNS (ie, manage your domain at go daddy and enter it there), and change the MX record at go daddy to that name. Go Daddy's SMTP server is the one that is bouncing you, this is the 64.x.x.x IP address in the NDR message that says that it didn't like the recipient address and it wouldn't relay you. It's never making it back to your Exchange server, the Internet thinks your mail server is Go Daddy.
> set type=mx
> soggyrice.com
Server: dc1.domain.local
Address: 10.137.50.10
Non-authoritative answer:
soggyrice.com MX preference = 0, mail exchanger = smtp.secureserver.net
soggyrice.com MX preference = 10, mail exchanger = mailstore1.secureserver.netIT guy since 12/00
Recent: 11/2019 - RHCSA (RHEL 7); 2/2019 - Updated VCP to 6.5 (just a few days before VMware discontinued the re-cert policy...)
Working on: RHCE/Ansible
Future: Probably continued Red Hat Immersion, Possibly VCAP Design, or maybe a completely different path. Depends on job demands... -
jbaello Member Posts: 1,191 ■■■□□□□□□□I blew out my IIS as a result the "Default Web Site" lost OWA IIS configuration, so what I'm doing right now, is blowing the whole Exchange 2007 64 Bit installation, and re-installing it, until I figure out how to restore "OWA on IIS", I'm back on using stonage technique.
Thanks you very much for the reply, I could have really missed enabling anonymous access, hopefully this install goes fast, so I can test this, I'm running a dual WD Raptor on a raid 0 so hopefuly it gets r done ASAP.
I also followed the instruction on Trainsignal which is a separate box for my AD/Domain, just to give you guys more info. -
jbaello Member Posts: 1,191 ■■■□□□□□□□blargoe wrote:I think it's DNS...
Internet DNS thinks the MX for soggy rice.com is at secureserver.net... which if I remember correctly is Go Daddy. You need to give your Exchange Server's Internet IP an A record on your Internet DNS (ie, manage your domain at go daddy and enter it there), and change the MX record at go daddy to that name. Go Daddy's SMTP server is the one that is bouncing you, this is the 64.x.x.x IP address in the NDR message that says that it didn't like the recipient address and it wouldn't relay you. It's never making it back to your Exchange server, the Internet thinks your mail server is Go Daddy.
> set type=mx
> soggyrice.com
Server: dc1.domain.local
Address: 10.137.50.10
Non-authoritative answer:
soggyrice.com MX preference = 0, mail exchanger = smtp.secureserver.net
soggyrice.com MX preference = 10, mail exchanger = mailstore1.secureserver.net
I believe this is the answer to my question, cause as far as I can remember I already enabled anonymous access for Client Receive Connector and there is infact two one default the other one client.
Also I remember seeing secureserver.net, they are found on MX and tons on CNAMES record, perhaps blowing out this record will fix this issue, isn't there always something on the way that halts you from moving forward arghhh...
I remember blewing out all the secureserver MX records, but forgot to check CNAMES, there's a load in there that might be conflicting with this, or maybe not since CNAME are just alias, I should still be able to connect to the correct domain. -
blargoe Member Posts: 4,174 ■■■■■■■■■□Let us know if you get it working.
I would strongly recommend a refresher on DNS before you delve too far into Exchange. You have to understand DNS to be able to implement and troubleshoot Exchange.IT guy since 12/00
Recent: 11/2019 - RHCSA (RHEL 7); 2/2019 - Updated VCP to 6.5 (just a few days before VMware discontinued the re-cert policy...)
Working on: RHCE/Ansible
Future: Probably continued Red Hat Immersion, Possibly VCAP Design, or maybe a completely different path. Depends on job demands...