Announcement

Collapse
No announcement yet.

No outgoing mail on my Exchange 2010 server

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • No outgoing mail on my Exchange 2010 server

    Hi everyone,

    I've some problems sending mail outside my org.
    The situation is as follows:

    - Windows 2008 R2 server running XWall in my DMZ zone
    - Windows 2008 R2 server running Exchange 2010 (Mailbox, CAS, Hub and UM roles)

    Incoming mail is ok, internal mail too.

    I've created a Send Connector
    FQDN EXCH01.domain.local
    Address space * Cost 1
    Network Smart Host: IP of my XWall server
    Source Server: EXCH01

    telnet port 25 from XWall to EXCH01 works
    telnet port 25 from EXCH01 to XWall works
    When i send a mail it is queued in exchange with error 451 4.4.0 421 4.2.1 Unable to connect. I don't see any incoming connection on my XWall server so I presume the problem is within Exchange or maybe DNS?

    I've already searched on the net found several topics but no solution for me.

    When I run the Mail Flow Troubleshooter I get one error:
    Mail acceptance failure (Remote server EXCH01 failed the mail acceptance test when trying to open the remote socket. Respond = Remote socket is not available.

    The server in my DMZ zone had the EDGE role before I've installed XWall and it also didn't work for outgoing mail. That's why I 'm now trying with XWall.

    I hope someone can give me some advice.

    Thanks
    Zirou

  • #2
    Re: No outgoing mail on my Exchange 2010 server

    Originally posted by Zirou View Post
    Hi everyone,

    I've some problems sending mail outside my org.
    The situation is as follows:

    - Windows 2008 R2 server running XWall in my DMZ zone
    - Windows 2008 R2 server running Exchange 2010 (Mailbox, CAS, Hub and UM roles)

    Incoming mail is ok, internal mail too.

    I've created a Send Connector
    FQDN EXCH01.domain.local
    Address space * Cost 1
    Network Smart Host: IP of my XWall server
    Source Server: EXCH01

    telnet port 25 from XWall to EXCH01 works
    telnet port 25 from EXCH01 to XWall works
    When i send a mail it is queued in exchange with error 451 4.4.0 421 4.2.1 Unable to connect. I don't see any incoming connection on my XWall server so I presume the problem is within Exchange or maybe DNS?

    I've already searched on the net found several topics but no solution for me.

    When I run the Mail Flow Troubleshooter I get one error:
    Mail acceptance failure (Remote server EXCH01 failed the mail acceptance test when trying to open the remote socket. Respond = Remote socket is not available.

    The server in my DMZ zone had the EDGE role before I've installed XWall and it also didn't work for outgoing mail. That's why I 'm now trying with XWall.

    I hope someone can give me some advice.

    Thanks
    Zirou
    Sounds like a firewall issue. Can you confirm that the "XWALL" relay is listening on port 25 inside and outside?

    Comment


    • #3
      Re: No outgoing mail on my Exchange 2010 server

      Yes I can confirm that XWall listens on port 25

      Incoming mail is working fine and when I check on MXToolbox.com it displays 220 mail.xxx.com ESMTP XWall v3.46

      Telnet port 25 from EXCH01 to XWall works --> 220 mail.xxx.com ESMTP XWall v3.46

      Comment


      • #4
        Re: No outgoing mail on my Exchange 2010 server

        How did you configure the smart host? Did you use the GUI or Powershell? Does the IP address resolve to a host name? Have you tried changing to that instead?

        Simon.
        --
        Simon Butler
        Exchange MVP

        Blog: http://blog.sembee.co.uk/
        More Exchange Content: http://exchange.sembee.info/
        Exchange Resources List: http://exbpa.com/
        In the UK? Hire me: http://www.sembee.co.uk/

        Sembee is a registered trademark, used here with permission.

        Comment


        • #5
          Re: No outgoing mail on my Exchange 2010 server

          Hi Simon,

          I've created and configured the send connector with the GUI.
          The XWall server is no part of the domain but in a DMZ zone.
          The IP doesn't resolve in a host name, is a host name needed as smart host?
          I can create an entry on my DNS server to get a host name on this IP if it is needed.

          I haven't replaced the ip with a host name.
          I can try that if you think it can help.

          Or should I delete the send connector and recreate it using Powershell?

          Comment


          • #6
            Re: No outgoing mail on my Exchange 2010 server

            There is no difference between the GUI and the Shell, other than the shell is easier to make errors!

            It would appear that Exchange is having problems connecting to the appliance, so you have to look at why. That could be something blocking the traffic (AV for example), or a firewall.

            Simon.
            --
            Simon Butler
            Exchange MVP

            Blog: http://blog.sembee.co.uk/
            More Exchange Content: http://exchange.sembee.info/
            Exchange Resources List: http://exbpa.com/
            In the UK? Hire me: http://www.sembee.co.uk/

            Sembee is a registered trademark, used here with permission.

            Comment


            • #7
              Re: No outgoing mail on my Exchange 2010 server

              Is the XWall properly configured to relay emails out?

              After you telnet 25 from EXCH01 to XWall, what do you get if you type:
              HELO
              MAIL FROM: <[email protected]>
              RCPT TO: <[email protected]>
              DATA
              test
              .

              Comment


              • #8
                Re: No outgoing mail on my Exchange 2010 server

                I also think it is a connection problem but the firewalls on both servers are disabled, The central firewall is configured to let traffic on port 25 both ways between internal and DMZ.
                McAfee ePO has an exclude in the policy so it doensn't block mail traffic on the exchange server.

                Alex, the telnet test was succefull:
                Just had to use HELO localhost as first command but it worked

                helo localhost
                250 mail.xxx.com
                mail from: [email protected]
                250 originator [email protected] ok
                rcpt to: [email protected]
                250 recipient [email protected]ail.com ok
                data
                354 start mail input
                test
                .
                250 message accepted (rt01dv)

                I also see this log in XWall and received the mail in my gmail mailbox so it seems like the connection is ok but something is not working on my exchange server.

                Comment


                • #9
                  Re: No outgoing mail on my Exchange 2010 server

                  Do you feel like recreating that connector?
                  Are you using IP or FQDN for the smart host? Did you try them both?
                  Can you post the whole convesation error from the SMTP log?

                  Comment


                  • #10
                    Re: No outgoing mail on my Exchange 2010 server

                    Hi Alex,

                    I already have recreated the send connector, always using the IP for the smart host because the xwall isn't in any domain so I don't know if XWall.dmz will work.

                    I can see in the log file that it gets an access denied:

                    2011-05-05T00:00:17.544Z,08CDD87A2BC9AA67,SMTP,[x.x.x.x],+,SmartHostConnectorDelivery 961b8f77-f965-4603-90a7-5cd3b9e50f59;QueueLength=2
                    2011-05-05T00:00:17.544Z,08CDD87A2BC9AA67,SMTP,[x.x.x.x],>,[x.x.x.x][x.x.x.x]
                    2011-05-05T00:00:17.544Z,08CDD87A2BC9AA67,SMTP,[x.x.x.x],>,Failed connection to x.x.x.x (AccessDenied:0000271D)[TargetHost:[x.x.x.x]|MarkedUnhealthy|FailureCount:68|NextRetryTime:201 1-05-05T00:10:17.544Z][TargetIPAddress.x.x.x|MarkedUnhealthy|FailureCount:68|NextRetryTi me:2011-05-05T00:10:17.544Z]
                    2011-05-05T00:00:17.544Z,08CDD87A2BC9AA67,SMTP,[x.x.x.x],-,Messages: 0 Bytes: 0 (Retry : Unable to connect)

                    Comment


                    • #11
                      Re: No outgoing mail on my Exchange 2010 server

                      I guess that is message tracking log.
                      Can you post SMTP log?
                      Switch the SMTP logging on from the General properties page on the connector by choosing Verbose and find it in
                      C:\Program Files\Microsoft\Exchange Server\V14\TransportRoles\Logs\ProtocolLog\SmtpSen d

                      The IP in this log is from the private range, so you might leave it as it is, you won't be exposing a lot of information?

                      I guess you are 100% sure the IP of the smart connector matches the inside IP of the XWall?

                      Comment


                      • #12
                        Re: No outgoing mail on my Exchange 2010 server

                        I've enabled verbose on send connector and this is what i get:

                        #Software: Microsoft Exchange Server
                        #Version: 14.0.0.0
                        #Log-type: SMTP Send Protocol Log
                        #Date: 2011-05-06T10:46:21.951Z
                        #Fields: date-time,connector-id,session-id,sequence-number,local-endpoint,remote-endpoint,event,data,context
                        2011-05-06T10:46:21.951Z,XWall,08CDD947E6146769,0,,x.x.3.3 0:25,*,,attempting to connect
                        2011-05-06T10:46:21.998Z,XWall,08CDD947E6146769,1,,x.x.3.3 0:25,*,,"Failed to connect. Error Code: 10013, Error Message: An attempt was made to access a socket in a way forbidden by its access permissions x.x.3.30:25"

                        BTW the space between 3 and 0 on x.x.3.3 0 is only in this topic, not in the log or config there is no space in my text so I can't edit it.

                        Very strange to me because it works when I use telnet x.x.3.30 25, and also when I send a test mail to my gmail account using telnet.

                        And yes the IP of the xwall server is x.x.3.30, and I can ping, telnet or rdp without any problem. I don't see any request in the XWall log when exchange is trying to send mail, telnet request and incoming mail are diplayed so it seems that exchange doesn't reach the xwall server for a reason...

                        For the ip address i'd rather not diplay all, even if it is internal.
                        Last edited by Zirou; 6th May 2011, 12:09.

                        Comment


                        • #13
                          Re: No outgoing mail on my Exchange 2010 server

                          I just re-read all the posts. You said the firewalls are disabled on both servers, and you mentioned McAfee ePO. I'm not sure how that works, but do you have it installed on the Exchange server? Can you uninstall it?


                          I guess both servers are on the same subnet, maybe same switch and there is nothing between them?


                          Did you install both SP1 for 2008R2 and SP1 for Exchange 2010?

                          Comment


                          • #14
                            Re: No outgoing mail on my Exchange 2010 server

                            you say you have already deleted and recreated the connector.

                            I'm inclined to say, Try again.

                            it looks like you're rtrying to connect to 0:25 rather than 10.1.3.30:25 (or whatever your IP address is)

                            this suggests you may have a typo in your connector. Get someone else to double check for you.

                            Or, create a name refgistration
                            Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

                            Comment


                            • #15
                              Re: No outgoing mail on my Exchange 2010 server

                              Just deleted my send connector 'XWall', restarted the Transport service and recreated a new one named 'send connector'. I've then sent a new test mail to my gmail address, verbose enabled and also ,monitoring port 25 with Wireshark but nothing happens on Wireshark and my testmail is queued on SmartHostConnectorDelivery

                              When I start telnet to the xwall server using x.x.3.30 I can see it in Wireshark so exchange doesn't try to deliver it to XWall.

                              I've configured the send connector like this:

                              name: Send Connector
                              protocol: Verbose
                              FQDN: mail.xxxx.com
                              Address Space: SMTP * 1 (include all subdomains)
                              Network: Route mail through smart host: [x.x.3.30]
                              Smart host authentication: None
                              External DNS: not selected
                              Source server: EXCH01 (my only exchange server)

                              In my smtpsend log I still get the same error:

                              2011-05-06T14:20:22.934Z,Send Connector,08CDDA0F21BCCA87,0,,x.x.3.30:25,*,,attem pting to connect
                              2011-05-06T14:20:22.934Z,Send Connector,08CDDA0F21BCCA87,1,,x.x.3.30:25,*,,"Fail ed to connect. Error Code: 10013, Error Message: An attempt was made to access a socket in a way forbidden by its access permissions x.x.3.30:25"

                              I think i found the problem, it's my McAfee agent , the exclude I made for exchange in mass mail is not working so it blocks the traffic and that would explain why i don't see any traffic using exchange and why it works using telnet.

                              I'm now changing the excludes in ePO and will post the results later

                              Comment

                              Working...
                              X