Questions

SMTP Help: Can't receive email on Exchange 2007

+
0 Votes
Locked

SMTP Help: Can't receive email on Exchange 2007

cmrc28
Hi everyone
i'm new to Exchange 2007 and i'm needing help getting it to accept emails from the internet. I can send and receive internally. I can telnet port 25 and get the banner internally. I can send email to the internet. I have OWA setup and running Ok internally and externally. I just can't receive emails send from the internet.

I have only one machine available and i wanted to test Exchange 2007 before going to the real office environemnt. So i've set it as DC and the installation has run smooth. I installed all the Exchange Roles except the Edge Transport, obviously. The domain is shoppingmadeira.com and the server is exchange.shoppingmadeira.com. I have also enabled port 25 on the router, forwarding it to the internal IP. On the DNS Management i created an A record "mail" pointing to the external IP of the router and an MX record pointing to the A record. The same was done on the domain.

The messages sent from the internet are bounced with the following error:
For <carla@shoppingmadeira.com>, Gave up after 12 hours, last error: open (n.n.n.n) 23s failed A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.

What should i do to get this right?

Thanks
Carla
  • +
    0 Votes
    45GEEK

    It sounds like you might have a couple of problems but you just haven't given enough info and some of the info given should have been kept to your self (ip address) I would first look at your certificates configuration from the error you get it sounds like the MTA cannot authenticate your server. Are you using a certificate issued by a trusted root issue authority that the MTA can recognize?? Also you didn't describe what kind of configuration you are using...stand alone Exchange Server, front-end/back-end Server, Are you running WinServer (and what edition) with intergrated AD or just the add-on LDAP????? Usually most problems I have encountered with Exchange are either authentication problems or Permission problems. Is your SMTP info being redirected correctly???? What has a netstat revealed??? Did you get support with your product if so contact those people first as that is what you paid for so use them they have the best knowledge about the ins and outs plus common mistakes that can be made. Although Exchange is pretty easy to set up, because it involves so many things to work together it is easy to have mistyped something during the configuration process.

    But like I said from your post, you have it working in a test environment, and the error message you have it looks like an authentication problem with the MTA.

    +
    0 Votes
    cmrc28

    Hi 45Geek
    thank you for the reply and the tips. I don't have a certificate, i am using that is provided automatically during the Exchange installation. It does pop up on the web page when i use OWA externally. But i move ahead and i can access the mailbox. AD seems to be Ok as i can log in OWA without any problem. Server is standalone running windows Server 2003 and it's just for testing purposes. I have been thinking that it might be something wrong with the external DNS server and i already requested support on it. I'm waiting for some feedback. Fingers crossed!

    Thanks for your suggestions and i will be posting the solution here when i have it.

    Regards
    Carla

    +
    0 Votes
    CG IT

    Usually when there is a problem with inbound mail getting to the mail server, the reason is that the authoritative name servers don't resolve to the correct IP address.

    the domain name must resolve to your public IP address for your mail to work as your MX record resolves to the domain name.

    If your DNS server isn't the authoritative name server for the domain name, then that is the problem.

    Ensure that the authoritative name server for the domain name resolves queries to your public IP address. Then create your MX record that resolves to the domain name. as an example:

    <yourdomain>.com = public IP address

    <yourdomain>.com 10<yourdomain>.com

    This way queries for mail will resolve to your domain name which resolves to your public IP address.

    +
    0 Votes
    cmrc28

    Hello CG
    my DNS is not the authoritative. I just looked up the domain on www.checkdns.net and it's telling me that it really is an MX problem and an exteranl DNS problem as well. Apparently the server where the MX record is, is not responding. I'm getting it sorted out.

    Thank you for your help.

    Regards
    Carla

    +
    0 Votes
    etelsa

    I have excatlly the same problem, could you please tell me how did you resolve it.

    Thanks

    +
    0 Votes
    tauseef.ad

    Carla before getting into it you need to provide some information regarding your SMTP connector settings and ports you are using to send/receive emails, or is there any 3rd party SMTP gateway invloved? are you able to telnet port 25 from internet as well?
    Secondly have you checked thats your mentioned resolvable over internet or not, coz it might be something wrong in your DNS configuration because it took 12 hours to respond.
    Do post your experience when it will get resolved.
    Thanks

    +
    0 Votes
    cmrc28

    Hello Tauseef
    thank you for the soon reply as well. No, i cannot telnet from the internet. Only on the mail server itself. About the connectors, i use the SMTP Default Receiving connector for the internet and i have allowed Annonymous access. I didn't specify any IP on the tab "Network", i left it configured with the default range values...that is to accept connections from all the IPs (IPV4 and IPV6). I have a gateway/router to the internet on gateway mode and i am using ports 25 and 587 as indicated on the connectors.

    I have used the Mail Flow Troubleshooting on the Exchange 2007 Toolbox. It passes all the tests and then it gets to a part where it tells me that an email from ExMFA-MailAcceptTest@Fabrikam.com is being sent to a mailbox address i provide for SMTP testing purposes. I indicated a valid user mailbox of the AD. When i click on "next", it seems to go on a kind of loop but i do get 2 email messqages from ExMFA-MailAcceptTest@Fabrikam.com confirming the test. Only i think this is some Exchange internal email address, i receive it as i can receing any other from an AD user. When i cancel the loop, i don't get any useful information or error message.

    As i too am thinking that this could be something wrong with the external DNS, as soon as i get more information i will be posting it here.

    Thanks for your tips and help.

    Regards
    Carla

    +
    0 Votes
    tauseef.ad

    Hello Carla
    I am glad you are closed to get it resolved,
    just check whether you can telnet port 25
    over your inbound public IP address well if
    you can then i m sure you better knock door
    of your External DNS, and do check your MX
    and A records through any DNS checking
    website like Iptools or DNSstuff,
    Usually DNS resolution will take
    approximately 24 hrs
    Regards
    Tauseef

  • +
    0 Votes
    45GEEK

    It sounds like you might have a couple of problems but you just haven't given enough info and some of the info given should have been kept to your self (ip address) I would first look at your certificates configuration from the error you get it sounds like the MTA cannot authenticate your server. Are you using a certificate issued by a trusted root issue authority that the MTA can recognize?? Also you didn't describe what kind of configuration you are using...stand alone Exchange Server, front-end/back-end Server, Are you running WinServer (and what edition) with intergrated AD or just the add-on LDAP????? Usually most problems I have encountered with Exchange are either authentication problems or Permission problems. Is your SMTP info being redirected correctly???? What has a netstat revealed??? Did you get support with your product if so contact those people first as that is what you paid for so use them they have the best knowledge about the ins and outs plus common mistakes that can be made. Although Exchange is pretty easy to set up, because it involves so many things to work together it is easy to have mistyped something during the configuration process.

    But like I said from your post, you have it working in a test environment, and the error message you have it looks like an authentication problem with the MTA.

    +
    0 Votes
    cmrc28

    Hi 45Geek
    thank you for the reply and the tips. I don't have a certificate, i am using that is provided automatically during the Exchange installation. It does pop up on the web page when i use OWA externally. But i move ahead and i can access the mailbox. AD seems to be Ok as i can log in OWA without any problem. Server is standalone running windows Server 2003 and it's just for testing purposes. I have been thinking that it might be something wrong with the external DNS server and i already requested support on it. I'm waiting for some feedback. Fingers crossed!

    Thanks for your suggestions and i will be posting the solution here when i have it.

    Regards
    Carla

    +
    0 Votes
    CG IT

    Usually when there is a problem with inbound mail getting to the mail server, the reason is that the authoritative name servers don't resolve to the correct IP address.

    the domain name must resolve to your public IP address for your mail to work as your MX record resolves to the domain name.

    If your DNS server isn't the authoritative name server for the domain name, then that is the problem.

    Ensure that the authoritative name server for the domain name resolves queries to your public IP address. Then create your MX record that resolves to the domain name. as an example:

    <yourdomain>.com = public IP address

    <yourdomain>.com 10<yourdomain>.com

    This way queries for mail will resolve to your domain name which resolves to your public IP address.

    +
    0 Votes
    cmrc28

    Hello CG
    my DNS is not the authoritative. I just looked up the domain on www.checkdns.net and it's telling me that it really is an MX problem and an exteranl DNS problem as well. Apparently the server where the MX record is, is not responding. I'm getting it sorted out.

    Thank you for your help.

    Regards
    Carla

    +
    0 Votes
    etelsa

    I have excatlly the same problem, could you please tell me how did you resolve it.

    Thanks

    +
    0 Votes
    tauseef.ad

    Carla before getting into it you need to provide some information regarding your SMTP connector settings and ports you are using to send/receive emails, or is there any 3rd party SMTP gateway invloved? are you able to telnet port 25 from internet as well?
    Secondly have you checked thats your mentioned resolvable over internet or not, coz it might be something wrong in your DNS configuration because it took 12 hours to respond.
    Do post your experience when it will get resolved.
    Thanks

    +
    0 Votes
    cmrc28

    Hello Tauseef
    thank you for the soon reply as well. No, i cannot telnet from the internet. Only on the mail server itself. About the connectors, i use the SMTP Default Receiving connector for the internet and i have allowed Annonymous access. I didn't specify any IP on the tab "Network", i left it configured with the default range values...that is to accept connections from all the IPs (IPV4 and IPV6). I have a gateway/router to the internet on gateway mode and i am using ports 25 and 587 as indicated on the connectors.

    I have used the Mail Flow Troubleshooting on the Exchange 2007 Toolbox. It passes all the tests and then it gets to a part where it tells me that an email from ExMFA-MailAcceptTest@Fabrikam.com is being sent to a mailbox address i provide for SMTP testing purposes. I indicated a valid user mailbox of the AD. When i click on "next", it seems to go on a kind of loop but i do get 2 email messqages from ExMFA-MailAcceptTest@Fabrikam.com confirming the test. Only i think this is some Exchange internal email address, i receive it as i can receing any other from an AD user. When i cancel the loop, i don't get any useful information or error message.

    As i too am thinking that this could be something wrong with the external DNS, as soon as i get more information i will be posting it here.

    Thanks for your tips and help.

    Regards
    Carla

    +
    0 Votes
    tauseef.ad

    Hello Carla
    I am glad you are closed to get it resolved,
    just check whether you can telnet port 25
    over your inbound public IP address well if
    you can then i m sure you better knock door
    of your External DNS, and do check your MX
    and A records through any DNS checking
    website like Iptools or DNSstuff,
    Usually DNS resolution will take
    approximately 24 hrs
    Regards
    Tauseef