Hello, I would appreciate if someone could lend a helping hand. I run a small network with SBS 2008 which has Exchange 2007. Our SBS 2008 box is our mail server and has been working fine for just over a year. I believe that I have not been able to send mail externally since this last Friday. Coincidently, this happens to be the date when I installed SQL Server Express 2008 R2 on our SBS 2008 Server and my feeling is that this installation may have changed some of the Port/Firewall settings and I would like some help investigating Exchange Server. This is the only change that has happend on the Network. The Firewall has not been changed or logged into. I installed the new separate SQL 2008R2 instance (i.e. I still have SBSMonitoring on the default SQL Server 2005 on my SBS 2008 Server) which is configured on TCPIP Port 1491, away from the standard 1433 for the existing SQL 2005 instance. Furthermore, I created two new rules in the Firewall (Inbound and Outbound for Port 1491). I have not deleted any rules on the Firewall. This is as far as I have got and I am stuck: I have established Port 25 may now not be open. I have established this from the Server by trying to telnet to one of my providers. open mail.complyport.co.uk 25 Connecting To mail.complyport.co.uk...Could not open connection to the host, on port 25: Connect failedStrangely, my Exchange Server is receiving Mail. I dont think I have any problems receiving mail.I have run a test on http://www.testexchangeconnectivity.com The only issue that came back was a final warning Attempting to find the SPF record using a DNS TEXT record query. ExRCA wasn't able to find the SPF recordI dont know if this is helpful, but when my Exchange Server was working fine, I was able to use Powershell to query the ExchangeServer. Now when I run the following command PS C:\> Get-ExchangeServer | fl I get the following error (I am not sure if the Exchange Module needs to be loaded?) The term 'Get-ExchangeServer' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again. At line:1 char:19 + Get-ExchangeServer <<<< | fl + CategoryInfo : ObjectNotFound: (Get-ExchangeServer:String) [], CommandNotFoundException + FullyQualifiedErrorId : CommandNotFoundException This concerns me a little and I would appreciate if anyone has any ideas as to why this has stopped working?If I look at my Server Firewall Rules, I dont see anything either in the Inbound or Outbound rules thathas SMTP in the name or any rule that has a Local or Remote Port of 25. The question here is whether I need to open a Port? If so, how can I audit who deleted the rule? How does it need to be set up? Any steps would be really appreciated. Many thanks and kind regards, Bertie.

hi, Can you send internal message successful? I telnet the server as well and also get the same error. Can you telnet other domains? If you use SBS 2008, i think you can get better help from this forum:http://social.technet.microsoft.com/Forums/en/smallbusinessserver/threads hope can help you thanks, CastinLu TechNet Community Support

Dear CastinLu, Thanks for the reply, I have a tread over there in Small Business Server. I have also posted some of the output from Exchange Query Analyzer and Exchange Management Shell. I would appreciate if you could review and let me know if anything looks suspicious to you? Many thanks and kind regards, Bertie Link to SBS Thread: http://social.technet.microsoft.com/Forums/en/smallbusinessserver/thread/c60cf5e4-d872-43b1-a54d-3e1939bd887d Copied below for your convenience: Hi James, Thanks for the help. Its such a long time since I have touched Exchange that I completely forgot to go though the Exchange Management Shell and not the Normal Windows Powershell ISE. OK, I have copied in the results of the following commands: Get-ExchangeServer | flGet-SendConnectorTest-Mailflow FQDN -TargetEmailAddress InternalMailAddress -VerboseTest-Mailflow FQDN -TargetEmailAddress ExternalMailAddress -Verbose (which fails) As I have seen most security people change their addresses and firm names, I have done the same. however I am happy to send you the raw unedited information by mail if you need them. Also, in the Queue Analyzer, I am seeing the following error: Next Hop Domain Delivery Type Status Message Count Next Retry Time Last Error gmail.com DnsConnectorDelivery Active 9 External.com DnsConnectorDelivery Retry 2 26 June 2012 10:11:10 451 4.4.0 Primary target IP address responded with: "421 4.2.1 Unable to connect." Attempted failover to alternate host, but that did not succeed. Either there are no alternate hosts, or delivery failed to all alternate hosts. Submission Undefined Ready 0 Many thanks and kind regards, Bertie p.s. I am happy to send you the TCP/IP for the 2 SQL Server Instances if you feel that will be of any help as I made changes there on Friday. I do recall making changes, but though I only made changes to the TCP/IP of the new SQL Server 2008 instance and not the SQL2005 SBSMonitoring instance. Just in case its of any help to you, from SQL Server Configuration Manager, if I look at SBSMonitoring, these are the settings for some of the IPAddresses (Note that port 1 appears on my powershell Send Connector below): ################################################################################ SQL Server Configuration Manager (SBSMonitoring): ################################################################################IP5 Active = Yes Enabled = No IP Address = ::1 TCP Dynamic Ports = 0 TCP Port = IP6 Active = Yes Enabled = No IP Address = 127.0.0.1 TCP Dynamic Ports = 0 TCP Port = ################################################################################ Exchange Management Shell: ################################################################################ Notes: 1. MyDomain replaced with contoso 2. MyServerName replaced with ServerName 3. My email address is of the form bertie.surname1-surname2@contosobiz.co.uk ################################################################################ Normally the FQDN is the SMTP Address required. You can get that from the following command: [PS] C:\Windows\system32>Get-ExchangeServer | fl Name : ServerName DataPath : C:\Program Files\Microsoft\Exchange Server\ Mailbox Domain : contoso.local Edition : Standard ExchangeLegacyDN : /o=First Organization/ou=Exchange Administr ative Group (FYYYYYYYYYYYYLT)/cn=Configurat ion/cn=Servers/cn=ServerName Fqdn : ServerName.contoso.local IsHubTransportServer : True IsClientAccessServer : True IsExchange2007OrLater : True IsEdgeServer : False IsMailboxServer : True IsMemberOfCluster : No IsProvisionedServer : False IsUnifiedMessagingServer : False NetworkAddress : {ncacn_vns_spp:ServerName, netbios:ServerName, ncacn_np:ServerName, ncacn_spx:ServerName, ncac n_ip_tcp:ServerName.contoso.local, ncalrpc :ServerName} OrganizationalUnit : contoso.local/ServerName AdminDisplayVersion : Version 8.3 (Build 83.6) Site : contoso.local/Configuration/Sites/Defaul t-First-Site-Name ServerRole : Mailbox, ClientAccess, HubTransport ErrorReportingEnabled : StaticDomainControllers : {} StaticGlobalCatalogs : {} StaticConfigDomainController : StaticExcludedDomainControllers : {} CurrentDomainControllers : {} CurrentGlobalCatalogs : {} CurrentConfigDomainController : ProductID : xxxxx-xxx-xxxxxxx-xxxxx IsExchange2007TrialEdition : False IsExpiredExchange2007TrialEdition : False RemainingTrialPeriod : 00:00:00 IsValid : True OriginatingServer : ServerName.contoso.local ExchangeVersion : 0.1 (8.0.535.0) DistinguishedName : CN=ServerName,CN=Servers,CN=Exchange Administ rative Group (FYYYYYYYYYYYYLT),CN=Administr ative Groups,CN=First Organization,CN=Micro soft Exchange,CN=Services,CN=Configuration, DC=contoso,DC=local Identity : ServerName Guid : 6aaaaad-7ded-9512-87f8-8bbbbbbbbbb1 ObjectCategory : contoso.local/Configuration/Schema/ms-Ex ch-Exchange-Server ObjectClass : {top, server, msExchExchangeServer} WhenChanged : 12/03/2011 14:02:55 WhenCreated : 17/02/2011 13:03:28 ################################################################################ [PS] C:\Windows\system32>Get-SendConnector Identity AddressSpaces Enabled -------- ------------- ------- Windows SBS Internet Send ServerName {smtp:*;1} True ################################################################################ Test-mail Test-Mailflow ServerName.contoso.local -TargetEmailAddress Nick@contosobiz.co.uk -Verbose Test-Mailflow ServerName.contoso.local -TargetEmailAddress MyGmail@gmail.com -Verbose [PS] C:\Windows\system32>Test-Mailflow ServerName.contoso.local -TargetEmailAdd ress Nick@contosobiz.co.uk -Verbose VERBOSE: Test-Mailflow : Beginning processing. VERBOSE: Test-Mailflow : Searching objects "ServerName.contoso.local" of type "Server" under the root "$null". VERBOSE: Test-Mailflow : Previous operation run on domain controller 'ServerName.contoso.local'. VERBOSE: Test-Mailflow : Searching objects "SystemMailbox{6aaaaaa3-f01e-6d14-b480-1dddddddddd0}" of type "ADSystemMailbox" under the root "$null". VERBOSE: Test-Mailflow : Previous operation run on global catalog server 'ServerName.contoso.local'. VERBOSE: Testing mail flow. TestMailflowResult MessageLatencyTime IsRemoteTest ------------------ ------------------ ------------ Success 00:00:00.6719193 True VERBOSE: Test-Mailflow : Ending processing. [PS] C:\Windows\system32>Test-Mailflow ServerName.contoso.local -TargetEmailAdd ress MyGmail@gmail.com -Verbose VERBOSE: Test-Mailflow : Beginning processing. VERBOSE: Test-Mailflow : Searching objects "ServerName.contoso.local" of type "Server" under the root "$null". VERBOSE: Test-Mailflow : Previous operation run on domain controller 'ServerName.contoso.local'. VERBOSE: Test-Mailflow : Searching objects "SystemMailbox{6aaaaaa3-f01e-6d14-b480-1dddddddddd0}" of type "ADSystemMailbox" under the root "$null". VERBOSE: Test-Mailflow : Previous operation run on global catalog server 'ServerName.contoso.local'. VERBOSE: Testing mail flow. TestMailflowResult MessageLatencyTime IsRemoteTest ------------------ ------------------ ------------ *FAILURE* 00:00:00 True VERBOSE: Test-Mailflow : Ending processing.

A SQLServerMVP has kindly suggested I need to verify my SMTP Connector on Exchange 2007 (embedded within SBS 2008), do you know how I can do that (or set up a new connector if you feel this will fix the problem?) http://social.msdn.microsoft.com/Forums/en-US/sqlsetupandupgrade/thread/a6794784-8906-4256-add5-1c5a253f8bf9/ I have renamed the usual parts to Contoso (What I have renamed is in Bold) [PS] C:\Windows\system32>Get-SendConnector | fl AddressSpaces : {smtp:*;1} AuthenticationCredential : Comment : ConnectedDomains : {} ConnectionInactivityTimeOut : 00:10:00 DNSRoutingEnabled : True DomainSecureEnabled : False Enabled : True ForceHELO : False Fqdn : remote.contosobiz.co.uk HomeMTA : Microsoft MTA HomeMtaServerId : MyServerName Identity : Windows SBS Internet SendMyServerName IgnoreSTARTTLS : False IsScopedConnector : False IsSmtpConnector : True LinkedReceiveConnector : MaxMessageSize : 10MB Name : Windows SBS Internet SendMyServerName Port : 25 ProtocolLoggingLevel : None RequireTLS : False SmartHostAuthMechanism : None SmartHosts : {} SmartHostsString : SourceIPAddress : 0.0.0.0 SourceRoutingGroup : Exchange Routing Group (DWBBBBBBBBBBJR) SourceTransportServers : {MyServerName} UseExternalDNSServersEnabled : False FYI, my ISP mentions I dont need a smart host.

Resolved on the Small Business Server forum. Details are here: http://social.technet.microsoft.com/Forums/en/smallbusinessserver/thread/c60cf5e4-d872-43b1-a54d-3e1939bd887d Many thanks