SBS 2008/Exc 2007 - Cannot receive mail from all domains
Hello everyone Ive setup an SBS 2008 with Exc 2007. I have a static IP from an ISP, which resolves to xxx.static.otenet.gr (the ISP does not provide the ability to set A record for ex. mail.company.gr to its IP). Ive set this FQDN as MX record in the DNS settings of my site registrar. nslookup Non-authoritative answer: company.gr mail exchanger = 10 xxxx.static.otenet.gr. Authoritative answers can be found from: xxx.static.otenet.gr internet address = xx.xx.48.65 In Server Configuration -> Hub Transport -> Specify the FQDN ... I have the FQDN that resolves to the ISP's IP Problem: I can send mail to any domain (gmail, yahoo etc) and receive from most of them. However, some domains cannot send mail to me. errors: server5.site5.com #550-Verification failed for 550-No Such User Here 550 Sender verify failed or: sorry, no mailbox here by that name. (#5.7.17) or: This address no longer accepts mail. I have change the default SMTP banner (http://technet.microsoft.com/en-us/library/bb124740.aspx) to mail.company.gr or xxx.static.otenet.gr But the issue continues..... Thanks in advance Kostas Backas
June 2nd, 2009 8:12pm
Hello everyoneIve setup an SBS 2008 with Exc 2007.I have a static IP from an ISP, which resolves to xxx.static.otenet.gr (the ISP does not provide the ability to set A record for ex. mail.company.gr to its IP).Ive set this FQDN as MX record in the DNS settings of my site registrar.
Your ISP would not normally be responsible for this anyway. You register your SMTP domain with a domain registrar and from there define who you want to host your DNS. By Default its the registrar itself. once you set this up you can define whatever records you want.Mike Crowley: MCT, MCSE, MCTS, MCITP: Enterprise Administrator / Messaging Administrator
Free Windows Admin Tool Kit Click here and download it now
June 2nd, 2009 11:45pm
What is the domain name you are actually trying to accept mail for? the xxx doesnt help me.Heres what I'm doing from my computer. This is also what all internet email servers will use to determine where your mail is to be delivered:Start, Run, CMD <enter>nslookup <enter>set q=mx <enter>yourdomain.comthis should return something like this: (i've done it for my domain)Non-authoritative answer:go-planet.com MX preference = 5, mail exchanger = sungardmta-1.messageone.comso in my scenario, mail should be submitted to sungardmta-1.messageone.comMike Crowley: MCT, MCSE, MCTS, MCITP: Enterprise Administrator / Messaging Administrator
June 2nd, 2009 11:48pm
Please use the articles below to verify the configurations on the SBS server:
Introducing the Connect to the Internet Wizard (CTIW)
Introducing the Internet Address Management Wizard: Part 1 of 3
Introducing the Internet Address Management Wizard: Part 2 of 3
Introducing the Internet Address Management Wizard: Part 3 of 3
And your output of Nslookup looks differently than the normal one, like the one posted by Mike. Please use Mikes suggestion, or use this web site to check the records
Additionally, please use Internet Email Tests in the Remote Connectivity Analyzer to test the inbound mail flow from Internet, which is very useful for troubleshooting
Resources:
Announcing the release of Exchange Server Remote Connectivity Analyzer
Exchange Remote Connectivity Analyzer Tool
Using the Exchange Server Remote Connectivity Analyzer Tool
Notes: This is a forum for the issue in pure exchange environment, please use SBS 2008 Newsgroup for the question about the exchange on SBS server which would be the best place
Free Windows Admin Tool Kit Click here and download it now
June 3rd, 2009 8:51am
Thanks for the answers The Greek ISPs doesnt provide the option of setting A records, except if you buy a block of 16 IPs (not a single one), or if you host the domain on them. Anyway... Here is nslookup Non-authoritative answer: serveradmin.gr mail exchanger = 10 oik72.static.otenet.gr. Authoritative answers can be found from: oik72.static.otenet.gr internet address = 85.72.48.65 and here is Remote Connectivity Analyzer Connectivity Test Successful Test Details Testing Inbound SMTP Mail flow for domain kostasbackas@serveradmin.gr Inbound SMTP mail flow was verified successfully. Test Steps Attempting to retrieve DNS MX records for domain serveradmin.gr Successfully retrieved one or more MX records from DNS Additional Details MX Records Host oik72.static.otenet.gr, Preference 10 Testing Mail Exchanger oik72.static.otenet.gr. This Mail Exchanger was tested successfully. Test Steps Attempting to Resolve the host name oik72.static.otenet.gr in DNS. Host successfully Resolved Additional Details Testing TCP Port 25 on host oik72.static.otenet.gr to ensure it is listening/open. The port was opened successfully. Additional Details Attempting to send test email message to kostasbackas@serveradmin.gr using MX oik72.static.otenet.gr. The test message was delivered successfully. Testing the MX oik72.static.otenet.gr for open relay by trying to relay to user Admin@TestExchangeConnectivity.com Open Relay test passed. This mx is not an open relay Additional Details The open relay test message delivery failed (a good thing). The exception detail is: Exception Details: Message: Mailbox unavailable. The server response was: 5.7.1 Unable to relay Type: System.Net.Mail.SmtpFailedRecipientException Stack Trace: at System.Net.Mail.SmtpTransport.SendMail(MailAddress sender, MailAddressCollection recipients, String deliveryNotify, SmtpFailedRecipientException& exception) at System.Net.Mail.SmtpClient.Send(MailMessage message) at Microsoft.Exchange.Tools.ExRca.Tests.SmtpOpenRelayTest.PerformTestReally() Check the line in bold (mailbox unavailable-5.7.1) Thanks Kostas
June 3rd, 2009 11:42am
Again, the ISP is not responsible for this anyway. You are likely confusing "A" records with PTR records. Which an ISP WOULD likely host. There couldnt possibly be a DNS provider that doesnt support A records, as they are the most common type of record in use. BUT I'm not sure if that arguement is necessary since you apparently already DO have an A record called "oik72".That test you are doing tries to ensure your server isn't an "open relay". that means make sure your server wont send spam. the fact that it fails is a good thing. it even says " (a good thing)" right above it. its trying to send mail to Admin@TestExchangeConnectivity.com which isnt at your company.It would appear mail is working fine. If it wasnt moved to your spam folder you should now have a message from me. Here is the report:....................From email address: MikeCrowley@dontreply.localTo email address: kostasbackas@serveradmin.gr Outgoing mail server (SMTP): oik72.static.otenet.grPort: 25Subject: [SMTP Diagnostics] Send TestMessage:Send test from SMTP Diagnostics.....................Connecting to mail server.Connected.220 oik72.static.otenet.gr ESMTP Send just mailEHLO ChuckNorris250-oik72.static.otenet.gr Hello [71.246.216.58]250-SIZE 10485760250-PIPELINING250-DSN250-ENHANCEDSTATUSCODES250-AUTH250-8BITMIME250-BINARYMIME250 CHUNKINGRSET250 2.0.0 ResettingMAIL FROM: <MikeCrowley@dontreply.local>250 2.1.0 Sender OKRCPT TO:<kostasbackas@serveradmin.gr>250 2.1.5 Recipient OKDATA354 Start mail input; end with <CRLF>.<CRLF>.250 2.6.0 <75060164l.5545461l1240828l1l@dontreply.local> Queued mail for deliveryQUIT221 2.0.0 Service closing transmission channelDisconnected.....................Mike Crowley: MCT, MCSE, MCTS, MCITP: Enterprise Administrator / Messaging Administrator
Free Windows Admin Tool Kit Click here and download it now
June 4th, 2009 12:44am
Quote: some domains cannot send mail to me
Is the issue permanently? Does mail flow always fail from those domains? Please try to telnet from those domains to your port 25 to send a test mail directly, see if we can get any error info
When Mike telnet your server, I checked listed SMTP verbs. There are some missing verbs by comparing with a pure exchange 2007 Hub as I dont have a SBS 2008 lab currently. I will find a SBS lab to verify again
Meanwhile, please check your output of Internet receive connector on the SBS server, heres the output it shall be:
AuthMechanism : Tls
Banner :
BinaryMimeEnabled : True
Bindings : {192.168.0.2:25}
ChunkingEnabled : True
DefaultDomain :
DeliveryStatusNotificationEnabled : True
EightBitMimeEnabled : True
DomainSecureEnabled : False
EnhancedStatusCodesEnabled : True
LongAddressesEnabled : False
OrarEnabled : False
Fqdn : remote.sbs08.com.cn
Comment :
Enabled : True
ConnectionTimeout : 00:10:00
ConnectionInactivityTimeout : 00:01:00
MessageRateLimit : unlimited
MaxInboundConnection : 5000
MaxInboundConnectionPerSource : 20
MaxInboundConnectionPercentagePerSource : 2
MaxHeaderSize : 64KB
MaxHopCount : 30
MaxLocalHopCount : 8
MaxLogonFailures : 3
MaxMessageSize : 10MB
MaxProtocolErrors : 5
MaxRecipientsPerMessage : 200
PermissionGroups : AnonymousUsers
PipeliningEnabled : True
ProtocolLoggingLevel : None
RemoteIPRanges : {192.168.1.0-255.255.255.255, 192.168
.0.1-192.168.0.1, 0.0.0.0-192.167.255
.255}
RequireEHLODomain : False
RequireTLS : False
EnableAuthGSSAPI : False
Server : SBS01
SizeEnabled : Enabled
TarpitInterval : 00:00:05
AdminDisplayName :
ExchangeVersion : 0.1 (8.0.535.0)
Name : Windows SBS Internet Receive SBS01
DistinguishedName : CN=Windows SBS Internet Receive SBS01
,CN=SMTP Receive Connectors,CN=Protoc
ols,CN=SBS01,CN=Servers,CN=Exchange A
dministrative Group (FYDIBOHF23SPDLT)
,CN=Administrative Groups,CN=First Or
ganization,CN=Microsoft Exchange,CN=S
ervices,CN=Configuration,DC=sbs2008,D
C=local
Identity : SBS01\Windows SBS Internet Receive SBS01
Guid : 70bf7228-8459-4507-b894-6050b2b54a16
ObjectCategory : sbs2008.local/Configuration/Schema/ms
-Exch-Smtp-Receive-Connector
ObjectClass : {top, msExchSmtpReceiveConnector}
WhenChanged : 2/11/2009 12:21:22 AM
WhenCreated : 2/11/2009 12:21:22 AM
OriginatingServer : SBS01.sbs2008.local
IsValid : True
June 4th, 2009 5:30am
Now that you mention it, yeah, that doesnt look like an Exchange server response. I've never seen "Send just mail" as the banner. it should look like this:220 server.domain.local Microsoft ESMTP MAIL Service ready at Thu, 4 Jun 2009 10:13:56 -0400Not that this is a problem, but it makes me think you have an SMTP gateway in front of Exchange that needs to be examined or removed from the equation.
Mike Crowley: MCT, MCSE, MCTS, MCITP: Enterprise Administrator / Messaging Administrator
Free Windows Admin Tool Kit Click here and download it now
June 4th, 2009 5:17pm
Mike, thanks for testing. Yes, Ive received your messages. As a matter of fact, Ive changed the default SMTP banner, as I mention in my first post. I dont have any other SMTP gateway. James Luo, thanks for the answer. Yes, I cannot receive permanently e-mails from these domains that I mention. I will post the output of the Receive Connector asap. Thank you Kostas
June 4th, 2009 6:13pm
Here is the output of:get-receiveconnector -id "Windows SBS Internet Receive SBS" |fl
AuthMechanism : Tls
Banner : 220 oik72.static.otenet.gr ESMTP Send
just mail
BinaryMimeEnabled : True
Bindings : {192.168.16.100:25}
ChunkingEnabled : True
DefaultDomain :
DeliveryStatusNotificationEnabled : True
EightBitMimeEnabled : True
DomainSecureEnabled : False
EnhancedStatusCodesEnabled : True
LongAddressesEnabled : False
OrarEnabled : False
Fqdn : oik72.static.otenet.gr
Comment :
Enabled : True
ConnectionTimeout : 00:10:00
ConnectionInactivityTimeout : 00:01:00
MessageRateLimit : unlimited
MaxInboundConnection : 5000
MaxInboundConnectionPerSource : 20
MaxInboundConnectionPercentagePerSource : 2
MaxHeaderSize : 64KB
MaxHopCount : 30
MaxLocalHopCount : 8
MaxLogonFailures : 3
MaxMessageSize : 10MB
MaxProtocolErrors : 5
MaxRecipientsPerMessage : 200
PermissionGroups : AnonymousUsers
PipeliningEnabled : True
ProtocolLoggingLevel : None
RemoteIPRanges : {0.0.0.0-255.255.255.255}
RequireEHLODomain : False
RequireTLS : False
EnableAuthGSSAPI : False
Server : SBS
SizeEnabled : Enabled
TarpitInterval : 00:00:05
AdminDisplayName :
ExchangeVersion : 0.1 (8.0.535.0)
Name : Windows SBS Internet Receive SBS
DistinguishedName : CN=Windows SBS Internet Receive SBS,C
N=SMTP Receive Connectors,CN=Protocol
s,CN=SBS,CN=Servers,CN=Exchange Admin
istrative Group (FYDIBOHF23SPDLT),CN=
Administrative Groups,CN=First Organi
zation,CN=Microsoft Exchange,CN=Servi
ces,CN=Configuration,DC=serveradmin,D
C=local
Identity : SBS\Windows SBS Internet Receive SBS
Guid : 68b450f1-22b4-43eb-b789-5eb791b6d21e
ObjectCategory : serveradmin.local/Configuration/Schem
a/ms-Exch-Smtp-Receive-Connector
ObjectClass : {top, msExchSmtpReceiveConnector}
WhenChanged : 30/5/2009 7:39:18 ??
WhenCreated : 1/5/2009 6:09:38 ??
OriginatingServer : SBS.serveradmin.local
IsValid : True
Thanks
Kostas
Free Windows Admin Tool Kit Click here and download it now
June 8th, 2009 7:27pm
What kind of error info would occur if we telnet from those problematic domains?
Can you reproduce the issue and send me the network trace on the SBS server?
a. Please start Network Monitor on exchange server to capture the network trace
b. Send test mail and reproduce the issue
c. Stop the network monitor, and save the trace
Notes: Please define the name for all relevant stuff in the trace package, like machine name, IP address and etc
Resources:
How to capture network traffic with Network Monitor
June 9th, 2009 6:51am