Hi,

Thanks for looking at this.

SBS 2011 running Exchange 2010.

Issue: External mail stopped at 08:16 this morning!

I tried to Telnet from outside and instead of getting the exchange banner like it always did it now returns "press any key to continue...."

I had a check of the internet and couldn't find anything relevant so thought I would post here.

The MX records have always been set to mail.domain.co.uk pointing to the correct static IP of the SBS box. Previously when a telnet session was started to mail.domain.co.uk 25 it would return with the standard Exchange 2010 banner with the FQDN of remote.domain.co.uk and you could then test sending an email to an internal recipient.

There are other domains for which it is authorised and their MX records are set to mail.domain2.co.uk with the static IP of the SBS box. These also fail if you try to Telnet to them with the same "press any key to continue...."

I can telnet ok to remote.domain.co.uk and it logs in ok and I cam send a test mail.

I've rebooted the Server and applied updates it has found but it still refuses Telnet sessions and obviously other external email.

Internal mail is working OK.

Nothing had changed after 8:16 and I've checked the receive connectors and the look OK.

I've updated the main MX to remote.domain.co.uk and am waiting for that to propagate but would be interested to find out the underlying cause.

Thanks for your help.

Pete

Hi

Is port 25 open on the firewall?

How are you routing mail? is it through a smarthost or DNS?

Does your firewall or NAT have all the relevant ports like 25,587,443 etc, open?

So you have/had mail.domain.co.uk, mail.domain2.co.uk and remote.domain.co.uk MX records all pointing to the same public IP but now you can only telnet port 25 to remote.domain.co.uk and successfully get an answer?  If I'm wrong, please correct.  That leads me to believe that it's not the firewall, as you can telnet to 25 and have your Exchange server respond, even if it's only when communicating with remote.domain.co.uk.   Without knowing any further details, my initial thought is that it's either a DNS issue or possibly a cert issue.  Have you verified with your domain registrar that the "MX" and "A" records are still valid?  I'm guessing the domain name didn't expire, otherwise the remote.domain.co.uk FQDN wouldn't work either.  You can try using the remote connectivity analyzer tool https://testconnectivity.microsoft.com/; it might show you an error that would point you in the right direction.  If you telnet to mail.domain.co.uk using 80 or 443, does your Exchange server answer?  Is it only port 25 or all of the Exchange ports?

Hello

test smtp imbound with https://testconnectivity.microsoft.com

and share test report please.

Here's the connection results

Testing inbound SMTP mail flow for domain xxxxxx.
  The Microsoft Connectivity Analyzer failed to test inbound SMTP mail flow.
 
 Additional Details
 
Elapsed Time: 16996 ms. 

 
 Test Steps
 
 Attempting to retrieve DNS MX records for domain 'xxxxxxx.co.uk'.
  One or more MX records were successfully retrieved from DNS.
 
 Additional Details
 
MX Records Host remote.xxxxxxx.co.uk, Preference 10
, Host mail2.xxxxxxx.co.uk, Preference 20

Elapsed Time: 120 ms. 

 Testing Mail Exchanger remote.xxxxxxxx.co.uk.
  One or more SMTP tests failed for this Mail Exchanger.
 
 Additional Details
 
Elapsed Time: 16875 ms. 

 
 Test Steps
 
 Attempting to resolve the host name remote.xxxxxxx.co.uk in DNS.
  The host name resolved successfully.
 
 Additional Details
 
IP addresses returned: 21x.xxx.xxx.xx

Elapsed Time: 292 ms. 

 Testing TCP port 25 on host remote.xxxxxxxx.co.uk to ensure it's listening and open.
  The specified port is either blocked, not listening, or not producing the expected response.
   Tell me more about this issue and how to resolve it
 
 Additional Details
 
The connection was established but a banner was never received.

Elapsed Time: 16583 ms 

Thanks for your help.

Pete

Hello

tip: restart transport services and check firewall and virusscan, and windows eventlogs.

hi,

I tried those earlier before posting.

I've just restarted the Server again but still no banner!

Thanks

Pete

Hello

and from internal client telnet to 25 port add smtp banner?

Hi All,

Firewall was lying it said it was passing packets but it wasn't!

Rebooted Firewall and all's good.

• Marked as answer by PJ180 11 hours 26 minutes ago