I am having a problem with an exchange server which I recently moved to a new location and new IP address. It seems to send and receive email. However when I telnet to port 25 on the server, and also to the OWA https it will time out for a few minutes on a periodic basis. I have identified a problem with the reverse DNS and locating a certificate , but in doing more research the certificate problem pre-existed the move date, so may not be the problem. In the events log I see the following events: 12014 Microsoft Exchange couldn't find a certificate that contains the domain name email.xxx.com in the personal store on the local computer. Therefore, it is unable to offer the STARTTLS SMTP verb for any connector with a FQDN parameter of email.xxxcom. Verify the connector configuration and the installed certificates to make sure that there is a certificate with a domain name for every connector FQDN. 1037 Inbound direct trust certificate with thumbprint ...xxxx chars .... has expired. Run New-ExchangeCertificate to generate a new direct trust certificate. 12015 A direct trust certificate expired. Thumbprint:...xxx chars .... <same as above cert the 12014 errors are about 15 min apart, but I'm not sure that the timeouts on the port 25 timeouts are. I have also observed that if I connect to the server via remote access and telnet to port 25 on the server it seems to "wake up" the external access, but that may not be a hint. FWIW the server power setting is "always on" and was not changed when the system was relocated. the server's connection to the internet is via an IPCop firewall system, and the mail server is the only system on that firewall. The ip is static. The reverse DNS is screwed up, since the DSL static ip resolves to ADSL.nnn.nnn.nnn.irvca.sbcglobal.com but the server is actually being connected thru via an MX record of email.xxx.com any suggestions will be welcome. I am in the process of getting the DNS problem resolved by adding a PTR record to return the email.xxx.com domain when the reverse lookup occurs

The errors 12014, 1037, 12015 all comes from that your cert has expired or your SMTP connectors use a naew not on the certificate.This will not stop mailflow to or from Internet. it will only make your server unable to use TLS.Since your certificate has expired you should get a new cert. with appropriate subject names in.Try to get the DNS configuired correct with MX,A adn PTR records. Try to make the names in send and receiveconnecors use the same name as in DNS if possible.verify that SMTP traffic is allowed through your firewall.lasse at humandata dot se, http://anewmessagehasarrived.blogspot.com