|
Hello, Having a problem after I had two servers crash. Running Exchange 2010 Hub, CAS on one machine and Exchange 2010 Edge with TMG on another. Prior to the crash outbound and incoming mails worked fine. Having to rebuild the exchange environment, some settings got lost in the restore. So here is what I currently have: Exchange 2010 on Windows 2008 R2 both machines. Hub Recieve connector for Mailhop: Network Tab: Authentication Tab: Permissions Tab: Send Connectors for Edge Sync Outbound: Address Space Tab: Network Tab: Source Server Tab: Shows my Edge machine TMG has the following rules I created for DynDns. Dyn SMTP 1 Outbound Port 10025 using SMTP filter. Dyn SMTP 2 Inbound Port 10025 using SMTP filter. Edge Subscription Connectivity is Enabled and the following are in the IP Allow List: 216.146.32.0 - 213.146.33.255. Now if I ran Start-EdgeSyncronization -ForceFull, then ran Test-EdgeSyncronization -FullCompareMode and both passed. I am having no trouble receiving emails, but outbound emails are not going through. I brought up Queue Viewer on the hub and was presented with 11 emails in the retry queue. they are all valid emails, noting unusual like spam sitting in there. There is no Last Error on the single messages alone but the queue has the following Last Error:
As far as I can tell I have entered in all the required information from http://dyn.com/support/why-cant-i-send-email/ but am still getting nowhere. I have run out of ideas on how to fix this can anyone see anything I might have missed, which is extremely possible. Also have checked my Dyn Email Gateway setup and that is correct, otherwise I would not be receiving emails. And all the required A and MX records are in Dyn DNS. Thanks, Michael Mastro II |
|
Please note that ping is a meaningless diagnostic tool outside of your own network. Your The fact that the telnet test failed suggests that your ISP may be filtering traffic, or you have a firewall blocking that traffic. Did you also try port
I assume that this host generally has Internet access? Can you complete the telnet check from a different computer on the same network?
That strongly points to a problem specific to your Exchange host then. You need to check carefully it's firewall settings on the Exchange server to see what has been set, and the firewall settings on Forefront too - and the logs for both. Yes I was able to telnet in from a client through the firewall.
Jan 12 at 05:06 PM
MikeRM2
Yep that did it. Added local host to the From/Listeners on the rule in Forefront TMG. I then hit retry on the queue and the DSN messagees that were bounce backs got stuck. removed them from the queue and the last message went with a 454 4.7.5 Certificate validation error. Went over to the hub, opened up the send connect for the smart host, unchecked Basic with TLS so it was only basic and forced a edge synchronization. Hit retry on the edge queue, message went through, checked Hotmail and the email was there. Everything works now.
Jan 12 at 06:13 PM
MikeRM2
|
|
Hello, Well the 451 5.7.3 problem has been resolved. TMG/Edge had the internal listener as externally secured (ipsec) checked, so I unchecked that and checked Exchange Server. Now I have a 421 4.2.1 unable to connect problem. I tried telnet http://outbound.mailhop.org 10025 and it failed to connect. Ping http://outbound.mailhop.org and that went into Request Time Out. Had a friend not even close to being hooked into my network try to ping with request timed out. I made sure that he read off the return to me that it had the same IP address I was seeing and it was. The strange thing is I am currently still receiving emails, even at this moment another arrived. Any thoughts? |
|
I do have ForeFront Threat Management Gateway as the firewall to the lan, but I am using the external nic of the TMG server to seemingly bypass the firewall there, even though I have temporarily opened up all outbound traffic for troubleshooting. Now the external nic is plugged into a Actiontec MI-424-WRv2 provided by Verizon, so there is the cheap consumer grade firewall/router. Nothing else from there. Tried to telnet to 2525 and it failed also. I also tried the following ports 24, 26, 587, 52525 to no avail. |