SMTP service relays to non-exchange box
Hi we have some servers that need to submit mail to our Exch 2007 server, however when logging the smtp service on these servers I can see that they are actually trying to submit mail to the FSMO holder on 2008 domain. I've checked the dns entries and the MX records point to our Exchange box also DHCP has the Exch server IP for SMTP traffic. What's going on? Really confused as to why on earth internal smtp servers are not submitting to the Exchange server.
Some history of the environment: Transitioned to Exch 2007 two months ago and everything worked fine, then recently introduced two new 2008 DCs and decommissioned the 2003 DCs - this is when the problems started, not at the Exchange transition point.
Thanks
All Replies
- This sounds like a DNS issue to me if you are just giving the email address to the servers that need to submit mail, and not specifying the mail server name.
Do you have internal MX records for the Exchange server, and does the application server use the internal DNS for resolution?
Also see http://msexchangeteam.com/archive/2006/12/28/432013.aspx for information on allowing application servers to relay through Exchange 2007.
Shaun Thanks, yep the app server uses internal DNS and DNS has MX records pointing to the Exch server. I will look at the connector article but we have a Linux box not on the domain submitting mail ok using a custom connector and as the app servers are not even finding the Exchange box I think thats where the problem lies. I don't know if its possible to give a 2003 server an MX record manually or where it might store this, does anyone know? Thanks
It could be that the app server has a problem with DNS, can you confirm what it has in its DNS cache. Can you run an nslookup or dig from the app server to see what it sees for the MX record of the domain?
Shaun- Thanks Shaun, on the app server using nslookup > set q=mxIt is telling me responsible mail address = hostmaster.mydomain.orghostmaster obviously isn't the name of the Exchange serverAlso looking through groups in the AD 'Exchange Domain Servers' group does not have the computer account for the Exchange server in it, just the user account Administrator, this can't be right?
- Does the nslookup -q=mx yourdomain.com show you the MX records for the servers? It should be showing you the internal servers if you have this setup on your internal DNS and the server is set to use this for DNS resolution.
The Exchange 2007 should be in the Exchange Servers universal security group.
Can you specify the mail server the app should submit mail to? If not, try making sure the DNS MX are setup on the Internal DNS and perhaps run (on the app server) a ipconfig /flushDNS and then ipconfig /RegisterDNS to refresh the DNS cache on the app server.
Shaun Thanks Shaun, iv been battling this for 3 days now. It seems whatever I do the Exch 07 box will not accept connections from member servers from their smtpsvc. I have installed a lightwieght smtp client on one of the members servers and with basic auth enabled and been able to send email. When I telnet 25 from a member server to the Exch box I can also send email. But if I let the smtpsvc (with or without authentication) to try to find the Exch server itself it can't and when I configure the name of the Exch server as a smart host to which all mail should go in the properities of the smtpsvc, the emails just stack up in the queue folder and I get a....
Event Type: Warning
Event Source: smtpsvc
Event Category: None
Event ID: 4000
Date: 04/11/2009
Time: 15:03:09
User: N/A
Computer: *****
Description:
Message delivery to the remote domain '***********.org' failed for the following reason: The remote server did not respond to a connection attempt....in the system log
I have tried to send from a 2008 smtpsvc as the logging better and have recieved this in the events
Log Name: System
Source: smtpsvc
Date: 04/11/2009 12:05:13
Event ID: 4000
Task Category: None
Level: Warning
Keywords: Classic
User: N/A
Computer: ****.*********.org
Description:
Message delivery to the remote domain '*********.org' failed for the following reason: Unable to deliver the message because the destination address was misconfigured as a mail loop.
Which makes me think it's a connector problem on Exchange after all (or two different problems) though my connectors must be ok for the telnet 25 tests to work
Thanks- Latest update - have installed 3rd party free smtp server on member server and set it to relay all emails to Exchange 2007 box and it works, I can only assume something has happened to all my smtp services on my member servers when the last 2003 DC was removed from the domain. Buys be a bit of time to fix the core problem though.
.....but the Exchange box does accept mail from 3rd party smtp services installed on the same member servers. (Re-submitting this as last chain did not reflect original question).
We have a number of member servers that can't submit email to the Exchange 2007 server for the above reason. This only started happening when we removed all 2003 DCs from the domain. Smtpsvc loggin doesn't give any clues as to why the Exch box is not responding to connection attempt. Similarly on Exch itself connector loggin records nothing of the member servers' attempts. Really lost as to where to start troubleshooting this, my feeling is it's a rights issue in the AD somewhere.
Thanks- Merged byElvis Wei -MSFTMSFT, ModeratorMonday, November 09, 2009 6:52 AMduplicate
- Are the email's still sitting in the queue on the member servers? The smtp logs on the member servers have to show some kind of details of them trying to send the email's, can you post part of the logs where it's trying to send the email's.
Thanks
Will
Will Shepherd - MCSE/MCITP/MCTS (Windows 2008,Exchange 2007,OCS 2007) - That's the weird thing there is nothing in the logs to say it's even attempted to contact the Exchange box -
#Software: Microsoft Internet Information Services 6.0
#Version: 1.0
#Date: 2009-11-04 14:23:23
#Fields: date time c-ip cs-username s-sitename s-computername s-ip s-port cs-method cs-uri-stem cs-uri-query sc-status sc-win32-status sc-bytes cs-bytes time-taken cs-version cs-host cs(User-Agent) cs(Cookie) cs(Referer)
2009-11-04 14:23:23 192.168.**.** me SMTPSVC1 MEMBERSERVER 192.168.1.** 0 HELO - +me 250 0 50 7 0 SMTP - - - -
2009-11-04 14:23:40 192.168.**.** me SMTPSVC1 MEMBERSERVER 192.168.1.** 0 MAIL - +from:ql@mydomain.org 250 0 45 30 0 SMTP - - -
2009-11-04 14:23:46 192.168.**.** me SMTPSVC1 MEMBERSERVER 192.168.1.** 0 RCPT - tp 501 0 0 7 0 SMTP - - - -
2009-11-04 14:23:46 192.168.**.** me SMTPSVC1 MEMBERSERVER 192.168.1.** 0 RCPT - +tp 501 0 37 7 0 SMTP - - - -
2009-11-04 14:23:49 192.168.**.** me SMTPSVC1 MEMBERSERVER 192.168.1.** 0 RCPT - tp 501 0 0 7 0 SMTP - - - -
2009-11-04 14:23:49 192.168.**.** me SMTPSVC1 MEMBERSERVER 192.168.1.** 0 RCPT - +tp 501 0 37 7 0 SMTP - - - -
2009-11-04 14:24:03 192.168.**.** me SMTPSVC1 MEMBERSERVER 192.168.1.** 0 RCPT - +to:me@mydomain.org 250 0 42 37 0 SMTP - - - -
2009-11-04 14:24:14 192.168.**.** me SMTPSVC1 MEMBERSERVER 192.168.1.** 0 DATA - <MEMBERSERVERR8K98dkZDjBHJ00000001@memeberserver.mydomain.org> 250 0 137 37 8609 SMTP - - - -
2009-11-04 14:34:34 192.168.**.** me SMTPSVC1 MEMBERSERVER 192.168.1.** 0 TIMEOUT - me 121 738398380 175 37 628563 SMTP - - - -
2009-11-04 14:34:34 192.168.**.** me SMTPSVC1 MEMBERSERVER 192.168.1.** 0 QUIT - me 240 673922 175 37 628563 SMTP - - - -
They just sit in the queue folder until they expire to badmail
Thanks
Tom Hi Tom,
Have you enabled logging on the Exchange 2007 receive connector? I think the log should record something. However, I suggest we use network monitor 3.1 to capture network traffic on both server when sending email.
Microsoft Network Monitor 3.1
How to use Network Monitor
http://blogs.technet.com/netmon/
1. Start the Network Monitor tool, by default there should be a "Microsoft Network Monitor 3.1" icon on the desktop
2. Click on Create a new capture tab on the left pane or from the menu File | New | Capture.
3. Click on Select Networks on the Right pane and check the network interface we wish to monitor.
4. When you are ready to reproduce the problem start the trace, from the Capture menu select Start or click the Play button.
5. Reproduce the problem, please note the exact time that the problem reproduces.
6. Stop the trace, from the Capture menu select Stop or click the stop button.
7. Save the trace, from the File menu select Save As.
8. Check the result and see if you could find some clues there or send it to me.
Thanks,
Elvis
Description:
Message delivery to the remote domain '*********.org' failed for the following reason: Unable to deliver the message because the destination address was misconfigured as a mail loop.
Please check your the settings on Exchange server and SMTP server, see if some settings make the mail loop.- Been on hols but no one has picked this up so back on it. Thanks for merging this Elvis. Our connector setup is standard - client connector for Outlook and default connector for smtp traffic. We have another connector for a Linux box this also listens on port 25, is this ok?
Thanks
Tom Hi,
Have used Microsoft Network Monitor 3.1 on both ends and the only smtp traffic I see is from the member server sender saying it has queued the mail for delivery. Nothing is logged at the Exchange server end.
The reason the 2008 DC reported this error -
Description:
Message delivery to the remote domain '*********.org' failed for the following reason: Unable to deliver the message because the destination address was misconfigured as a mail loop.
Is because it is trying to submit mail to itself. All smtpsvc on all member servers are attempting to submit mail to this 2008 Domain controller and not the Exch server. This seems to be the core of the issue. When the Exch server is set as the smart host in smtpsvc it still can't find it.
Internal DNS has an MX record for the Exch box and all dcdiag tests pass, nslookup tests also pass. Lost as to why all smtpsvc on servers are trying to submit mail to this 2008 DC what would make them do that? Someone must have a clue.
Thanks
Tom- Edited byBBNPA1957 Tuesday, November 17, 2009 6:52 PM
- Looking at the master browser to check the entry for the Exchange server and it reports -
\\EXCHSRV NT 06.00 (W,S,NT,SS)
There doesn't seem to be a flag for Exchange server in the options so I guess I can discount this.
So back to nslookup.....
when I do nslookup
set q=mx
mydomain
It reports the 'responsible mail addr = hostmaster.mydomain.org'
NOTE: Hostmaster is the actual name it gives me not a server name. I do nslookup on hostmaster and it can't find it.
Where is it getting the entry hostmaster from, why hasn't it got the name of the Exchange server as configured in DNS?
Thinking outloud a bit here but suggestions very welcome.
Tom - Using smtpdiag I get this when it looks up MX records on local domain -
Checking local domain records.
Starting TCP and UDP DNS queries for the local domain. This test will try to
validate that DNS is set up correctly for inbound mail. This test can fail for
3 reasons.
1) Local domain is not set up in DNS. Inbound mail cannot be routed to
local mailboxes.
2) Firewall blocks TCP/UDP DNS queries. This will not affect inbound mail,
but will affect outbound mail.
3) Internal DNS is unaware of external DNS settings. This is a valid
configuration for certain topologies.
Checking MX records using TCP: mydomain.org .
A: mydomain.org [192.168.0.1]
A: mydomain.org [192.168.0.2]
A: mydomain.org [192.168.0.3]
A: mydomain.org [192.168.0.4]
A: mydomain.org[192.168.0.5]
Checking MX records using UDP: mydomain.org .
A: mydomain.org [192.168.0.1]
A: mydomain.org [192.168.0.11]
A: mydomain.org [192.168.0.12]
A: mydomain.org [192.168.0.13]
A: mydomain.org [192.168.0.14]
Both TCP and UDP queries succeeded. Local DNS test passed.
The first IP (192.168.0.1) is a DC and the server to which all my member servers' smtpsvc try to send to. One of the IPs is the old now decommissioned Exch 2003 box. Can anyone advise where in DNS I edit these entries to point them to the Exch 2007 server?
Thanks
Tom Fixed now. Two issues effected the same problem. I created a new A record with a different name and pointed it at the Exch box then created a new MX record from this, so that fixed the smtpsvc sending to wrong servers. But still Exch was not excepting mail from 2003 member servers so I routed it though the smtp service on a 2008 box. Still have to find out why 2007 doesn't like our 2003 smtp service but fixed for now.
Thanks for contributions.- Proposed As Answer byBBNPA1957 Wednesday, November 18, 2009 3:53 PM
