none
Mail flow issues between Office 365 Exchange online and On-Prem Exchange Server. RRS feed

  • Question

  • Customer running an Exchange Server organization and Active Directory domain on the Windows Server 2012 R2 updated environment which contain 5 Exchange Servers.  Two servers are used for Exchange Mailbox, Two servers are used for Exchange Client Access and One server is used for Exchange Edge. All these servers are running Exchange CU10. We have purchased Office 365 E3 plan subscription and deployed hybrid configuration of Exchange Online. We are also using Web Application Proxy to published the Exchange virtual directories. Our MX record is pointed on the Office 365 EOP and we have configured a relay option between Office 365 Exchange Online and onprem Exchange (on the Exchange Edge Server) with a SMTP domain of “mx.domain.com”. We have also published all the DNS records to a public DNS for the accessibility of Exchange virtual directories from an External side..

    Currently in our organization a Mail flow issue is occurred between Office 365 and Exchange Edge (Hybrid environment). We have configured a relay setting between Office 365 Exchange Online and Exchange on-prem Environment (on the Exchange Edge Server). We are unable to send or receive emails having attachments larger than “05” MB from everywhere. But in other hand we are able to receive plain text emails from any domain. Our Office 365 users are able to send and receive emails with or without attachments but on premise users are unable to receive or send. These below error I received on the Office 365 Exchange Online message trace. 

    Errors:

    • [{LED=400 4.0.0 Message delivery delayed in active queue}{MSG=};{FQDN=mx.domain.com};{IP=202.141.250.131};{LRT=10/5/2016 9:03:44 AM}]. OutboundProxyTargetIP: 202.141.250.131. OutboundProxyTargetHostName: mx.domain.com
    • [{LED=450 4.4.318 Connection was closed abruptly ‎(SuspiciousRemoteServerError)‎{MSG=};{FQDN=mx.domain.com};{IP=202.141.250.131};{LRT=10/5/2016 9:03:44 AM}]. OutboundProxyTargetIP: 202.141.250.131. OutboundProxyTargetHostName: mx.domain.com
    • [{LED=451 4.7.0 Timeout waiting for client input}{MSG=};{FQDN=mx.domain.com};{IP=202.141.250.131};{LRT=10/5/2016 9:03:44 AM}]. OutboundProxyTargetIP: 202.141.250.131. OutboundProxyTargetHostName: mx.domain.com
    • [{LED=400 4.0.0 Message delivery delayed in active queue};{MSG=};{FQDN=mx.domain.com};{IP=202.141.250.131};{LRT=10/5/2016 9:03:44 AM}]. OutboundProxyTargetIP: 202.141.250.131. OutboundProxyTargetHostName: mx.domain.com
    • [{LED=450 4.4.318 Connection was closed abruptly ‎(SuspiciousRemoteServerError)‎}{MSG=};{FQDN=mx.domain.com};{IP=202.141.250.131};{LRT=10/5/2016 9:03:44 AM}]. OutboundProxyTargetIP: 202.141.250.131. OutboundProxyTargetHostName: mx.domain.com


    MCT & Infrastructure Consultant

    Thursday, October 6, 2016 6:41 AM

Answers

  • Ed, thanks for your prompt response.

    I have resolved this issue by myself. By changing the setting of ConnectionInActivityTimeout, Connectiontimeout on  the Edge receive connectors and added all EOP public IPs in a trusted list of WHM configuration manager..

    Command:

    Set-ReceiveConnector -Identity "<Edge Receive Connector>" -ConnectionInactivityTimeout 00:05:00 -ConnectionTimeout 00:10:00

    Regards,

    Fuzail


    MCT & Infrastructure Consultant

    • Marked as answer by Fuzail Motan Friday, October 7, 2016 12:46 PM
    • Unmarked as answer by Fuzail Motan Friday, October 7, 2016 12:52 PM
    • Proposed as answer by SyedDaniyal Friday, October 7, 2016 12:52 PM
    • Marked as answer by Fuzail Motan Friday, October 7, 2016 12:53 PM
    Friday, October 7, 2016 12:46 PM

All replies

  • Is there any host between the Edge server and the Internet?  Do you have an Edge Subscription configured?

    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
    Celebrating 20 years of providing Exchange peer support!

    Thursday, October 6, 2016 5:26 PM
    Moderator
  • Do you have an Edge Subscription configured?

    Yes we have configured an Edge subscription in our environment with Exchange Mailbox Servers. 

    Is there any host between the Edge server and the Internet?

    Yes between Edge and Internet there is a firewall which is only used for a NAT. As in Edge server we have private IP which is NAT into a public IP on a firewall. 

    Regards

    Fuzail


    MCT & Infrastructure Consultant

    Thursday, October 6, 2016 6:15 PM
  • Check all connectors and your global configuration.

    Get-ReceiveConnector | FL Name,MaxMessageSize
    Get-SendConnector | FL Name,MaxSendSize
    Get-TransportConfig | FL MaxSendSize,MaxReceiveSize

    In the Exchange Online, check the settings of your outbound connector.

    Do you have any antispam agents on the Edge server?


    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
    Celebrating 20 years of providing Exchange peer support!

    Thursday, October 6, 2016 9:50 PM
    Moderator
  • Ed, this is not an answer.

    I have check all the configurations on the connector level. There is no issue at this side. In Exchange Online, outbound connector is successfully validated. Yes, Exchange default antispam agent is enabled on the Edge Server..

    Regards,

    Fuzail 

     


    MCT & Infrastructure Consultant

    Friday, October 7, 2016 7:55 AM
  • Ed, thanks for your prompt response.

    I have resolved this issue by myself. By changing the setting of ConnectionInActivityTimeout, Connectiontimeout on  the Edge receive connectors and added all EOP public IPs in a trusted list of WHM configuration manager..

    Command:

    Set-ReceiveConnector -Identity "<Edge Receive Connector>" -ConnectionInactivityTimeout 00:05:00 -ConnectionTimeout 00:10:00

    Regards,

    Fuzail


    MCT & Infrastructure Consultant

    • Marked as answer by Fuzail Motan Friday, October 7, 2016 12:46 PM
    • Unmarked as answer by Fuzail Motan Friday, October 7, 2016 12:52 PM
    • Proposed as answer by SyedDaniyal Friday, October 7, 2016 12:52 PM
    • Marked as answer by Fuzail Motan Friday, October 7, 2016 12:53 PM
    Friday, October 7, 2016 12:46 PM