locked
TLS issue - Exchange 2003 RRS feed

  • Question

  • Hi all

    The problem in this case is TLS. The Exchange server is an EXCH2003 and it needs to run TLS towards another company. The server already have several other connectors that use TLS (about 6-7 of them) and they all work as intended. The connector in question is created precisely like the others, but something is not right.

    The outgoing mail get stuck in the outgoing queue and remains there. If I force a connection and check the logs I only get the smtp log below. I have set maximum level in diagnosticlogging on the server, but i get no events logged related to this.

    As can be seen from the listed log below, nothing more happens after the outbound response is Ready-to-start-TLS.

    Any ideas and inputs on how to fix this would be greatly appreciated.

    /Trev

    2012-10-25 08:15:42 1xx.1xx.2xx.100 OutboundConnectionResponse SMTPSVC1 MSG03 - 0 - - 220+Anothercompany.com 0 0 19 0 78 SMTP - - - -
    2012-10-25 08:15:42 1xx.1xx.2xx.100 OutboundConnectionCommand SMTPSVC1 MSG03 - 0 EHLO - msg03.XXX.YY 0 0 4 0 78 SMTP - - - -
    2012-10-25 08:15:42 1xx.1xx.2xx.100 OutboundConnectionResponse SMTPSVC1 MSG03 - 0 - - 250-Anothercompanymailserver 0 0 22 0 156 SMTP - - - -
    2012-10-25 08:15:42 1xx.1xx.2xx.100 OutboundConnectionCommand SMTPSVC1 MSG03 - 0 STARTTLS - - 0 0 8 0 156 SMTP - - - -
    2012-10-25 08:15:42 1xx.1xx.2xx.100 OutboundConnectionResponse SMTPSVC1 MSG03 - 0 - - 220+2.0.0+Ready+to+start+TLS 0 0 28 0 234 SMTP                                                                                                                                                                                               

    Thursday, October 25, 2012 9:00 AM

Answers

  • I suggest you follow this document to check on your problem connector.

    Implementing TLS between two Exchange Server organizations
    http://blogs.technet.com/b/exchange/archive/2006/10/04/3395006.aspx

    From your log information, this seems your Exchange Server cannot create connection with other smtp server, I suggest you follow these steps to troubleshoot the issue:

    <1> use telnet to test with that company's smtp server

    <2> configure connector not use tls to have a try.

    Thanks,

    Evan


    Evan Liu

    TechNet Community Support

    Friday, October 26, 2012 10:25 AM
    Moderator