locked
New Exchange 2016 Server Can't Send Email to Existing Exchange 2010 Server RRS feed

  • Question

  • We just added an Exchange 2016 server to our network with an existing 2010 Exchange server. I am able to send email from users on the 2010 server to the 2016 server, but users on the 2016 server cannot send mail to anyone on the 2010 server. Both servers can send mail to the Internet OK.  On the 2016 server, messages sent to users on the 2010 server get stuck in queue:

    queue site:default-first-site-name      smtp relay to mailbox delivery group

    In the 2016 event log I get the following:

    Log Name:      Application
    Source:        MSExchangeTransport
    Date:          1/29/2016 10:50:05 PM
    Event ID:      1025
    Task Category: SmtpReceive
    Level:         Error
    Keywords:      Classic
    User:          N/A
    Computer:      XXXXXX
    Description:
    SMTP rejected a (P1) mail from 'HealthMailbox0b3fc79c412f45b7ac2bdce0fe7dd65e@subco.local' with 'Client Proxy XXXXXX' connector and the user authenticated as 'HealthMailbox0b3fc79c412f45b7ac2bdce0fe7dd65e'. The Active Directory lookup for the sender address returned validation errors. Microsoft.Exchange.Data.ProviderError

    I have deleted all of the health mailboxes and recreated them. When I run a Get-Mailbox -Monitoring everything looks ok.

    The messages that are stuck in the 2016 queue eventually show this:

    Remote Server at EXCHANGE2010.xxxxx.local (192.168.20.52) returned '400 4.4.7 Message delayed'
    1/29/2016 9:57:36 PM - Remote Server at EXCHANGE2010.xxxxx.local (192.168.20.52) returned '451 4.4.0 Primary target IP address responded with: "451 5.7.3 Cannot achieve Exchange Server authentication." Attempted failover to alternate host, but that did not succeed. Either there are no alternate hosts, or delivery failed to all alternate hosts. The last endpoint attempted was 192.168.20.52:25'

    Any pointers would be greatly appreciated.


    K Haroldsen

    Saturday, January 30, 2016 7:25 AM

Answers

  • I had an issue with failing to achieve exchange server authentication with 2016 as well. 

    My default receive connector was configured for 0.0.0.0-255.255.255.255.

    I had a relay connector configured with a /24 subnet that my new exchange server is on.

    I specified the specific IP of the exchange server on my default receive connector and they started talking.

    I haven't confirmed but based on the behavior I'm assuming exchange is smart enough to prioritize IPs highest, then gradually smaller networks.


    -=Chris

    • Marked as answer by K Haroldsen Monday, February 8, 2016 6:58 PM
    Saturday, February 6, 2016 12:08 AM

All replies

  • Hi Haroldsen,

    You can check the following settings in Exchange 2010:

    1. check the properties of the Default receive connector and ensure 'Exchange Server authentication' is selected.

    2. make sure that don't have any other receive connector has the same IP ranger of default receive connector. 

    Best regards,


    Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.

    Niko Cheng
    TechNet Community Support

    Monday, February 1, 2016 3:23 AM
  • Thanks for the reply.  Yes, I have checked the receive connectors and they look correct.  I do have an internal relay connector on the 2010 server that has "exchange servers" in the permissions group list which I can't deselect, but the 2016 IP address is not listed in the network IPs for this connector.

    K Haroldsen

    Tuesday, February 2, 2016 4:37 PM
  • Thanks for the reply.  Yes, I have checked the receive connectors and they look correct.  I do have an internal relay connector on the 2010 server that has "exchange servers" in the permissions group list which I can't deselect, but the 2016 IP address is not listed in the network IPs for this connector.

    K Haroldsen

    Are these servers in the same site?  If they're different try forcing AD replication and see what happens.

    I would also double check to make sure the Exchange 2016 server is listed inthe Exchange Servers Security Group in AD.


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread

    Tuesday, February 2, 2016 7:17 PM
  • Yes, they are in the same site. Yes, both servers are in the Exchange Servers AD group.

    K Haroldsen

    Tuesday, February 2, 2016 7:45 PM
  • This is the health mailbox, not a standard user mailbox.

    K Haroldsen

    Tuesday, February 2, 2016 7:45 PM
  • I had an issue with failing to achieve exchange server authentication with 2016 as well. 

    My default receive connector was configured for 0.0.0.0-255.255.255.255.

    I had a relay connector configured with a /24 subnet that my new exchange server is on.

    I specified the specific IP of the exchange server on my default receive connector and they started talking.

    I haven't confirmed but based on the behavior I'm assuming exchange is smart enough to prioritize IPs highest, then gradually smaller networks.


    -=Chris

    • Marked as answer by K Haroldsen Monday, February 8, 2016 6:58 PM
    Saturday, February 6, 2016 12:08 AM
  • Hi Chris

    I know this is old post but I have same issue. 

    Exchange 2010 server can send emails to mailboxes on exchange 2016 but exchange 2016 is not able to send emails to exchange 2010 server. 

    There are 4 receive connectors and settings on them are all over the place for me to list here. 

    In theory, what should be the settings for receive connectors? 

    1. How many connectors should there be on Exchange 2010 in an environemnt where another exchange server 2016 has just been added to make sure mailboxes on both servers can email each other and that exhcange 2010 being the "gateway" to the Internet, all users can send emails through it outbound. 

    2. Do I need to make a change on Exchange 2016 server for this to work? 

    3. Plan is to eventually migrate away from exchange 2010. What roles/responsibilities do I need to trnasfer from the ex2010 to the ex2016 server and how do I do it? 

    4. I understand that moving mailboxes should be the last step after making sure emails are flowing to Internet through ex2016 AND that all the services e.g. OWA and Outlook Anywhere are also goign through ex2016. 

    I need help with how I do all of these things. 

    Dhaval

    Thursday, October 25, 2018 4:41 PM