locked
Email stuck in drafts RRS feed

  • Question

  • Hi All, I've got a brand new exchange 2013 standard environment set up, but I can't seem to get mail flow to work at all. When I try and send a message through OWA, it simply gets stuck in drafts.  I haven't changed the MX Records yet because I don't want to break their existing pop3 email until I get this fixed.  I tried setting up a subdomain as a test, but I get the same results.
    Tuesday, September 8, 2015 9:39 PM

Answers

  • You need to use a static public IP for Exchange for the below reasons:

    1) If you are using a smart host, this smart host will only allow certain IPs to relay email. For this reason, your IP can't change

    2) If you are not using a smart host, your public IP needs to be on your SPF record and you need to have reverse DNS set up for your sending IP. Again, your IP can't change. 

    Please ask your ISP to open up port 25 and set you up with static IPs. You can then configure Exchange to use one o these static IPs. 

    If this is not possible then consider moving to a new ISP or consider hosting your email in Office 365.

    Thanks.


    Mark Gossa

    MCSE 2003, MCITP Enterprise Administrator 2008 R2, MCSA 2012 R2, MCTS Exchange 2010

    Blog: http://markgossa.blogspot.com

    Posts are provided “AS IS” without warranty of any kind, either expressed or implied.

    • Marked as answer by mclaughlk2 Tuesday, October 6, 2015 7:18 PM
    Tuesday, September 15, 2015 8:55 PM

All replies

  • Hi,

    First of all, make sure all the necessary services are running, especially the Exchange Transport service and the Exchange Mailbox Transport Submission Service. If the transport service is running, try to restart it to take a test.

    Meanwhile, check the application log for any related event.

    And check the default settings for receive connector.

    Or try to use Telnet to Test SMTP Communication.

    Best Regards.


    Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com

    Lynn-Li
    TechNet Community Support

    Wednesday, September 9, 2015 1:43 AM
  • Hi,

    please check if you have configured send connector.

    Seems like you are missing send connector


    Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you. Thank you! Off2work

    Wednesday, September 9, 2015 8:43 AM
  • As Off2work says - you need to create or check your send connector.

    Also check that the Exchange 2013 server has outbound SMTP access through your firewall to either the internet or to the smart hosts you are using. You also need to ensure that the Exchange server is included in the source servers that can use the send connector.

    Please post the results of 

    Get-SendConnector | Fl 

    Get-Queue | Fl *error*

    Are you using a smart host or will the Exchange server send email directly to the internet?

    Thanks.


    Mark Gossa

    MCSE 2003, MCITP Enterprise Administrator 2008 R2, MCSA 2012 R2, MCTS Exchange 2010

    Blog: http://markgossa.blogspot.com

    Posts are provided “AS IS” without warranty of any kind, either expressed or implied.

    Wednesday, September 9, 2015 1:15 PM
  • All services are started, I have Exchange in a Hyper-V environment.  I did try reinstalling a couple times so there are some other instances of the two other servers I tried to install, however they're shut off and only the one is currently running.  I tried installing new instances thinking I did  something wrong.  I am trying to use a smart host to filter my outgoing mail.  I was able to telnet to port 25 directly from my workstation on to the exchange server and worked fine.  I did double check the outbound firewall settings and port 25 is open according to shields up.

    Here's the Queue:

    LastError : 451 4.4.0 DNS query failed. The error was: SMTPSEND.DNS.NonExistentDomain; nonexistent domain
    
    LastError : [{LRT=9/9/2015 9:10:37 AM};{LED=441 4.4.1 Error encountered while communicating with primary target IP 
                address: "Failed to connect. Winsock error code: 10061, Win32 error code: 10061." Attempted failover to 
                alternate host, but that did not succeed. Either there are no alternate hosts, or delivery failed to all 
                alternate hosts. The last endpoint attempted was 
                208.65.145.95:25};{FQDN=odysseycomputers.ca.outbound10.mxlogic.net};{IP=208.65.145.95}]
    
    LastError : 
    
    
    

    Here's the send Connector:

    AddressSpaces                : {SMTP:*;1}
    AuthenticationCredential     : 
    CloudServicesMailEnabled     : False
    Comment                      : 
    ConnectedDomains             : {}
    ConnectionInactivityTimeOut  : 00:10:00
    DNSRoutingEnabled            : False
    DomainSecureEnabled          : False
    Enabled                      : True
    ErrorPolicies                : Default
    ForceHELO                    : False
    Fqdn                         : odysseycomputers.ca
    FrontendProxyEnabled         : False
    HomeMTA                      : Microsoft MTA
    HomeMtaServerId              : SERVER02
    Identity                     : External Email Connector
    IgnoreSTARTTLS               : False
    IsScopedConnector            : False
    IsSmtpConnector              : True
    MaxMessageSize               : 35 MB (36,700,160 bytes)
    Name                         : External Email Connector
    Port                         : 25
    ProtocolLoggingLevel         : None
    RequireOorg                  : False
    RequireTLS                   : False
    SmartHostAuthMechanism       : None
    SmartHosts                   : {odysseycomputers.ca.outbound10.mxlogic.net}
    SmartHostsString             : odysseycomputers.ca.outbound10.mxlogic.net
    SmtpMaxMessagesPerConnection : 20
    SourceIPAddress              : 0.0.0.0
    SourceRoutingGroup           : Exchange Routing Group (DWBGZMFD01QNBJR)
    SourceTransportServers       : {SERVER02}
    TlsAuthLevel                 : 
    TlsCertificateName           : 
    TlsDomain                    : 
    UseExternalDNSServersEnabled : True

    Wednesday, September 9, 2015 4:23 PM
  • Hi,

    Is your server called server02? If not, then the source transport server needs to be updated on the send connector. 

    Check the DNS set up. It seems that there are emails bound for domains and Exchange cannot work out what the MX records are.

    Also, check that you can telnet onto odysseycomputers.ca.outbound10.mxlogic.net from the exchange server. If so, use Send-MailMessage and specify the smtpserver parameter to send email from Exchagne through this smart host. If you get errors, please post. 

    Ensure that the smart host is configured to accept email from your new Exchange server IP. If it's an internal smart host then use your internal IP and if external then use your Exchange server public IP.

    If all above is ok then consider restarting the transport services and re-creating the send connector. 

    Thanks.

    Mark Gossa

    MCSE 2003, MCITP Enterprise Administrator 2008 R2, MCSA 2012 R2, MCTS Exchange 2010

    Blog: http://markgossa.blogspot.com

    Posts are provided “AS IS” without warranty of any kind, either expressed or implied.

    Wednesday, September 9, 2015 4:35 PM
  • Our smart host is McAfee SaaS, and I've configured it to accept our external IP. I have set up a subdomain for testing purposes as the main domain is still in use while this is being setup. remote.domain.ca has mx records pointing to my external ip where domain.ca has mx records still pointing to my hosting provider. I'm trying to set up remote.domain.ca for testing purposes so I don't muck up our prod environment. I'll test the Send-MailMEssage and smtpserver parameter and report back

    Wednesday, September 9, 2015 4:52 PM
  • OK so I can't telnet from the server to the smart host as its restricted, but I can telnet from the smart host onto the exchange server.  When I use the sne-mailmessage command, I get the following error:

    Send-MailMessage : The email cannot be sent because no SMTP server was specified. You must specify an SMTP server by
    using either the SmtpServer parameter or the $PSEmailServer variable.

    I used the following example:

    send-mailmessage -to "User01 <user01@example.com>" -from "User02 <user02@example.com>" -subject "Test mail"

    Wednesday, September 9, 2015 5:52 PM
  • After I insert the -SmtpServer **smart host address** in at the end of the command it returns:

    Send-MailMessage : Unable to connect to the remote server

    Wednesday, September 9, 2015 5:56 PM
  • As I mentioned above, I have tried installing exchange a couple of different times in separate VM's so there are instances still in existence.  I have disabled the receive connectors on those servers I'm not using.  I recreated my send connector so it's pointing to server02.  Here's a read out of my receive connectors:

    RunspaceId                              : 8b6239c2-6256-492d-8686-beb5e0942528
    AuthMechanism                           : Tls, Integrated, BasicAuth, BasicAuthRequireTLS, ExchangeServer
    Banner                                  : 
    BinaryMimeEnabled                       : True
    Bindings                                : {0.0.0.0:2525, [::]:2525}
    ChunkingEnabled                         : True
    DefaultDomain                           : 
    DeliveryStatusNotificationEnabled       : True
    EightBitMimeEnabled                     : True
    BareLinefeedRejectionEnabled            : False
    DomainSecureEnabled                     : False
    EnhancedStatusCodesEnabled              : True
    LongAddressesEnabled                    : False
    OrarEnabled                             : False
    SuppressXAnonymousTls                   : False
    ProxyEnabled                            : False
    AdvertiseClientSettings                 : False
    Fqdn                                    : server02.ody.local
    ServiceDiscoveryFqdn                    : 
    TlsCertificateName                      : 
    Comment                                 : 
    Enabled                                 : True
    ConnectionTimeout                       : 00:10:00
    ConnectionInactivityTimeout             : 00:05:00
    MessageRateLimit                        : Unlimited
    MessageRateSource                       : IPAddress
    MaxInboundConnection                    : 5000
    MaxInboundConnectionPerSource           : Unlimited
    MaxInboundConnectionPercentagePerSource : 100
    MaxHeaderSize                           : 128 KB (131,072 bytes)
    MaxHopCount                             : 60
    MaxLocalHopCount                        : 12
    MaxLogonFailures                        : 3
    MaxMessageSize                          : 35 MB (36,700,160 bytes)
    MaxProtocolErrors                       : 5
    MaxRecipientsPerMessage                 : 5000
    PermissionGroups                        : ExchangeUsers, ExchangeServers, ExchangeLegacyServers
    PipeliningEnabled                       : True
    ProtocolLoggingLevel                    : None
    RemoteIPRanges                          : {::-ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff, 0.0.0.0-255.255.255.255}
    RequireEHLODomain                       : False
    RequireTLS                              : False
    EnableAuthGSSAPI                        : False
    ExtendedProtectionPolicy                : None
    LiveCredentialEnabled                   : False
    TlsDomainCapabilities                   : {}
    Server                                  : SERVER02
    TransportRole                           : HubTransport
    SizeEnabled                             : EnabledWithoutValue
    TarpitInterval                          : 00:00:05
    MaxAcknowledgementDelay                 : 00:00:30
    AdminDisplayName                        : 
    ExchangeVersion                         : 0.1 (8.0.535.0)
    Name                                    : Default SERVER02
    DistinguishedName                       : CN=Default SERVER02,CN=SMTP Receive 
                                              Connectors,CN=Protocols,CN=SERVER02,CN=Servers,CN=Exchange Administrative 
                                              Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=First 
                                              Organization,CN=Microsoft 
                                              Exchange,CN=Services,CN=Configuration,DC=ody,DC=local
    Identity                                : SERVER02\Default SERVER02
    Guid                                    : 900eba03-9eb1-4efc-a266-6a98981381e8
    ObjectCategory                          : ody.local/Configuration/Schema/ms-Exch-Smtp-Receive-Connector
    ObjectClass                             : {top, msExchSmtpReceiveConnector}
    WhenChanged                             : 8/17/2015 2:37:05 PM
    WhenCreated                             : 8/7/2015 2:51:11 PM
    WhenChangedUTC                          : 8/17/2015 9:37:05 PM
    WhenCreatedUTC                          : 8/7/2015 9:51:11 PM
    OrganizationId                          : 
    OriginatingServer                       : Server01.ody.local
    IsValid                                 : True
    ObjectState                             : Unchanged
    
    RunspaceId                              : 8b6239c2-6256-492d-8686-beb5e0942528
    AuthMechanism                           : Tls, Integrated, BasicAuth, BasicAuthRequireTLS, ExchangeServer
    Banner                                  : 
    BinaryMimeEnabled                       : True
    Bindings                                : {[::]:465, 0.0.0.0:465}
    ChunkingEnabled                         : True
    DefaultDomain                           : 
    DeliveryStatusNotificationEnabled       : True
    EightBitMimeEnabled                     : True
    BareLinefeedRejectionEnabled            : False
    DomainSecureEnabled                     : False
    EnhancedStatusCodesEnabled              : True
    LongAddressesEnabled                    : False
    OrarEnabled                             : False
    SuppressXAnonymousTls                   : False
    ProxyEnabled                            : False
    AdvertiseClientSettings                 : False
    Fqdn                                    : server02.ody.local
    ServiceDiscoveryFqdn                    : 
    TlsCertificateName                      : 
    Comment                                 : 
    Enabled                                 : True
    ConnectionTimeout                       : 00:10:00
    ConnectionInactivityTimeout             : 00:05:00
    MessageRateLimit                        : 5
    MessageRateSource                       : User
    MaxInboundConnection                    : 5000
    MaxInboundConnectionPerSource           : 20
    MaxInboundConnectionPercentagePerSource : 2
    MaxHeaderSize                           : 128 KB (131,072 bytes)
    MaxHopCount                             : 60
    MaxLocalHopCount                        : 12
    MaxLogonFailures                        : 3
    MaxMessageSize                          : 35 MB (36,700,160 bytes)
    MaxProtocolErrors                       : 5
    MaxRecipientsPerMessage                 : 200
    PermissionGroups                        : ExchangeUsers, ExchangeServers
    PipeliningEnabled                       : True
    ProtocolLoggingLevel                    : None
    RemoteIPRanges                          : {::-ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff, 0.0.0.0-255.255.255.255}
    RequireEHLODomain                       : False
    RequireTLS                              : False
    EnableAuthGSSAPI                        : True
    ExtendedProtectionPolicy                : None
    LiveCredentialEnabled                   : False
    TlsDomainCapabilities                   : {}
    Server                                  : SERVER02
    TransportRole                           : HubTransport
    SizeEnabled                             : Enabled
    TarpitInterval                          : 00:00:05
    MaxAcknowledgementDelay                 : 00:00:30
    AdminDisplayName                        : 
    ExchangeVersion                         : 0.1 (8.0.535.0)
    Name                                    : Client Proxy SERVER02
    DistinguishedName                       : CN=Client Proxy SERVER02,CN=SMTP Receive 
                                              Connectors,CN=Protocols,CN=SERVER02,CN=Servers,CN=Exchange Administrative 
                                              Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=First 
                                              Organization,CN=Microsoft 
                                              Exchange,CN=Services,CN=Configuration,DC=ody,DC=local
    Identity                                : SERVER02\Client Proxy SERVER02
    Guid                                    : 23d1a8db-63cf-47b2-85cb-6133b58187f5
    ObjectCategory                          : ody.local/Configuration/Schema/ms-Exch-Smtp-Receive-Connector
    ObjectClass                             : {top, msExchSmtpReceiveConnector}
    WhenChanged                             : 8/7/2015 2:51:12 PM
    WhenCreated                             : 8/7/2015 2:51:12 PM
    WhenChangedUTC                          : 8/7/2015 9:51:12 PM
    WhenCreatedUTC                          : 8/7/2015 9:51:12 PM
    OrganizationId                          : 
    OriginatingServer                       : Server01.ody.local
    IsValid                                 : True
    ObjectState                             : Unchanged
    
    RunspaceId                              : 8b6239c2-6256-492d-8686-beb5e0942528
    AuthMechanism                           : Tls, Integrated, BasicAuth, BasicAuthRequireTLS, ExchangeServer
    Banner                                  : 
    BinaryMimeEnabled                       : True
    Bindings                                : {[::]:25, 0.0.0.0:25}
    ChunkingEnabled                         : True
    DefaultDomain                           : 
    DeliveryStatusNotificationEnabled       : True
    EightBitMimeEnabled                     : True
    BareLinefeedRejectionEnabled            : False
    DomainSecureEnabled                     : True
    EnhancedStatusCodesEnabled              : True
    LongAddressesEnabled                    : False
    OrarEnabled                             : False
    SuppressXAnonymousTls                   : False
    ProxyEnabled                            : False
    AdvertiseClientSettings                 : False
    Fqdn                                    : server02.ody.local
    ServiceDiscoveryFqdn                    : 
    TlsCertificateName                      : 
    Comment                                 : 
    Enabled                                 : True
    ConnectionTimeout                       : 00:10:00
    ConnectionInactivityTimeout             : 00:05:00
    MessageRateLimit                        : Unlimited
    MessageRateSource                       : IPAddress
    MaxInboundConnection                    : 5000
    MaxInboundConnectionPerSource           : 20
    MaxInboundConnectionPercentagePerSource : 2
    MaxHeaderSize                           : 128 KB (131,072 bytes)
    MaxHopCount                             : 60
    MaxLocalHopCount                        : 12
    MaxLogonFailures                        : 3
    MaxMessageSize                          : 36 MB (37,748,736 bytes)
    MaxProtocolErrors                       : 5
    MaxRecipientsPerMessage                 : 200
    PermissionGroups                        : AnonymousUsers, ExchangeServers, ExchangeLegacyServers
    PipeliningEnabled                       : True
    ProtocolLoggingLevel                    : Verbose
    RemoteIPRanges                          : {::-ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff, 0.0.0.0-255.255.255.255}
    RequireEHLODomain                       : False
    RequireTLS                              : False
    EnableAuthGSSAPI                        : False
    ExtendedProtectionPolicy                : None
    LiveCredentialEnabled                   : False
    TlsDomainCapabilities                   : {}
    Server                                  : SERVER02
    TransportRole                           : FrontendTransport
    SizeEnabled                             : Enabled
    TarpitInterval                          : 00:00:05
    MaxAcknowledgementDelay                 : 00:00:30
    AdminDisplayName                        : 
    ExchangeVersion                         : 0.1 (8.0.535.0)
    Name                                    : Default Frontend SERVER02
    DistinguishedName                       : CN=Default Frontend SERVER02,CN=SMTP Receive 
                                              Connectors,CN=Protocols,CN=SERVER02,CN=Servers,CN=Exchange Administrative 
                                              Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=First 
                                              Organization,CN=Microsoft 
                                              Exchange,CN=Services,CN=Configuration,DC=ody,DC=local
    Identity                                : SERVER02\Default Frontend SERVER02
    Guid                                    : 5588c5d8-3b80-495f-a205-5ddb5021e763
    ObjectCategory                          : ody.local/Configuration/Schema/ms-Exch-Smtp-Receive-Connector
    ObjectClass                             : {top, msExchSmtpReceiveConnector}
    WhenChanged                             : 8/17/2015 2:47:38 PM
    WhenCreated                             : 8/7/2015 3:46:09 PM
    WhenChangedUTC                          : 8/17/2015 9:47:38 PM
    WhenCreatedUTC                          : 8/7/2015 10:46:09 PM
    OrganizationId                          : 
    OriginatingServer                       : Server01.ody.local
    IsValid                                 : True
    ObjectState                             : Unchanged
    
    RunspaceId                              : 8b6239c2-6256-492d-8686-beb5e0942528
    AuthMechanism                           : Tls, Integrated, BasicAuth, BasicAuthRequireTLS, ExchangeServer
    Banner                                  : 
    BinaryMimeEnabled                       : True
    Bindings                                : {[::]:717, 0.0.0.0:717}
    ChunkingEnabled                         : True
    DefaultDomain                           : 
    DeliveryStatusNotificationEnabled       : True
    EightBitMimeEnabled                     : True
    BareLinefeedRejectionEnabled            : False
    DomainSecureEnabled                     : True
    EnhancedStatusCodesEnabled              : True
    LongAddressesEnabled                    : False
    OrarEnabled                             : False
    SuppressXAnonymousTls                   : False
    ProxyEnabled                            : False
    AdvertiseClientSettings                 : False
    Fqdn                                    : server02.ody.local
    ServiceDiscoveryFqdn                    : 
    TlsCertificateName                      : 
    Comment                                 : 
    Enabled                                 : True
    ConnectionTimeout                       : 00:10:00
    ConnectionInactivityTimeout             : 00:05:00
    MessageRateLimit                        : Unlimited
    MessageRateSource                       : IPAddress
    MaxInboundConnection                    : 5000
    MaxInboundConnectionPerSource           : 20
    MaxInboundConnectionPercentagePerSource : 2
    MaxHeaderSize                           : 128 KB (131,072 bytes)
    MaxHopCount                             : 60
    MaxLocalHopCount                        : 12
    MaxLogonFailures                        : 3
    MaxMessageSize                          : 36 MB (37,748,736 bytes)
    MaxProtocolErrors                       : 5
    MaxRecipientsPerMessage                 : 200
    PermissionGroups                        : ExchangeServers
    PipeliningEnabled                       : True
    ProtocolLoggingLevel                    : Verbose
    RemoteIPRanges                          : {::-ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff, 0.0.0.0-255.255.255.255}
    RequireEHLODomain                       : False
    RequireTLS                              : False
    EnableAuthGSSAPI                        : False
    ExtendedProtectionPolicy                : None
    LiveCredentialEnabled                   : False
    TlsDomainCapabilities                   : {}
    Server                                  : SERVER02
    TransportRole                           : FrontendTransport
    SizeEnabled                             : Enabled
    TarpitInterval                          : 00:00:05
    MaxAcknowledgementDelay                 : 00:00:30
    AdminDisplayName                        : 
    ExchangeVersion                         : 0.1 (8.0.535.0)
    Name                                    : Outbound Proxy Frontend SERVER02
    DistinguishedName                       : CN=Outbound Proxy Frontend SERVER02,CN=SMTP Receive 
                                              Connectors,CN=Protocols,CN=SERVER02,CN=Servers,CN=Exchange Administrative 
                                              Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=First 
                                              Organization,CN=Microsoft 
                                              Exchange,CN=Services,CN=Configuration,DC=ody,DC=local
    Identity                                : SERVER02\Outbound Proxy Frontend SERVER02
    Guid                                    : 09a7b699-346c-40de-9bf2-f91653f3a6c1
    ObjectCategory                          : ody.local/Configuration/Schema/ms-Exch-Smtp-Receive-Connector
    ObjectClass                             : {top, msExchSmtpReceiveConnector}
    WhenChanged                             : 8/7/2015 3:46:12 PM
    WhenCreated                             : 8/7/2015 3:46:11 PM
    WhenChangedUTC                          : 8/7/2015 10:46:12 PM
    WhenCreatedUTC                          : 8/7/2015 10:46:11 PM
    OrganizationId                          : 
    OriginatingServer                       : Server01.ody.local
    IsValid                                 : True
    ObjectState                             : Unchanged
    
    RunspaceId                              : 8b6239c2-6256-492d-8686-beb5e0942528
    AuthMechanism                           : Tls, Integrated, BasicAuth
    Banner                                  : 
    BinaryMimeEnabled                       : True
    Bindings                                : {[::]:587, 0.0.0.0:587}
    ChunkingEnabled                         : True
    DefaultDomain                           : 
    DeliveryStatusNotificationEnabled       : True
    EightBitMimeEnabled                     : True
    BareLinefeedRejectionEnabled            : False
    DomainSecureEnabled                     : False
    EnhancedStatusCodesEnabled              : True
    LongAddressesEnabled                    : False
    OrarEnabled                             : False
    SuppressXAnonymousTls                   : False
    ProxyEnabled                            : False
    AdvertiseClientSettings                 : False
    Fqdn                                    : server02.ody.local
    ServiceDiscoveryFqdn                    : 
    TlsCertificateName                      : 
    Comment                                 : 
    Enabled                                 : True
    ConnectionTimeout                       : 00:10:00
    ConnectionInactivityTimeout             : 00:05:00
    MessageRateLimit                        : 5
    MessageRateSource                       : User
    MaxInboundConnection                    : 5000
    MaxInboundConnectionPerSource           : 20
    MaxInboundConnectionPercentagePerSource : 2
    MaxHeaderSize                           : 128 KB (131,072 bytes)
    MaxHopCount                             : 60
    MaxLocalHopCount                        : 12
    MaxLogonFailures                        : 3
    MaxMessageSize                          : 35 MB (36,700,160 bytes)
    MaxProtocolErrors                       : 5
    MaxRecipientsPerMessage                 : 200
    PermissionGroups                        : ExchangeUsers
    PipeliningEnabled                       : True
    ProtocolLoggingLevel                    : None
    RemoteIPRanges                          : {::-ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff, 0.0.0.0-255.255.255.255}
    RequireEHLODomain                       : False
    RequireTLS                              : False
    EnableAuthGSSAPI                        : True
    ExtendedProtectionPolicy                : None
    LiveCredentialEnabled                   : False
    TlsDomainCapabilities                   : {}
    Server                                  : SERVER02
    TransportRole                           : FrontendTransport
    SizeEnabled                             : Enabled
    TarpitInterval                          : 00:00:05
    MaxAcknowledgementDelay                 : 00:00:30
    AdminDisplayName                        : 
    ExchangeVersion                         : 0.1 (8.0.535.0)
    Name                                    : Client Frontend SERVER02
    DistinguishedName                       : CN=Client Frontend SERVER02,CN=SMTP Receive 
                                              Connectors,CN=Protocols,CN=SERVER02,CN=Servers,CN=Exchange Administrative 
                                              Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=First 
                                              Organization,CN=Microsoft 
                                              Exchange,CN=Services,CN=Configuration,DC=ody,DC=local
    Identity                                : SERVER02\Client Frontend SERVER02
    Guid                                    : 068fe34f-4a13-4bab-927a-26f17047d051
    ObjectCategory                          : ody.local/Configuration/Schema/ms-Exch-Smtp-Receive-Connector
    ObjectClass                             : {top, msExchSmtpReceiveConnector}
    WhenChanged                             : 9/4/2015 4:21:46 PM
    WhenCreated                             : 8/7/2015 3:46:13 PM
    WhenChangedUTC                          : 9/4/2015 11:21:46 PM
    WhenCreatedUTC                          : 8/7/2015 10:46:13 PM
    OrganizationId                          : 
    OriginatingServer                       : Server01.ody.local
    IsValid                                 : True
    ObjectState                             : Unchanged
    

    Wednesday, September 9, 2015 6:18 PM
  • You should be able to telnet onto port 25 of the smart host from the Exchange server. Run the below command:

    telnet IPofSmartHost 25

    This should connect. If it doesn't then that means some of the causes are below:

    - Some software on Exchange is blocking outbound port 25 traffic. I've seen the McAfee AV Access Protection component do this. Try disable it and try again.

    - Outbound SMTP traffic through your site firewall is not allowed from Exchange to the smart host. Please check.

    - Windows firewall on Exchange blocking outbound SMTP traffic. This is very unlikely and only the case if an engineer has created a rule to block it. 

    In all of this troubleshooting, I'm assuming that your smarthost is configured to listen on port 25. Please let me know if this is wrong.

    Thanks.


    Mark Gossa

    MCSE 2003, MCITP Enterprise Administrator 2008 R2, MCSA 2012 R2, MCTS Exchange 2010

    Blog: http://markgossa.blogspot.com

    Posts are provided “AS IS” without warranty of any kind, either expressed or implied.

    Wednesday, September 9, 2015 7:22 PM
  • sorry for not responding earlier.  Got busy with clients...this is an in house project so it gets pushed to the side when we're busy.

    I am unable to telnet directly to the smart hosts due to security permissions with the provider.  However I can telnet directly into the ip of the server to port 25 from outside the network, and from my workstation.

    No antivirus software is installed directly on the server, and Windows firewalls are disabled.  The smart host does listen on port 25, and it is able to telnet from the smart host to the server.  Just not the other way around...I tested other smart hosts that we have this set up on and you can't telnet to them either.

    Thursday, September 10, 2015 10:25 PM
  • interesting, OK....so I just found this article:

    http://thoughtsofanidlemind.com/2013/03/25/exchange-2013-dns-stuck-messages/

    I think it might be DNS related problems.  I reconfigured my dns settings to point to the hyper-v network adapter and pointed the dns server to my dc and my router.  Rebooted the transport service and they're no longer stuck in drafts.  However, mail isn't flowing through.

    Thursday, September 10, 2015 10:37 PM
  • So I took off the smart host, rebooted the transport service again but left the dns configured as above and now its stuck in drafts again.  I'm thinking maybe firewall rules on my router?
    Thursday, September 10, 2015 10:42 PM
  • ok so since now the send connector has "Use external dns" on, and my adapters are pointing to my dc and my router for dns, now I'm getting the following error in the transport logs:

    SmtpResponse:451 4.4.0 DNS query failed. The error was: SMTPSEND.DNS.NonExistentDomain; nonexistent domain

    Thursday, September 10, 2015 11:34 PM
  • Turning on UseExternalDNSServersEnabled means that Exchange server will use the DNS servers configured on the Transport Service rather than the DNS servers on the NIC. 

    Run this command to use the DNS servers configured on the NIC:

    Set-SendConnector "External Email Connector" -UseExternalDNSServersEnabled:$false

    Then restart the Transport Service and test again. 

    If you do still find emails stuck in the queue, please send through the error messages by running the below:

    Get-Queue | fl name,*count*,*error*

    Thanks.


    Mark Gossa

    MCSE 2003, MCITP Enterprise Administrator 2008 R2, MCSA 2012 R2, MCTS Exchange 2010

    Blog: http://markgossa.blogspot.com

    Posts are provided “AS IS” without warranty of any kind, either expressed or implied.

    Friday, September 11, 2015 9:42 AM
  • OK, I ran the Set-SendConnector command, restarted the transport service, and this is what I got when I tried sending an email after it got stuck in drafts:

    MessageCount                     : 192
    RetryCount                       : 0
    DeferredMessageCount             : 0
    LockedMessageCount               : 0
    MessageCountsPerPriority         : {0, 0, 0, 0}
    DeferredMessageCountsPerPriority : {0, 1, 191, 0}
    LastError                        : 451 4.4.0 DNS query failed. The error was: SMTPSEND.DNS.NonExistentDomain; 
                                       nonexistent domain
    
    MessageCount                     : 13
    RetryCount                       : 2
    DeferredMessageCount             : 0
    LockedMessageCount               : 0
    MessageCountsPerPriority         : {0, 0, 0, 0}
    DeferredMessageCountsPerPriority : {0, 11, 2, 0}
    LastError                        : [{LRT=9/11/2015 9:14:42 AM};{LED=441 4.4.1 Error encountered while communicating 
                                       with primary target IP address: "Failed to connect. Winsock error code: 10061, 
                                       Win32 error code: 10061." Attempted failover to alternate host, but that did not 
                                       succeed. Either there are no alternate hosts, or delivery failed to all alternate 
                                       hosts. The last endpoint attempted was 208.65.145.95:25};{FQDN=odysseycomputers.ca.o
                                       utbound10.mxlogic.net};{IP=208.65.145.95}]
    
    MessageCount                     : 0
    RetryCount                       : 0
    DeferredMessageCount             : 0
    LockedMessageCount               : 0
    MessageCountsPerPriority         : 
    DeferredMessageCountsPerPriority : 
    LastError                        : 

    Friday, September 11, 2015 4:16 PM
  • So to me this sounds like it's stopping at the smart host?
    Friday, September 11, 2015 8:57 PM
  • No, Exchange is reporting that it cannot connect to the smarthost - winsock error 10061 is "connection refused". Email is queuing up on Exchange, not the smarthost. 

    As per one of my previous replies, please check that you can telnet onto the smart host from the Exchange server. Log into the Exchange server, install the telnet client if not already installed and run the below:

    telnet odysseycomputers.ca.outbound10.mxlogic.net 25

    This must connect - you must a 220 banner with the smarthost name when you you hit enter. I understand that you can telnet onto Exchange on port 25 but you need to ensure you can connect to your smarthost from your Exchange server on the same port. If this doesn't work then you need to look at your routing and your firewall. Your firewall needs to allow outbound traffic on TCP port 25 from your Exchange server to your smarthost IPs which are 208.65.145.95 and 208.65.144.95. 

    I've confirmed that your Exchange server is resolving the correct IP of the smarthost. 

    I'm able to telnet onto 208.65.145.95 on port 25 however unable to telnet onto 208.65.144.95 on port 25. You should get the same results from your Exchange server. 

    As a side note, it seems like you have emails queuing up in two different queues. Please can you post the results of:

    Get-Queue | fl

    Thanks.


    Mark Gossa

    MCSE 2003, MCITP Enterprise Administrator 2008 R2, MCSA 2012 R2, MCTS Exchange 2010

    Blog: http://markgossa.blogspot.com

    Posts are provided “AS IS” without warranty of any kind, either expressed or implied.

    Friday, September 11, 2015 10:40 PM
  • Here's the result of Get-Queue | fl:

    RunspaceId                       : f90e5cb6-12f1-4ea9-8770-12250c2bf53c
    DeliveryType                     : Undefined
    NextHopDomain                    : Submission
    TlsDomain                        :
    NextHopConnector                 : 00000000-0000-0000-0000-000000000000
    Status                           : Ready
    MessageCount                     : 0
    LastError                        :
    RetryCount                       : 0
    LastRetryTime                    :
    NextRetryTime                    :
    DeferredMessageCount             : 0
    LockedMessageCount               : 0
    MessageCountsPerPriority         :
    DeferredMessageCountsPerPriority :
    RiskLevel                        : Normal
    OutboundIPPool                   : 0
    NextHopCategory                  : Internal
    IncomingRate                     : 0
    OutgoingRate                     : 0
    Velocity                         : 0
    QueueIdentity                    : server02\Submission
    PriorityDescriptions             : {High, Normal, Low, None}
    Identity                         : server02\Submission
    IsValid                          : True
    ObjectState                      : New

    I went and added in a group of ip addresses that my spam provider suggests but no dice.  Still same issue.

    Monday, September 14, 2015 5:49 PM
  • Hi,

    You need to be able to telnet onto the smarthost IP from the Exchange server on the port that the smarthost is configured to listen on. In your case, run the below command on the Exchange server:

    telnet odysseycomputers.ca.outbound10.mxlogic.net 25

    If this doesn't connect, this can be for one of the following reasons:

    1) Software on Exchange is blocking outbound port 25 traffic. I've seen the McAfee AV Access Protection component do this. Try disable it and try again.

    2) Outbound SMTP traffic through your site firewall is not allowed from Exchange to the smart host. Please check.

    3) Windows firewall on Exchange blocking outbound SMTP traffic. This is very unlikely and only the case if an engineer has created a rule to block it. 

    4) Your ISP is blocking SMTP traffic

    5) The smarthost is configured to listen on a different port

    Please check all 5 causes and resolve any issues.

    Thanks.


    Mark Gossa

    MCSE 2003, MCITP Enterprise Administrator 2008 R2, MCSA 2012 R2, MCTS Exchange 2010

    Blog: http://markgossa.blogspot.com

    Posts are provided “AS IS” without warranty of any kind, either expressed or implied.

    Monday, September 14, 2015 8:14 PM
  • OK, I was able to telnet onto my smart host on another clients pc who was not on the same ISP as we were and it got through however didn't reach exchange.  This is telling me that my ISP is blocking port 25 I would assume.
    Monday, September 14, 2015 9:37 PM
  • This means it is either your ISP or your firewall which is blocking the outbound SMTP traffic. Please eliminate your firewall by checking that it is not blocking outbound traffic on port 25. 

    Thanks.


    Mark Gossa

    MCSE 2003, MCITP Enterprise Administrator 2008 R2, MCSA 2012 R2, MCTS Exchange 2010

    Blog: http://markgossa.blogspot.com

    Posts are provided “AS IS” without warranty of any kind, either expressed or implied.

    Monday, September 14, 2015 11:32 PM
  • OK so I've done quite a bit last night.  I removed my two bad exchange servers that I tried installing in my lab so now I only have 1 showing.  I called my vendor last night for support on the smart host and we determined that my ISP is blocking port 25.  I changed the send connector to port 2525 (via the exchange console), removed the smart host because apparently they can only use port 25.  Sent another test msg, still sitting in drafts.  I ran the Get-Queue | fl name,*count*,*error*:

    MessageCount                     : 4
    RetryCount                       : 6
    DeferredMessageCount             : 0
    LockedMessageCount               : 0
    MessageCountsPerPriority         : {0, 0, 0, 0}
    DeferredMessageCountsPerPriority : {0, 4, 0, 0}
    LastError                        : [{LRT=9/15/2015 10:20:12 AM};{LED=441 4.4.1 Error encountered while communicating
                                       with primary target IP address: "Failed to connect. Winsock error code: 10060,
                                       Win32 error code: 10060." Attempted failover to alternate host, but that did not
                                       succeed. Either there are no alternate hosts, or delivery failed to all alternate
                                       hosts. The last endpoint attempted was
                                       207.46.163.247:2525};{FQDN=chorister.net};{IP=207.46.163.247}]
    
    MessageCount                     : 3
    RetryCount                       : 7
    DeferredMessageCount             : 0
    LockedMessageCount               : 0
    MessageCountsPerPriority         : {0, 0, 0, 0}
    DeferredMessageCountsPerPriority : {0, 3, 0, 0}
    LastError                        : [{LRT=9/15/2015 10:19:07 AM};{LED=441 4.4.1 Error encountered while communicating
                                       with primary target IP address: "Failed to connect. Winsock error code: 10061,
                                       Win32 error code: 10061." Attempted failover to alternate host, but that did not
                                       succeed. Either there are no alternate hosts, or delivery failed to all alternate
                                       hosts. The last endpoint attempted was
                                       207.167.198.18:2525};{FQDN=telus.net};{IP=207.167.198.18}]
    
    MessageCount                     : 0
    RetryCount                       : 0
    DeferredMessageCount             : 0
    LockedMessageCount               : 0
    MessageCountsPerPriority         :
    DeferredMessageCountsPerPriority :
    LastError                        :

    Tuesday, September 15, 2015 5:29 PM
  • I ran the Get-Queue again after a couple more tests and I'm getting a DNS error again:

    MessageCount                     : 4
    RetryCount                       : 10
    DeferredMessageCount             : 0
    LockedMessageCount               : 0
    MessageCountsPerPriority         : {0, 0, 0, 0}
    DeferredMessageCountsPerPriority : {0, 4, 0, 0}
    LastError                        : [{LRT=9/15/2015 10:44:26 AM};{LED=441 4.4.1 Error encountered while communicating
                                       with primary target IP address: "Failed to connect. Winsock error code: 10060,
                                       Win32 error code: 10060." Attempted failover to alternate host, but that did not
                                       succeed. Either there are no alternate hosts, or delivery failed to all alternate
                                       hosts. The last endpoint attempted was
                                       207.46.163.215:2525};{FQDN=chorister.net};{IP=207.46.163.215}]
    
    MessageCount                     : 3
    RetryCount                       : 11
    DeferredMessageCount             : 0
    LockedMessageCount               : 0
    MessageCountsPerPriority         : {0, 0, 0, 0}
    DeferredMessageCountsPerPriority : {0, 3, 0, 0}
    LastError                        : [{LRT=9/15/2015 10:44:12 AM};{LED=441 4.4.1 Error encountered while communicating
                                       with primary target IP address: "Failed to connect. Winsock error code: 10061,
                                       Win32 error code: 10061." Attempted failover to alternate host, but that did not
                                       succeed. Either there are no alternate hosts, or delivery failed to all alternate
                                       hosts. The last endpoint attempted was
                                       207.167.198.18:2525};{FQDN=telus.net};{IP=207.167.198.18}]
    
    MessageCount                     : 7
    RetryCount                       : 3
    DeferredMessageCount             : 0
    LockedMessageCount               : 0
    MessageCountsPerPriority         : {0, 0, 0, 0}
    DeferredMessageCountsPerPriority : {0, 7, 0, 0}
    LastError                        : 451 4.4.0 DNS query failed. The error was: SMTPSEND.DNS.NonExistentDomain;
                                       nonexistent domain
    
    MessageCount                     : 0
    RetryCount                       : 0
    DeferredMessageCount             : 0
    LockedMessageCount               : 0
    MessageCountsPerPriority         :
    DeferredMessageCountsPerPriority :
    LastError                        :

    Tuesday, September 15, 2015 5:53 PM
  • Hi,

    If you are not using a smart host, you need to be able to connect to the recipient email servers using port 25. If this is not possible then you need to use a smart host which accepts connections on another port which is allowed by your ISP. 

    In your case, your smart host requires port 25 so this leaves you with two options:

    1) Ask your ISP to open up outbound port 25 traffic to the internet (recommended)

    2) Find another smart host provider that will allow you to connect on a different port

    Please go for option 1 and contact your ISP. This should resolve your issues. Please mark as answer if this fixes your issue.

    Thanks.


    Mark Gossa

    MCSE 2003, MCITP Enterprise Administrator 2008 R2, MCSA 2012 R2, MCTS Exchange 2010

    Blog: http://markgossa.blogspot.com

    Posts are provided “AS IS” without warranty of any kind, either expressed or implied.

    • Proposed as answer by Mark Gossa Tuesday, September 15, 2015 7:26 PM
    Tuesday, September 15, 2015 7:26 PM
  • OK I just discovered our IP is blacklisted as per mxtoolbox.  I'm on hold with our ISP to try and get a new DHCP address.
    Tuesday, September 15, 2015 8:33 PM
  • You need to use a static public IP for Exchange for the below reasons:

    1) If you are using a smart host, this smart host will only allow certain IPs to relay email. For this reason, your IP can't change

    2) If you are not using a smart host, your public IP needs to be on your SPF record and you need to have reverse DNS set up for your sending IP. Again, your IP can't change. 

    Please ask your ISP to open up port 25 and set you up with static IPs. You can then configure Exchange to use one o these static IPs. 

    If this is not possible then consider moving to a new ISP or consider hosting your email in Office 365.

    Thanks.


    Mark Gossa

    MCSE 2003, MCITP Enterprise Administrator 2008 R2, MCSA 2012 R2, MCTS Exchange 2010

    Blog: http://markgossa.blogspot.com

    Posts are provided “AS IS” without warranty of any kind, either expressed or implied.

    • Marked as answer by mclaughlk2 Tuesday, October 6, 2015 7:18 PM
    Tuesday, September 15, 2015 8:55 PM
  • So here's another update.  I checked the ip address against a black list and sure enough it is.  Our isp isn't able to open port 25 for dynamic addresses either.  I've looked over our isp package, and turned out we were eligible for a static ip as they changed their service and pricing slightly so we don't have to pay any more.  Tomorrow we're getting a new modem and faster connection and our static ip should be coming within 24/48 hrs.  After that's all done I'll give it a shot again.
    Wednesday, September 16, 2015 10:04 PM
  • OK so long two week span update.  FInally got back to looking into it.  I found another post on the forum, and turned out it didn't like the way my nic was configured.  I had my primary dns set to my dc, and the secondary set to the router.  removed the secondary dns off the nic, and set the external dns lookup to my isp's dns settings and restarted the transport service and it finally worked!!!!! I have mail flowing :)
    Tuesday, October 6, 2015 7:02 PM
  • Oh, and I worked with our ISP and we managed to get a static ip address as well.
    Tuesday, October 6, 2015 7:02 PM
  • You need to use a static public IP for Exchange for the below reasons:

    1) If you are using a smart host, this smart host will only allow certain IPs to relay email. For this reason, your IP can't change

    2) If you are not using a smart host, your public IP needs to be on your SPF record and you need to have reverse DNS set up for your sending IP. Again, your IP can't change. 

    Please ask your ISP to open up port 25 and set you up with static IPs. You can then configure Exchange to use one o these static IPs. 

    If this is not possible then consider moving to a new ISP or consider hosting your email in Office 365.

    Thanks.


    Mark Gossa

    MCSE 2003, MCITP Enterprise Administrator 2008 R2, MCSA 2012 R2, MCTS Exchange 2010

    Blog: http://markgossa.blogspot.com

    Posts are provided “AS IS” without warranty of any kind, either expressed or implied.

    Hi,

    Good to know it's sorted. Please mark as an answer if this has answered your question.

    Thanks.



    Mark Gossa

    MCSE 2003, MCITP Enterprise Administrator 2008 R2, MCSA 2012 R2, MCTS Exchange 2010

    Blog: http://markgossa.blogspot.com

    Posts are provided “AS IS” without warranty of any kind, either expressed or implied.

    • Proposed as answer by Mark Gossa Tuesday, October 6, 2015 7:17 PM
    Tuesday, October 6, 2015 7:17 PM