none
No Outgoing Mail. Telnet Could not open connection to the host, on port 25 RRS feed

  • Question

  • Hello,

    I would appreciate if someone could lend a helping hand. I run a small network with SBS 2008 which has Exchange 2007. Our SBS 2008 box is our mail server and has been working fine for just over a year.

    I believe that I have not been able to send mail externally since this last Friday. Coincidently, this happens to be the date when I installed SQL Server Express 2008 R2 on our SBS 2008 Server and my feeling is that this installation may have changed some of the Port/Firewall settings and I would like some help investigating Exchange Server. This is the only change that has happend on the Network. The Firewall has not been changed or logged into.

    I installed the new separate SQL 2008R2 instance (i.e. I still have SBSMonitoring on the default SQL Server 2005 on my SBS 2008 Server) which is configured on TCPIP Port 1491, away from the standard 1433 for the existing SQL 2005 instance. Furthermore, I created two new rules in the Firewall (Inbound and Outbound for Port 1491). I have not deleted any rules on the Firewall.

    This is as far as I have got and I am stuck:

    1. I have established Port 25 may now not be open. I have established this from the Server by trying to telnet to one of my providers.
      open mail.complyport.co.uk 25
      Connecting To mail.complyport.co.uk...Could not open connection to the host, on port 25: Connect failed
    2. Strangely, my Exchange Server is receiving Mail. I dont think I have any problems receiving mail.
    3. I have run a test on http://www.testexchangeconnectivity.com
      The only issue that came back was a final warning Attempting to find the SPF record using a DNS TEXT record query.  ExRCA wasn't able to find the SPF record
    4. I don’t know if this is helpful, but when my Exchange Server was working fine, I was able to use Powershell to query the ExchangeServer. Now when I run the following command
      PS C:\> Get-ExchangeServer | fl
      I get the following error (I am not sure if the Exchange Module needs to be loaded?)
      The term 'Get-ExchangeServer' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
      At line:1 char:19
      + Get-ExchangeServer <<<<  | fl
      + CategoryInfo          : ObjectNotFound: (Get-ExchangeServer:String) [], CommandNotFoundException
      + FullyQualifiedErrorId : CommandNotFoundException
      This concerns me a little and I would appreciate if anyone has any ideas as to why this has stopped working?
    5. If I look at my Server Firewall Rules, I don’t see anything either in the Inbound or Outbound rules thathas SMTP in the name or any rule that has a Local or Remote Port of 25. The question here is whether I need to open a Port? If so, how can I audit who deleted the rule? How does it need to be set up?

    Any steps would be really appreciated.
    Many thanks and kind regards,
    Bertie.

    Monday, June 25, 2012 8:06 PM

Answers

All replies

  • hi,

    Can you send internal message successful? I telnet the server as well and also get the same error. Can you telnet other domains?

    If you use SBS 2008, i think you can get better help from this forum:http://social.technet.microsoft.com/Forums/en/smallbusinessserver/threads

    hope can help you

    thanks,


    CastinLu

    TechNet Community Support

    Tuesday, June 26, 2012 7:45 AM
  • Dear CastinLu,

    Thanks for the reply, I have a tread over there in Small Business Server. I have also posted some of the output from Exchange Query Analyzer and Exchange Management Shell. I would appreciate if you could review and let me know if anything looks suspicious to you?

    Many thanks and kind regards,
    Bertie

    Link to SBS Thread: http://social.technet.microsoft.com/Forums/en/smallbusinessserver/thread/c60cf5e4-d872-43b1-a54d-3e1939bd887d
    Copied below for your convenience:

    Hi James,

    Thanks for the help. Its such a long time since I have touched Exchange that I completely forgot to go though the Exchange Management Shell and not the Normal Windows Powershell ISE.

    OK, I have copied in the results of the following commands:

    1. Get-ExchangeServer | fl
    2. Get-SendConnector
    3. Test-Mailflow FQDN -TargetEmailAddress InternalMailAddress -Verbose
    4. Test-Mailflow FQDN -TargetEmailAddress ExternalMailAddress -Verbose (which fails)

    As I have seen most security people change their addresses and firm names, I have done the same. however I am happy to send you the raw unedited information by mail if you need them.

    Also, in the Queue Analyzer, I am seeing the following error:

    Next Hop Domain Delivery Type Status Message Count Next Retry Time Last Error
    gmail.com DnsConnectorDelivery Active 9
    External.com DnsConnectorDelivery Retry 2 26 June 2012 10:11:10 451 4.4.0 Primary target IP address responded with: "421 4.2.1 Unable to connect." Attempted failover to alternate host, but that did not succeed. Either there are no alternate hosts, or delivery failed to all alternate hosts.
    Submission Undefined Ready 0 

    Many thanks and kind regards,

    Bertie

    p.s. I am happy to send you the TCP/IP for the 2 SQL Server Instances if you feel that will be of any help as I made changes there on Friday. I do recall making changes, but though I only made changes to the TCP/IP of the new SQL Server 2008 instance and not the SQL2005 SBSMonitoring instance. Just in case its of any help to you, from SQL Server Configuration Manager, if I look at SBSMonitoring, these are the settings for some of the IPAddresses
    (Note that port 1 appears on my powershell Send Connector below):

    ################################################################################
    SQL Server Configuration Manager (SBSMonitoring):
    ################################################################################IP5
    Active                    = Yes
    Enabled                  = No
    IP Address              = ::1
    TCP Dynamic Ports  = 0
    TCP Port                 =

    IP6
    Active                    = Yes
    Enabled                  = No
    IP Address              = 127.0.0.1
    TCP Dynamic Ports  = 0
    TCP Port                 =

    ################################################################################
    Exchange Management Shell:
    ################################################################################
    Notes:
    1. MyDomain replaced with contoso
    2. MyServerName replaced with ServerName
    3. My email address is of the form bertie.surname1-surname2@contosobiz.co.uk

    ################################################################################
    Normally the FQDN is the SMTP Address required. You can get that from the
    following command:
    [PS] C:\Windows\system32>Get-ExchangeServer | fl

    Name                              : ServerName
    DataPath                          : C:\Program Files\Microsoft\Exchange Server\
                                        Mailbox
    Domain                            : contoso.local
    Edition                           : Standard
    ExchangeLegacyDN                  : /o=First Organization/ou=Exchange Administr
                                        ative Group (FYYYYYYYYYYYYLT)/cn=Configurat
                                        ion/cn=Servers/cn=ServerName
    Fqdn                              : ServerName.contoso.local
    IsHubTransportServer              : True
    IsClientAccessServer              : True
    IsExchange2007OrLater             : True
    IsEdgeServer                      : False
    IsMailboxServer                   : True
    IsMemberOfCluster                 : No
    IsProvisionedServer               : False
    IsUnifiedMessagingServer          : False
    NetworkAddress                    : {ncacn_vns_spp:ServerName, netbios:ServerName,
                                        ncacn_np:ServerName, ncacn_spx:ServerName, ncac
                                        n_ip_tcp:ServerName.contoso.local, ncalrpc
                                        :ServerName}
    OrganizationalUnit                : contoso.local/ServerName
    AdminDisplayVersion               : Version 8.3 (Build 83.6)
    Site                              : contoso.local/Configuration/Sites/Defaul
                                        t-First-Site-Name
    ServerRole                        : Mailbox, ClientAccess, HubTransport
    ErrorReportingEnabled             :
    StaticDomainControllers           : {}
    StaticGlobalCatalogs              : {}
    StaticConfigDomainController      :
    StaticExcludedDomainControllers   : {}
    CurrentDomainControllers          : {}
    CurrentGlobalCatalogs             : {}
    CurrentConfigDomainController     :
    ProductID                         : xxxxx-xxx-xxxxxxx-xxxxx
    IsExchange2007TrialEdition        : False
    IsExpiredExchange2007TrialEdition : False
    RemainingTrialPeriod              : 00:00:00
    IsValid                           : True
    OriginatingServer                 : ServerName.contoso.local
    ExchangeVersion                   : 0.1 (8.0.535.0)
    DistinguishedName                 : CN=ServerName,CN=Servers,CN=Exchange Administ
                                        rative Group (FYYYYYYYYYYYYLT),CN=Administr
                                        ative Groups,CN=First Organization,CN=Micro
                                        soft Exchange,CN=Services,CN=Configuration,
                                        DC=contoso,DC=local
    Identity                          : ServerName
    Guid                              : 6aaaaad-7ded-9512-87f8-8bbbbbbbbbb1
    ObjectCategory                    : contoso.local/Configuration/Schema/ms-Ex
                                        ch-Exchange-Server
    ObjectClass                       : {top, server, msExchExchangeServer}
    WhenChanged                       : 12/03/2011 14:02:55
    WhenCreated                       : 17/02/2011 13:03:28


    ################################################################################

    [PS] C:\Windows\system32>Get-SendConnector

    Identity                           AddressSpaces Enabled
    --------                           ------------- -------
    Windows SBS Internet Send ServerName {smtp:*;1}    True


    ################################################################################
    Test-mail
    Test-Mailflow ServerName.contoso.local -TargetEmailAddress Nick@contosobiz.co.uk -Verbose
    Test-Mailflow ServerName.contoso.local -TargetEmailAddress MyGmail@gmail.com -Verbose

    [PS] C:\Windows\system32>Test-Mailflow ServerName.contoso.local -TargetEmailAdd
    ress Nick@contosobiz.co.uk -Verbose
    VERBOSE: Test-Mailflow : Beginning processing.
    VERBOSE: Test-Mailflow : Searching objects "ServerName.contoso.local" of type
    "Server" under the root "$null".
    VERBOSE: Test-Mailflow : Previous operation run on domain controller
    'ServerName.contoso.local'.
    VERBOSE: Test-Mailflow : Searching objects
    "SystemMailbox{6aaaaaa3-f01e-6d14-b480-1dddddddddd0}" of type "ADSystemMailbox"
    under the root "$null".
    VERBOSE: Test-Mailflow : Previous operation run on global catalog server
    'ServerName.contoso.local'.
    VERBOSE: Testing mail flow.

    TestMailflowResult         MessageLatencyTime                      IsRemoteTest
    ------------------         ------------------                      ------------
    Success                    00:00:00.6719193                                True
    VERBOSE: Test-Mailflow : Ending processing.


    [PS] C:\Windows\system32>Test-Mailflow ServerName.contoso.local -TargetEmailAdd
    ress MyGmail@gmail.com -Verbose
    VERBOSE: Test-Mailflow : Beginning processing.
    VERBOSE: Test-Mailflow : Searching objects "ServerName.contoso.local" of type
    "Server" under the root "$null".
    VERBOSE: Test-Mailflow : Previous operation run on domain controller
    'ServerName.contoso.local'.
    VERBOSE: Test-Mailflow : Searching objects
    "SystemMailbox{6aaaaaa3-f01e-6d14-b480-1dddddddddd0}" of type "ADSystemMailbox"
    under the root "$null".
    VERBOSE: Test-Mailflow : Previous operation run on global catalog server
    'ServerName.contoso.local'.
    VERBOSE: Testing mail flow.

    TestMailflowResult         MessageLatencyTime                      IsRemoteTest
    ------------------         ------------------                      ------------
    *FAILURE*                  00:00:00                                        True
    VERBOSE: Test-Mailflow : Ending processing.

    Tuesday, June 26, 2012 10:22 AM
  • A SQLServerMVP has kindly suggested I need to verify my SMTP Connector on Exchange 2007 (embedded within SBS 2008), do you know how I can do that (or set up a new connector if you feel this will fix the problem?)

    http://social.msdn.microsoft.com/Forums/en-US/sqlsetupandupgrade/thread/a6794784-8906-4256-add5-1c5a253f8bf9/

     I have renamed the usual parts to Contoso (What I have renamed is in Bold)

    [PS] C:\Windows\system32>Get-SendConnector | fl

    AddressSpaces                : {smtp:*;1}
    AuthenticationCredential     :
    Comment                      :
    ConnectedDomains             : {}
    ConnectionInactivityTimeOut  : 00:10:00
    DNSRoutingEnabled            : True
    DomainSecureEnabled          : False
    Enabled                      : True
    ForceHELO                    : False
    Fqdn                         : remote.contosobiz.co.uk
    HomeMTA                      : Microsoft MTA
    HomeMtaServerId              : MyServerName
    Identity                     : Windows SBS Internet SendMyServerName
    IgnoreSTARTTLS               : False
    IsScopedConnector            : False
    IsSmtpConnector              : True
    LinkedReceiveConnector       :
    MaxMessageSize               : 10MB
    Name                         : Windows SBS Internet SendMyServerName
    Port                         : 25
    ProtocolLoggingLevel         : None
    RequireTLS                   : False
    SmartHostAuthMechanism       : None
    SmartHosts                   : {}
    SmartHostsString             :
    SourceIPAddress              : 0.0.0.0
    SourceRoutingGroup           : Exchange Routing Group (DWBBBBBBBBBBJR)
    SourceTransportServers       : {MyServerName}
    UseExternalDNSServersEnabled : False

    FYI, my ISP mentions I dont need a smart host.

    Tuesday, June 26, 2012 3:08 PM
  • Resolved on the Small Business Server forum. Details are here: http://social.technet.microsoft.com/Forums/en/smallbusinessserver/thread/c60cf5e4-d872-43b1-a54d-3e1939bd887d

    Many thanks

    • Marked as answer by Bertie70 Wednesday, June 27, 2012 3:58 PM
    Wednesday, June 27, 2012 3:58 PM