When I send a email from outside to any user I get this error from the client failed Status: 5.7.1 Remote SMTP server has rejected address I looked but can't figure out why it is doing that, everything seem configured ok! Could it be because smtp role was not set before the transport hub was configured and now it s not passing mail... MXtoolbox is givving me all green so it is not a firewall or MX isue Thank you

Is your Exchange Server connected directly to the Internet or is there any sort of device cleaning up your SMTP or pre-processing it for spam or viruses? From a computer inside your firewall, try to do an SMTP connection and post the complete conversation here. telnet servername.domain.com 25 helo you.company.com mail from:you@yahoo.com rcpt to:you@yourdomain.com (This is to be a valid SMTP address in your domain) Then do it from a computer outside your firewall, and make servername your Internet server name as pointed to by your MX record and post the complete conversation here.Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."

Also check if the domain @Yourdomain.com is added under Accepted domains in Exchange management console. Run the below command and post the result. Get-ReceiveConnector | FL Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. Hasnain Shaikh| My blogs: http://messagingserversupport.com

XXX is the domain:) Welcome to the Exchange Management Shell! Full list of cmdlets: get-command Only Exchange cmdlets: get-excommand Cmdlets for a specific role: get-help -role *UM* or *Mailbox* Get general help: help Get help for a cmdlet: help <cmdlet-name> or <cmdlet-name> -? Show quick reference guide: quickref Exchange team blog: get-exblog Show full output for a cmd: <cmd> | format-list Tip of the day #33: Vous voulez dfinir les proprits de rpertoires virtuels Outlook Web Access ? Canalisez la sortie de Get-OwaVirtualDirectory vers la cmdlet Set-OwaVirtualDire ctory. Par exemple, la commande suivante dfinit le niveau Gzip pour tous les r pertoires virtuels Outlook Web Access : Get-OwaVirtualDirectory | Set-OwaVirtualDirectory -GzipLevel High [PS] C:\Windows\system32>Get-ReceiveConnector | FL AuthMechanism : Tls, Integrated, BasicAuth, BasicAuth RequireTLS, ExchangeServer Banner : BinaryMimeEnabled : True Bindings : {192.168.0.2:25} ChunkingEnabled : True DefaultDomain : DeliveryStatusNotificationEnabled : True EightBitMimeEnabled : True DomainSecureEnabled : False EnhancedStatusCodesEnabled : True LongAddressesEnabled : False OrarEnabled : False Fqdn : SERVEUR.xxx.local Comment : Enabled : True ConnectionTimeout : 00:10:00 ConnectionInactivityTimeout : 00:05:00 MessageRateLimit : unlimited MaxInboundConnection : 5000 MaxInboundConnectionPerSource : unlimited MaxInboundConnectionPercentagePerSource : 100 MaxHeaderSize : 64KB MaxHopCount : 30 MaxLocalHopCount : 8 MaxLogonFailures : 3 MaxMessageSize : 40240KB MaxProtocolErrors : 5 MaxRecipientsPerMessage : 5000 PermissionGroups : AnonymousUsers, ExchangeUsers, Exchan geServers, ExchangeLegacyServers PipeliningEnabled : True ProtocolLoggingLevel : None RemoteIPRanges : {192.168.0.2-192.168.0.255, 192.168.0 .0-192.168.0.0} RequireEHLODomain : False RequireTLS : False EnableAuthGSSAPI : False Server : SERVEUR SizeEnabled : EnabledWithoutValue TarpitInterval : 00:00:05 AdminDisplayName : ExchangeVersion : 0.1 (8.0.535.0) Name : Default SERVEUR DistinguishedName : CN=Default SERVEUR,CN=SMTP Receive Co nnectors,CN=Protocols,CN=SERVEUR,CN=S ervers,CN=Exchange Administrative Gro up (FYDIBOHF23SPDLT),CN=Administrativ e Groups,CN=First Organization,CN=Mic rosoft Exchange,CN=Services,CN=Config uration,DC=xxx,DC=local Identity : SERVEUR\Default SERVEUR Guid : bcaaad9a-07b4-41f7-ada9-580879fd5714 ObjectCategory : xxx.local/Configuration/Schema/ms- Exch-Smtp-Receive-Connector ObjectClass : {top, msExchSmtpReceiveConnector} WhenChanged : 2012-03-31 11:37:29 WhenCreated : 2009-06-10 11:16:14 OriginatingServer : SERVEUR.xxx.local IsValid : True AuthMechanism : BasicAuth Banner : BinaryMimeEnabled : True Bindings : {127.0.0.1:25} ChunkingEnabled : True DefaultDomain : DeliveryStatusNotificationEnabled : True EightBitMimeEnabled : True DomainSecureEnabled : False EnhancedStatusCodesEnabled : True LongAddressesEnabled : False OrarEnabled : False Fqdn : SERVEUR.xxx.local Comment : Enabled : True ConnectionTimeout : 06:00:00 ConnectionInactivityTimeout : 00:05:00 MessageRateLimit : unlimited MaxInboundConnection : 5000 MaxInboundConnectionPerSource : 20 MaxInboundConnectionPercentagePerSource : 2 MaxHeaderSize : 64KB MaxHopCount : 30 MaxLocalHopCount : 8 MaxLogonFailures : 3 MaxMessageSize : 40240KB MaxProtocolErrors : 5 MaxRecipientsPerMessage : 200 PermissionGroups : AnonymousUsers, ExchangeUsers PipeliningEnabled : True ProtocolLoggingLevel : None RemoteIPRanges : {127.0.0.1-127.0.0.1} RequireEHLODomain : False RequireTLS : False EnableAuthGSSAPI : False Server : SERVEUR SizeEnabled : Enabled TarpitInterval : 00:00:05 AdminDisplayName : ExchangeVersion : 0.1 (8.0.535.0) Name : Windows SBS Fax Sharepoint Receive SE RVEUR DistinguishedName : CN=Windows SBS Fax Sharepoint Receive SERVEUR,CN=SMTP Receive Connectors,C N=Protocols,CN=SERVEUR,CN=Servers,CN= Exchange Administrative Group (FYDIBO HF23SPDLT),CN=Administrative Groups,C N=First Organization,CN=Microsoft Exc hange,CN=Services,CN=Configuration,DC =xxx,DC=local Identity : SERVEUR\Windows SBS Fax Sharepoint Re ceive SERVEUR Guid : 867ad42b-d3e4-464a-a145-c8eaa6668960 ObjectCategory : xxx.local/Configuration/Schema/ms- Exch-Smtp-Receive-Connector ObjectClass : {top, msExchSmtpReceiveConnector} WhenChanged : 2011-01-31 16:10:24 WhenCreated : 2009-06-10 11:24:27 OriginatingServer : SERVEUR.xxx.local IsValid : True

If we look at the remote IP ranges on receive connector "Default SERVEUR" RemoteIPRanges : {192.168.0.2-192.168.0.255, 192.168.0 .0-192.168.0.0} Are you expecting outside domain emails from these IP addresses only? It should be ALL range of IP "0.0.0.0-255.255.255.255" if you want to receive outside emails sent from any domain to your domain. Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. Hasnain Shaikh| My blogs: http://messagingserversupport.com

Yes i have spam and virus with an apliance When i scan my port from outside 25 is open! telnet servername.domain.com 25 220 SERVEUR.xxx.local Microsoft ESMTP MAIL Service, Version: 7.0.6002.18264 r eady at Sun, 1 Apr 2012 09:24:32 -0400 C:\Documents and Settings\Vmware>telnet exhcnage.xxx.com 25 Connecting To exhcnage.armoiressimard.com...Could not open connection to the hos t, on port 25: Connect failed Allo other cmd are giving me error Command not available I am LOST! TKS

You are talking about server configuration / transport hub / select server and lower part defalut server right? in network it is uper box: 192.168.0.2 ??? port 25 lower is 192.168.0.0-192.168.0.0 and 192.168.0.2-192.168.0.255 Do i need that many and why in the upper box 192.168.0.2 with is noting on my network... I didi not configure this serve and a dont know why all this is done:) I tried jus to add thes adresses and still get the error (do i need to restard a service to apply it)

In the upper box it should be your HUB transport server IP.Lets rule out the issue first. Telnet MXrecord 25 and send an email. See if that mails get delivered to your spam appliance server. If yes that means there are no issue to receive external emails to your domain. Now do a telnet from spam appliance to Hub transport server on Port 25 and send an email. (You can try to create a new receive connector with the default settings (Make sure annonymous is selected in permission). Disabled the old one.) Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. Hasnain Shaikh| My blogs: http://messagingserversupport.com

You didn't post the entire conversation. By hiding your domain name, you're just making it harder for us to help you.Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."

I di not want to hide info just did not want my cleint info:) Inside 192.168.0.6 220 SERVEUR.simard.local Microsoft ESMTP MAIL Service, Version: 7.0.6002.18264 r eady at Sun, 1 Apr 2012 16:32:49 -0400 helo simard 250 SERVEUR.simard.local Hello [192.168.0.6] mail from: simardadmin@simard.local 250 2.1.0 simardadmin@simard.local....Sender OK rcpt to: simardadmin@simard.local 550 5.7.1 Unable to relay for simardadmin@simard.local Outside telnet exchange.armoiressimard.com 25 C:\Documents and Settings\Vmware>telnet exchange.armoiressimard.com 25 Connecting To exchange.armoiressimard.com...Could not open connection to the hos t, on port 25: Connect failed

Now when i test a email i get Reason: Illegal host/domain name found Man im i lost):

Telnet from outside to domain "armoiressimard.com" MX records for your domain. 0 exchange.armoiressimard.com 69.70.131.66 10 mail.armoiressimard.com 209.44.98.228 20 mail.siteforms.net 74.127.52.146 30 mail.gcis.ca 12.47.45.98 40 mail.cgsi.net 209.44.98.226 Telnet connection failed on IP 69.70.131.66. Please check with your network or firewall engineer why its not accepting the connection on port 25. We can telnet to rest other IPs for your domain. To receive email from your SPAM Appliance server 1- Check and make sure the your domain is configured in the accepted domains. 2- Email address is correct and its stamped on any exchange recipient. 3- Create another receive connector with default settings and Disabled the old receive connector. Reset the Microsoft Exchange transport service. Let me know whats the result post this. Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. Hasnain Shaikh| My blogs: http://messagingserversupport.com

Sory since it is configured as a pop3 collector i need to disable the port forward /25 when i am not testing not to loose to much email... it is faling back at MX: priority 10 witch is the pop server Now it is back on and from MX toolbox 25 smtp Success 62 ms 443 https Success 62 ms But when i telnet i get connexion refused. All services on firewall are stoped (SPAM, VIRUS PHISH...) So it must be exchange, right? Now as for part 3, can i safely delete this connector? Right now since they are using pop3 collector and everything is working fine localy i dont want to mess it up!

check the receive connectors information. Get-ReceiveConnector | FL Check the firewall ports from your end port 25 may be blocked it should be open on your firewall.

Thank you all especially Hasnain for is great support!I am not shur what as been done but a combinason of thing mad it work!