How did i break my Exchange Server?
Greetings
About 6 months ago I Installed SBS 2008 (Exch 2007). Prior to that our email was hosted by GoDaddy. Once I got the server up and running I began moving my email hosting from GoDaddy to our SBS Server and generally had no problems. Over time I tinkered with the server and screwed something up - got frustrated and rebuilt the server. Bad move.Now my server runs better/faster, Outlook 2007 and OWA connect to the Exchange server, but I have no outgoing/incoming email - not even email within the organization ie: rspelham@yourais.com to accounting@yourais.com. MS Exchange Troubleshooting Basic Server Information:Active Directory site: "AIS-Server is in the ais-main.local/Configuration/Sites/Default-First-Site-Name" AD siteCurrent Configuration Domain Controller: AIS-Server is using 'AIS-Server.ais-main.local' as the DC for configuration data.Exchange: AIS-Server is running Exchange Server 2007Exchange: AIS-Server is running Exch Svr 2007 SP1Hub Transport server role installed and the req'd services are startedMailbox server role installed and the req'd services are startedMessage Tracking enabled, log service started, and log files are located at.....FQDN is AIS-SERVER.ais-main.localSMTP pickup folder on Logical disk C: and located at...Valid 'ExternalDNSAdapterGuid" value (00000000-0000-0000-0000-000000000000)-was found for AIS-SERVERValid 'InternalDNSAdapterGuid" was found for AIS-SERVER (same as above)AIS-SERVER running WIn Svr 2008 SBS..The Mail Flow Troubleshooter:-->Messages destined to recipients are delayed or are not received..." which gave me no conclusive perspective what what I've done incorrectly-->Expected messages from senders are delayed or are not received by some recipients" After poking around through the forums I ran across the directions for NSlookup and this is what I found:
Use nslookup to verify MX record Configuration
C:\>nslookup
Default Server: ais-server.ais-main.local
Address: 192.168.3.3
> server 192.168.3.3
Default Server: ais-server.ais-main.local
Address: 192.168.3.3
> setq=mx
Server: ais-server.ais-main.local
Address: 192.168.3.3
*** ais-server.ais-main.local can't find setq=mx: Non-existent domain
> www.yourais.com
Server: ais-server.ais-main.local
Address: 192.168.3.3
Non-authoritative answer:
Name: yourais.com
Address: 72.167.232.45 (Go Daddy Site Hosting)
Aliases: www.yourais.com
*************************************************************************************
Verify that MX records to not point to the FQDN:
Microsoft Windows [Version 6.1.7600]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.
C:\Users\rspelham.AIS-MAIN>nslookup
Default Server: ais-server.ais-main.local
Address: 192.168.3.3
> 192.168.3.3
Server: ais-server.ais-main.local
Address: 192.168.3.3
Name: ais-server.ais-main.local
Address: 192.168.3.3
> set q=mx
> fqdn
Server: ais-server.ais-main.local
Address: 192.168.3.3
*** ais-server.ais-main.local can't find fqdn: Non-existent domain
*************************************************************************************
Verify that MX records to not point to an internal domain:
C:\>nslookup
Default Server: ais-server.ais-main.local
Address: 192.168.3.3
> server 192.168.3.3
Default Server: ais-server.ais-main.local
Address: 192.168.3.3
> set q=a
> fqdn
Server: ais-server.ais-main.local
Address: 192.168.3.3
*** ais-server.ais-main.local can't find fqdn: Non-existent domain
*************************************************************************************Then I went to Go Daddy and looked at the MX records... This is what I found:
A (Host) Host Points To
Remote 65.15.73.83 (Ofc Rter WAN Side Static IP Addr)
@ 72.167.232.45 (Go Daddy)
CNAMES www @
Mobilemail mobilemail-v01.prod.mesa1.secureserver.net
Pda mobilemail-v01.prod.mesa1.secureserver.net
Email email.secureserver.net
Imap imap.secureserver.net
Mail pop.secureserver.net
Pop pop.secureserver.net
Smtp smtp.secureserver.net
ftp @
webmail webmail.secureserver.net
E email.secureserver.net
MX Priority=10 Host=@ Goes to=remote.yourais.com
SRV Service=_autodiscover Protocol=_tcp Name=@ Priority=0 Weight=0 Port=443 Target=remote.yourais.com
NS host=@ Points to= ns25.domaincontrol.com
host=@ Points to= ns26.domaincontrol.com
Two things I did differently this time vs. the first time: 1) The first time I set the domain to www.yourais.com. This time I set it to AIS-Main thinking that by doing so, when I set up another office - I could differentiate between the two or three locations we have planned.2) The first time I did not use SmartHost - this time I did - without understanding the implications.
Router Ports Forwarded:
Service Name Start Port End Port Svr IP
SBS 25 25 25 192.168.3.3
SBS Default Website 80 80 192.168.3.3
SBS Web Apps 443 443 192.168.3.3
SBS 995 995 995 192.168.3.3
SBS SharePoint 987 987 192.168.3.3
SBS 1723 1723 1723 192.168.3.3
SBS WSUS Admin 8530 8531 192.168.3.3
I feel like I'm hitting all around the answer but don't seem to be able to hit the target.
I think the principal issue is that I changed domain names thinking I could have the internal domain be AIS-MAIN and the external domain be YOURAIS.COM. If so, then ?
I don’t know if my “records” are correct any longer relative to the recent installation
I’m not sure if I have DNS issues –
I’m wondering if I need to rebuild the server again – this time using ‘yourais.com’ or if there is a work around (one that is simple to manage).
Hope I’ve given you enough to ponder on… I'm looking for the light at the end of the tunnel – or a full email inbox…
Thx, Rick Pelham
January 18th, 2010 12:27am
Start with basics1. Check why the internal emails are not going to and fro (run exbpa, see all the services are fine, check all the AD related issues).2. Check if your AV is not allowin g even the internal email. 3. Run a message tracking and see where they are getting stuck.4. Check if the internal DNS is updated properly.Go to step two1. Check for your send and recieve connectors.2. Check if the smart host (if any) is not allowing the outgoing emails.3. Check the MX records and see if they resolving to correct IP address.Let us know the results.Raj
Free Windows Admin Tool Kit Click here and download it now
January 18th, 2010 10:40am
Hi,First please ensure that your public IP address has been assigned to your Exchange Server.Then please ensure that your MX record has been point to the public IP.Please clarify the domain name that you used for SMTP namespace.(I mean that if you have add the domain name as the accept domain in the exchange server.)
How to Configure Exchange 2007 to Accept E-Mail for More Than One Authoritative Domainhttp://technet.microsoft.com/en-us/library/aa996314(EXCHG.80).aspx Regards,Xiu<!---->
January 18th, 2010 12:53pm
Raj & Xiu - the insights from both of you were most helpful and I thank you sincerely. Using your direction I learned that email was getting to my server but was being rejected - "530 5.7.1 Client was not authenticated" - which led me to "http://smtp25.blogspot.com/2009/04/530-571-client-was-not-authenticated.html." At the end of the day...the issue was a self-inflected error. In Exch Mgmt Console, under Server Configuration, Hub Transport server default receive connector , Properties, Permission Groups - I had deselected “Anonymous users.” Once I selected the option mail began flowing correctly. Thank you both.. Rick Pelham
Free Windows Admin Tool Kit Click here and download it now
January 19th, 2010 6:27pm
Raj & Xiu - the insights from both of you were most helpful and I thank you sincerely. Using your direction I learned that email was getting to my server but was being rejected - "530 5.7.1 Client was not authenticated" - which led me to "http://smtp25.blogspot.com/2009/04/530-571-client-was-not-authenticated.html." At the end of the day...the issue was a self-inflected error. In Exch Mgmt Console, under Server Configuration, Hub Transport server default receive connector , Properties, Permission Groups - I had deselected “Anonymous users.” Once I selected the option mail began flowing correctly. Thank you both.. Rick Pelham
January 19th, 2010 6:28pm