Hi all, Thanks in advance. I am running Exchange 2007 SP1. We can not send e-mails to anyone at yahoo.com. We receive the following error hours later: Delivery is delayed to these recipients or distribution lists: someone@yahoo.com Subject: test This message has not yet been delivered. Microsoft Exchange will continue to try delivering the message on your behalf. Delivery of this message will be attempted until 7/26/2009 11:47:55 AM (GMT-06:00) Central Time (US & Canada). Microsoft Exchange will notify you if the message can't be delivered by that time. The only thing that I changed on the Exchange server was adding a relay for an internal server that does not authenticate to our domain the ability to relay e-mails. I used the following link to step me through that process...the only thing that I did not do is add an additional IP address to the NIC....is this a must do step? http://blogs.techrepublic.com.com/networking/?p=373 I noticed after adding the relay, about a day or so later, we had trouble with sending to Yahoo. I had to delete about 10k junk e-mails out of the Queue Viewer and I disabled the relay, I also enabled the Anti-Spam scripts that Microsoft provides with the Exchange 2007 server, I do not see any more junk e-mails in the Queue Viewer but we still have a delay to Yahoo, I am working with Yahoo on the issue. Any pointers on setting up a relay and how to check my server to see if it is still sending out SPAM? Thanks!

What do you have configured for Send Connectors? Are you using a smart host? What about resolving yahoo's mx record and dns record from the Transport server? Is there an Edge server?SF - MCITP:EMA, MCTS

Thanks for the reply! For Send Connectors I have one called Clients that looks like it uses Port 587 for local ip addresses to receive mail and under permission groups it has Exchange Users checked I also have one called Default that uses port 25 for local ip addresses and under permission groups it has anonymous , exchange users, exchange servers, and legacy exchange servers checked. the connector that I created for the relay is just like the one created in the following link except that I did not add the additional IP address to the NIC as it states in the article. http://blogs.techrepublic.com.com/networking/?p=373 we only have one exchange server no edge server

Clients is a default receive connector. Are you looking under the Organization configuration -> hub transportthe following article describes creating a new send connectorhttp://technet.microsoft.com/en-us/library/aa998936.aspx

Sorry..that was what I had under the Server Config, Hub Transport Under Organization Config, Hub Transport, Send Connectors, I have Internet For Properties, under Address Space it has SMTP for type, address = *, and Cost = 1 Network - Use domian name systems (DNS) "MX" records to mail automatically

First check the Source Server for this send connector and make sure there is at least on exchange 2007 hub transport server listedSet the protocol logging level for this send connector to verbose, then attempt to send a message and check the logsyou can determine where the logs are by going to the properties of the source server (log settings tab) under server configuration -> hub transportthe default value is C:\Program Files\Microsoft\Exchange Server\TransportRoles\Logs\ProtocolLog\SmtpSend

Check that the connector you created for the relay as only the IP address of the application server specificed. Then validate that the default receive connector does not include that IP address. Verify tha tyou are not usnig a smart host, and if you are, validate the smart host has proper DNS.When did it stop working? After you created the relay? Your send connector sounds like it is the default. Have you tried the message routing trouble shooter tool in the EMC tool box?SF - MCITP:EMA, MCTS

Here is a couple of lines from the log. 2009-07-28T18:28:42.255Z,Internet,08CBDD94514FFF00,2,10.1.x.x:5979,98.137.x.x:25,<,421 4.7.1 [TS03] All messages from 12.200.x.x will be permanently deferred; Retrying will NOT succeed . See http://postmaster.yahoo.com/421-ts03.html , 2009-07-28T18:28:42.255Z,Internet,08CBDD94514FFF00,0,,67.195.168.x:x,*,,attempting to connect 2009-07-28T18:28:42.255Z,Internet,08CBDD94514FFF00,3,10.1.x.x:5979,98.137.x.x:25,>,QUIT, 2009-07-28T18:28:42.255Z,Internet,08CBDD94514FFF00,4,10.1.x.x:5979,98.137.x.x:25,-,,Remote The line All messages from 12.200.x.x will be permanently deferred; Retrying will NOT succeed , doesn't look good, I have contacted Yahoo Postmaster and they did say they saw "unusual" traffic coming from our IP, but I have since deleted all of the SPAM messages in the Queue Viewer and have submitted to be taken off of their "naughty list".

The relay or Receive connector that I created (under Server Config, Hub Transport) is disabled now since I started having issues about a day after I created it. It is configured as: Network Tab = Use these local IP addresses to receive mail = All available IPv4 addresses Port 25 below in the Receive mail from remote servers that have these IP addresses I have the ip address of the server that needs to send messages thru the exchange = 10.1.2.x 255.255.255.255 Under Authentication: Transport Layer Security (TLS) and Externally Sercured is checked Permission Groups Exchange servers is checked

I just changed the Receive Connectors, both Default and Client Receive Connectors. We have two NIC's in the Exchange server, one that we originally had...let's say 10.1.40.10 and I added another NIC in a different VLAN, let's say 10.1.70.10 about 10 days ago for an off-site co-lo replication using a heart beat technology software (we have not implemented the software yet for the secondary NIC.) So I changed the receive connectors to point to the original IP address...in this case it would be the 10.1.40.10

So, what I would do is create an account on Yahoo if you haven't done so already. Try to send an email to that account with the receive connector disabled, see what happens.Then from the Hub Transport server test SMTP traffic to the Yahoo mail server. You can use these steps for testing smtp: http://support.microsoft.com/kb/153119using that process send yourself a test email.Is it possible your Address got added to a SPAM filter at Yahoo? You could set up a send connector to take email to yahoo and route it through an open SMTP relay. I think godaddy has one. This will basically pass your email for yahoo emails through another smtp server so yahoo thinks it is coming from some one else. See if that works.I'm thinking that this heart beat thing you installed may be causing your problems, but hard to tell. So that would lead me to the question of, why do you need a third party app for the heart beat?SF - MCITP:EMA, MCTS

Hi, After reviewing the thread, I think that two issues currently: 1. Allow an application server to relay email through your Exchange 2007 Hub Server 2. The message deliver to Yahoo is delayed. Regarding the first issue, I suggest you read following article firstly: Allowing application servers to relay off Exchange Server 2007 http://msexchangeteam.com/archive/2006/12/28/432013.aspx Basically, we recommend that you create a specific receive connector for the Application server and configure the Receive Connector to allow message to relay instead of using Default Receive Connector and Client Receive Connector. For detailed steps, you can refer to above article. Regarding the second issue, we are hard to identify the root cause currently. Nevertheless, from SMTP log, looks like it is a Yahoo side issue. Would you please post more detailed SMTP log to check when the error will be permanently deferred; Retrying will NOT succeed is encountered. Mike

Thanks for the replies... It looks like we were on the naughty list with Yahoo, I had to fill out a form on their postmaster site and they mentioned that we had unusual traffic coming from our IP. I cleaned up the Queue Viewer messages that were being sent out, and turned on the Microsoft SPAM software,using the script that is in the Exchange folder. After completing the Yahoo Postmaster form and after waiting a few days, they took us off the naughty list and we are now able to send to Yahoo, and a few other domains that we had issues with. As for the relay, I set the relay up just like it mentions in the following link http://blogs.techrepublic.com.com/networking/?p=373 The only thing that I did not do from what that article states is set up an additional IP address on the NIC. It is disabled now but the relay is configured as: Network Tab = Use these local IP addresses to receive mail = All available IPv4 addresses Port 25 ( I will change this to the IP address of NIC1) below in the Receive mail from remote servers that have these IP addresses I have the ip address of the application server that needs to send messages thru the exchange = 10.1.2.x 255.255.255.255 Under Authentication: Transport Layer Security (TLS) and Externally Sercured is checked Permission Groups Exchange servers is checked

The secondary NIC is setup on a different VLAN and is set to replicate this server to a co-lo using a software that has a "heart beat" technology, so if this server goes down, our users are connected to that fail over server.

Hehe, funny that you got added to a yahoo filter..... No good! Looks like you are on the path to solving the problem!SF - MCITP:EMA, MCTS

Like I mentioned, I did not notice the issue until I created that one relay. Did you look at the link? http://blogs.techrepublic.com.com/networking/?p=373 Do you agree that you have to add an additional IP to the NIC and then use the additional IP in the relay? I am still not clear why/how the relay would start sending SPAM, that is what got us on the Yahoo naughty list.

it is possible that your application server was spamming yahoo?As for the IP, you don't necessarly need to have a seperate IP address specified to listen on for application servers.SF - MCITP:EMA, MCTS

I am checking that server....thanks for the replies. Thanks to everyone. I will keep you posted.