0

To summarize: I set things up (this is a virtual test/tutoring environment), broke internal connectivity by introducing Internet mail connectivity, figured out where the problem was, but now I'm wondering if I'm overlooking some easy setting to fix this instead of what I'm thinking about.

Situation: two Internal Exchange 2003 servers (SP2), everything going fine in terms of communication between them. Now I want to connect to the Internet, and I do this just the same way that I did it before I introduced the second Exchange server: I create an SMTP connector, configure it to use TLS to use Google as a smarthost (to get around ISP blocking on my consumer link...), change the port to 587 on the SMTP virtual server (since port is not specified in the SMTP Connector itself, contrary to the "TLS" setting and password).

Works beautifully, sending and receiving Internet mail all OK. BUT with this setup I lose connectivity between Exchange server 1 and Exchange server 2. I was baffled for some time, removed the SMTP connector again (didn't solve it), until I realized that I still had port 587 configured on the SMTP Virtual Server on Exchange server 1! Sure enough, setting that back to 25 solved the issue.

But now the question: does this REALLY mean that I'll have to set up a separate SMTP Virtual Server on Exchange server 1, and configure THAT one with outgoing port 587 and in the "Internet" SMTP connector (while keeping the default Virtual Server "pristine"), or am I overlooking something else that would enable me to keep using just ONE SMTP Virtual Server?

edit: creating a second SMTP virtual server on Exchange server 1 would mean adding another NIC to have an additional IP address? That sounds so overkill... But when restricted to just ONE SMTP virtual server on that Exchange box, means port needs to remain standard port 25 (unless changing the SMTP port on the other Exchange servers as well, but that sounds even more bizarre, lol).

edit2: brain-fart... Of course I can add a second IP address to the NIC (facepalm); is that the standard way to approach this?

BastianW
  • 2,868
  • 4
  • 20
  • 34
JoHel
  • 9
  • 4
  • Did you set port 587 on the General tab or the Delivery tab of the SMTP Virtual Server properties? – joeqwerty Nov 30 '12 at 19:28
  • I checked it again:General Tab > Advanced > prt 25 / Delivery > Outbound Connections > prt 587 It's just that even for "internal" Exchange-to-Exchange communication, this "Outbound" port will be used. – JoHel Nov 30 '12 at 20:08
  • Thought I had figured it out, but now have another problem. – JoHel Dec 01 '12 at 14:29
  • Thought I had figured it out, but now have another problem.What I did: I kept the default SMTP VirtualS and created a second one alongside it(on EXCH1), configuring in and outbound ports to 587.Then I created the SMTP connector to use this new SMTP VirtualS,configured the connector to use TLS/authentication and smtp.gmail.com as smart host.That all sounded perfectly reasonable, and although an additional SMTP VirtualS on EXCH1,no second IP or NIC needed.However,I still have message routing problems.(see next comment) – JoHel Dec 01 '12 at 14:38
  • Mails from EXCH1(with SMTP VS to external) to external and from EXCH2 to EXCH1 work, but mails from EXCH2 to external get an NDR:"A configuration error in the e-mail system caused the message to bounce between two servers or to be forwarded between two recipients. Contact your administrator. <2003EXCH1.coe.net #5.3.5>" and mails from EXCH1 to EXCH2 are for some reason queued by the SMTP virtual server that I created for the external connection??? (and don't get delivered to EXCH2 because that SMTP VS uses port 587) – JoHel Dec 01 '12 at 14:41

1 Answers1

0

Quick question

  • Did you configure the SMARTHOST on the second Exchange 2003 server to use the first one to deliver emails ?

Assumption:

  • Exchange 1 - TLS587 > Outbound to Google. Port Forward 25/80/443 from Firewall to Internal IP
  • Exchange 2 - Use Exchange1 as SmartHost to deliver emails, anon auth,

Exchange 2

  • Exchange System Manager Admin Groups > Domain > Servers > Exchange 2 > Protocols > SMTP
  • Right click on Default Virtual Server Delivery Tab > Advanced
  • smarthost field > Enter internal LAN IP of Exchange 1

Exchange 1

  • Admin Groups > Domain > Servers > Exchange 2 > Protocols > SMTP
  • Right click on Default Virtual Server
  • Access Tab > Relay
  • Select "Only the list below" (computers which may relay through Virtual Server)
  • Add the LAN IP of Exchange 2.
Sunny Chakraborty
  • 390
  • 1
  • 6
  • Hi Sunny, thanks for your feedback. Will have to look into it later, but I certainly didn't configure this. At all times I've been operating under the assumption that the "internal inter-Exchange" part of message routing would be handled automatically. I guess I assumed this because the SMTP connector is configured at the level of the routing group instead of per server, giving the impression that some internal logic would handle this??? – JoHel Dec 19 '12 at 10:12
  • Btw, I'm a bit confused myself now because I worked a bit more on this after posting it here, and I made another post here with "progress" I made: http://social.technet.microsoft.com/Forums/en-US/exchangesvrsecuremessaginglegacy/thread/edc059ee-c4bc-4c0f-a765-3ba2ae4fa021 Could you possibly read that post as well? – JoHel Dec 19 '12 at 10:24
  • Let me ask you: a) Did you test message flow between 2 exchange org's ? b) what happens when you send an email from one mailbox to the other. You can test this from Exchange 2003 Message Tracking tools. Enter the first server, then the second and see what is the response code you get. If the message was delivered, it will show up in the other mailbox. Let us know your progress with the issue. – Sunny Chakraborty Dec 30 '12 at 21:56