Recently we have been unable to receive emails on our Exchange 2007 server from a couple of domains, a bank and a government agency.
No changes have been made to the server recently and I'm having trouble pinpointing the cause.
When I examine the receive connector logs I can see those domains connect to the server but never deliver the message.
When they unsuccessfully try to send us an email, this is what the receive connector log looks like this unsuccessful delivery
When we successfully receive an email from other domains this is what the receive log looks like successful delivery
The certificate thumbprint that is being sent in both cases is the self-signed certificate and not our third-party signed certificate. For some reason the person who created the self-signed certificate included both our local domain name and our public domain name. The domains that are unsuccessfully sending us email seem to stop trying after that point whereas the domains that are successful are trying another method which ends up working.
Could it be that they are not able to deliver the mail to us because the certificate we are sending them is the self-signed one and not the third-party one? There have been no changes to the certificates in some time but this issue only started recently.
Also the senders of these emails do not receive an immediate bounce-back, they receive those a day or so later.
Any help with this is greatly appreciated.
