Exchange 2010 Send Connector to postfix (v. 2.11) smarthost uses STARTTLS and cannot connect

Dear all,
I am having problems with exchange 2010 sending emails through a postfix smarthost server which disconnects the sessions. I also use a sendmail as a smarthost
server which is working just fine but I have to switch to postfix and cannot do this as long as the encryption does not work.
Here is the log file of the postfix server:
Jan 4 14:18:59 server7 postfix/smtpd[1659]: initializing the server-side TLS engine
Jan 4 14:18:59 server7 postfix/smtpd[1659]: connect from server1.mydomain.com[192.168.20.10]
Jan 4 14:18:59 server7 postfix/smtpd[1659]: setting up TLS connection from server1.mydomain.com[192.168.20.10]
Jan 4 14:18:59 server7 postfix/smtpd[1659]: server1.mydomain.com[192.168.20.10]: TLS cipher list "aNULL:-aNULL:ALL:+RC4:@STRENGTH"
Jan 4 14:18:59 server7 postfix/smtpd[1659]: SSL_accept:before/accept initialization
Jan 4 14:18:59 server7 postfix/smtpd[1659]: read from 7F4823FA5210 [7F4823FAB1B0] (11 bytes => -1 (0xFFFFFFFFFFFFFFFF))
Jan 4 14:18:59 server7 postfix/smtpd[1659]: read from 7F4823FA5210 [7F4823FAB1B0] (11 bytes => 11 (0xB))
Jan 4 14:18:59 server7 postfix/smtpd[1659]: 0000 16 03 01 00 5a 01 00 00|56 03 01 ....Z... V..
Jan 4 14:18:59 server7 postfix/smtpd[1659]: read from 7F4823FA5210 [7F4823FAB1BE] (84 bytes => 84 (0x54))
Jan 4 14:18:59 server7 postfix/smtpd[1659]: 0000 54 a9 3d b9 0d 5e 8b 64|7c 6b b5 21 f2 93 e7 84 T.=..^.d |k.!....
Jan 4 14:18:59 server7 postfix/smtpd[1659]: 0010 17 ea 33 d7 e5 13 f2 75|3a 87 38 32 01 85 82 5b ..3....u :.82...[
Jan 4 14:18:59 server7 postfix/smtpd[1659]: 0020 00 00 18 00 2f 00 35 00|05 00 0a c0 13 c0 14 c0 ..../.5. ........
Jan 4 14:18:59 server7 postfix/smtpd[1659]: 0030 09 c0 0a 00 32 00 38 00|13 00 04 01 00 00 15 ff ....2.8. ........
Jan 4 14:18:59 server7 postfix/smtpd[1659]: 0040 01 00 01 00 00 0a 00 06|00 04 00 17 00 18 00 0b ........ ........
Jan 4 14:18:59 server7 postfix/smtpd[1659]: 0050 00 02 01 ...
Jan 4 14:18:59 server7 postfix/smtpd[1659]: 0053 - <SPACES/NULLS>
Jan 4 14:18:59 server7 postfix/smtpd[1659]: SSL_accept:SSLv3 read client hello A
Jan 4 14:18:59 server7 postfix/smtpd[1659]: SSL_accept:SSLv3 write server hello A
Jan 4 14:18:59 server7 postfix/smtpd[1659]: SSL_accept:SSLv3 write certificate A
Jan 4 14:18:59 server7 postfix/smtpd[1659]: SSL_accept:SSLv3 write key exchange A
Jan 4 14:18:59 server7 postfix/smtpd[1659]: SSL_accept:SSLv3 write server done A
Jan 4 14:18:59 server7 postfix/smtpd[1659]: write to 7F4823FA5210 [7F4823FB8B70] (1911 bytes => 1911 (0x777))
Jan 4 14:18:59 server7 postfix/smtpd[1659]: 0774 - <SPACES/NULLS>
Jan 4 14:18:59 server7 postfix/smtpd[1659]: SSL_accept:SSLv3 flush data
Jan 4 14:18:59 server7 postfix/smtpd[1659]: read from 7F4823FA5210 [7F4823FAC803] (5 bytes => 0 (0x0))
Jan 4 14:18:59 server7 postfix/smtpd[1659]: SSL_accept:failed in SSLv3 read client certificate A
Jan 4 14:18:59 server7 postfix/smtpd[1659]: SSL_accept error from server1.mydomain.com[192.168.20.10]: lost connection
Jan 4 14:18:59 server7 postfix/smtpd[1659]: lost connection after STARTTLS from server1.mydomain.com[192.168.20.10]
Jan 4 14:18:59 server7 postfix/smtpd[1659]: disconnect from server1.mydomain.com[192.168.20.10]
I
have read in the post at https://social.technet.microsoft.com/Forums/exchange/en-US/6db38364-cb08-45c0-b159-3ddf30ef0b3e/exchange-2010-send-connector-uses-ssltls-and-cannot-connect-to-smarthost-how-to-deactivate-ssl?forum=exchange2010
how to deactivate the SSL encryption, but this is of course a security flaw, if I am not mistaken. I would like to encrypt the connection between the servers for obvious security
reasons but I have come to a standstill...
My Exchange server certificate is configured
as follows:
AccessRules : {System.Security.AccessControl.CryptoKeyAccessRule, System.Security.AccessControl.CryptoKeyAcc
ule, System.Security.AccessControl.CryptoKeyAccessRule, System.Security.AccessControl.CryptoKe
essRule}
CertificateDomains : {server1, server1.solid-con.com}
HasPrivateKey : True
IsSelfSigned : True
Issuer : CN=server1
NotAfter : 22/01/2017 13:18:02
NotBefore : 22/01/2012 13:18:02
PublicKeySize : 2048
RootCAType : None
SerialNumber : 6925D91285B649BD4D5E4297F1A48471
Services : IMAP, POP, IIS, SMTP
Status : Valid
Subject : CN=server1
Thumbprint : 939A37173BF84E352CEDC74F7D9A3D71F498A005
AccessRules : {System.Security.AccessControl.CryptoKeyAccessRule, System.Security.AccessControl.CryptoKeyAcc
ule, System.Security.AccessControl.CryptoKeyAccessRule}
CertificateDomains : {WMSvc-SERVER1}
HasPrivateKey : True
IsSelfSigned : True
Issuer : CN=WMSvc-SERVER1
NotAfter : 19/01/2022 12:56:44
NotBefore : 22/01/2012 12:56:44
PublicKeySize : 2048
RootCAType : Registry
SerialNumber : 1DB8711F7ADC5CB54196468EF2FF5D21
Services : None
Status : Valid
Subject : CN=WMSvc-SERVER1
Thumbprint : 191D86BDE274510453D58DDB91D253DABBCF05F1
And My Default Send Connector is configured as follows:
AddressSpaces : {SMTP:*;1}
AuthenticationCredential : System.Management.Automation.PSCredential
Comment :
ConnectedDomains : {}
ConnectionInactivityTimeOut : 00:10:00
DNSRoutingEnabled : False
DomainSecureEnabled : False
Enabled : True
ErrorPolicies : Default
ForceHELO : False
Fqdn :
HomeMTA : Microsoft MTA
HomeMtaServerId : SERVER1
Identity : Internet
IgnoreSTARTTLS : False
IsScopedConnector : False
IsSmtpConnector : True
LinkedReceiveConnector :
MaxMessageSize : unlimited
Name : Internet
Port : 25
ProtocolLoggingLevel : None
RequireOorg : False
RequireTLS : False
SmartHostAuthMechanism : None
SmartHosts : {server7.mydomain.com, server6.mydomain.com}
SmartHostsString : server7.mydomain.com,server6.mydomain.com
SmtpMaxMessagesPerConnection : 20
SourceIPAddress : 0.0.0.0
SourceRoutingGroup : Exchange Routing Group (DWBGZMFD01QNBJR)
SourceTransportServers : {SERVER1}
TlsAuthLevel :
TlsDomain :
UseExternalDNSServersEnabled : False
Any help would be greatly appreciated as I am
stuck...
Luca

Hi Allen,
Thank you very much for your reply.
The Postfix TLS Manager is enabled in master.cf
tlsmgr unix - - n 1000? 1 tlsmgr
and running
server7:/etc/postfix # ps -efa|grep tls
postfix 11967 11863 0 11:21 ? 00:00:00
tlsmgr -l -t unix -u
Every other (Linux/UNIX) server has no problem e.g.:
Jan 5 11:28:36 server7 postfix/smtpd[12215]: connect from server2.mydomain.com[192.168.20.20]
Jan 5 11:28:36 server7 postfix/smtpd[12215]: Anonymous TLS connection established from server2.mydomain.com[192.168.20.20]: TLSv1 with cipher DHE-DSS-AES256-SHA (256/256 bits)
Jan 5 11:28:36 server7 postfix/smtpd[12215]: B5502946AB0: client=server2.mydomain.com[192.168.20.20]
Jan 5 11:28:36 server7 postfix/cleanup[12221]: B5502946AB0: message-id=<[email protected]>
Jan 5 11:28:36 server7 postfix/qmgr[12200]: B5502946AB0: from=<[email protected]>, size=1026, nrcpt=1 (queue active)
Jan 5 11:28:36 server7 postfix/smtpd[12215]: disconnect from server2.mydomain.com[192.168.20.20]
Jan 5 11:28:37 server7 postfix/smtpd[12225]: connect from localhost[127.0.0.1]
Jan 5 11:28:37 server7 postfix/smtpd[12225]: 4076A946AB1: client=localhost[127.0.0.1]
Jan 5 11:28:37 server7 postfix/cleanup[12221]: 4076A946AB1: message-id=<[email protected]>
Jan 5 11:28:37 server7 postfix/qmgr[12200]: 4076A946AB1: from=<[email protected]>, size=1778, nrcpt=1 (queue active)
Jan 5 11:28:37 server7 postfix/smtpd[12225]: disconnect from localhost[127.0.0.1]
Jan 5 11:28:37 server7 postfix/smtp[12222]: B5502946AB0: to=<[email protected]>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.54, delays=0.05/0.01/0.01/0.47, dsn=2.0.0, status=sent
(250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 4076A946AB1)
Jan 5 11:28:37 server7 postfix/qmgr[12200]: B5502946AB0: removed
Jan 5 11:28:37 server7 postfix/cleanup[12221]: 4401F946AB0: message-id=<[email protected]>
Jan 5 11:28:37 server7 postfix/qmgr[12200]: 4401F946AB0: from=<[email protected]>, size=1920, nrcpt=1 (queue active)
Jan 5 11:28:37 server7 postfix/local[12226]: 4076A946AB1: to=<[email protected]>, relay=local, delay=0.02, delays=0/0.01/0/0, dsn=2.0.0, status=sent (forwarded as 4401F946AB0)
Jan 5 11:28:37 server7 postfix/qmgr[12200]: 4076A946AB1: removed
Jan 5 11:28:37 server7 postfix/smtp[12227]: Untrusted TLS connection established to 192.168.20.10[192.168.20.10]:25: TLSv1 with cipher AES128-SHA (128/128 bits)
Jan 5 11:28:37 server7 postfix/smtp[12227]: 4401F946AB0: to=<[email protected]>, orig_to=<[email protected]>, relay=192.168.20.10[192.168.20.10]:25,
delay=0.29, delays=0/0.01/0.02/0.25, dsn=2.6.0, status=sent (250 2.6.0 <[email protected]> [InternalId=619] Queued
mail for delivery)
Jan 5 11:28:37 server7 postfix/qmgr[12200]: 4401F946AB0: removed
and if you take a look at the lines in bold you will see that mails can be delivered over TLS to that very Exchange server (the mailboxes are on that server)...
To summarise:
exchange --> postfix with TLS = session disconnected (and everything seems to be initiated by the exchange server -if I read the logs correctly)
postfix --> exchange with TLS = works
any further hints?
Thank you very much in advance,
Luca

Similar Messages

Exchange 2010 - Send Connector High Availability

Hi All,
I performed a successful migration a few years back from a single node Exchange 2003 server to a two node Exchange 2010 organisation with a DAG and Kemp load balanced CAS array. The solution works well and when we simulate a site failure
I am able to get the second node to handle all mail functions.
The one problem I have though is that I have to manually disable the send connector on the primary server in order for the one on the secondary server to be in use. I should explain that I have two send connectors as I do not want the secondary server
to be used unless the primary server is down or the route is unavailable. I realise that Exchange 2010 does not know whether the SMTP route is down or not so will just continue trying to use the send connector from the primary server (until I tell it
not to by disabling it).
My question is how do I get this to happen automatically? Does anyone else have an example of how this could be done or use a PowerShell script to achieve this? I guess a script could check the route and disable the send connector on the primary
server if necessary, but how would one do this?
Any help greatly appreciated.
Rob

Hi,
According to your description, your secondary send connector cannot be automatically used when the first one is down. If I misunderstand your meaning, please feel free to let me know.
If yes, I’d like to confirm if the settings of the secondary one is same with the first one and we can check the connectivity logs including diagnostic information for Healthy Server Selector.
For more information, you can refer to the following article:
http://technet.microsoft.com/en-us/library/ff634392(v=exchg.141).aspx
Thanks,
Angela Shi
TechNet Community Support

Exchange 2010 DAG netowrk replications issues - Causing database copies to be disconnected and resynchronizing.

My
environment is as follows.<o:p></o:p>
We have 3 exchange 2010 servers.<o:p></o:p>
EX1, EX2, DREX1. All servers are exchange 2010 14.2 build 247.5<o:p></o:p>
EX1 and EX2 have two nics, one LAN and one for BACKUP <o:p></o:p>
The dag is configured to to communicate to all three.<o:p></o:p>
The IP for EX1 is 192.168.100.51 - LAN, switch A; 160.100.3.51 - BACKUP, switch B<o:p></o:p>
The IP for EX2 is 192.168.100.52 - LAN, switch A; 160.100.3.52 - BACKUP, switch B<o:p></o:p>
DREX1 is located in another network. It is in another building connected via vpn. The ip
for DREX1 is 192.170.100.51. There is no BACKUP network for this server<o:p></o:p>
(These are not the actual address, but the concept is similar)<o:p></o:p>
The dag network configuration is as follows.<o:p></o:p>
DAGNetworkDR has a subnet of 192.170.100.0/24; Network Interface of 192.170.100.51<o:p></o:p>
DAGNetwork01 (LAN) has a subnet of 192.168.100.0/24; Network Interfaces of 192.168.100.51
and 192.168.100.52<o:p></o:p>
DAGNetwork02 (BACKUP) has a subnet of 160.100.3.0/24; Network Interfaces of
160.100.3.51 and 160.100.3.52<o:p></o:p>
Last Friday, 3/7/14 something happened.<o:p></o:p>
To lead up to that, I noticed the issue because we have DPM 2010 making 15minute express
full backups of our exchange databases when I reviewed the backup jobs, the
exchange database backups using dpm2010 failed all weekend long starting at
11:00pm that Friday.<o:p></o:p>
The issue that occurred was that the database copies went to a status of Disconnected and
Resynchronizing, and after about 30 seconds, the status would show
Resynchronizing.<o:p></o:p>
All attempts to resolve this with the research methods failed. Deleting the
logs and reseeding failed, suspending, then rebuilding failed.<o:p></o:p>
Creating a new database worked, creating a database copy worked, but seeding the copy
failed. All with the same pattern, a status of Disconnected and
Resynchronizing, and after about 30 seconds, and the status would show
Resynchronizing.<o:p></o:p>
The database was mounted on EX2, and seeding to EX1
DREX1 has no issues.<o:p></o:p>
All the DAG networks were in a good status, all Green and all up. I could ping from
EX1 to EX2 and from EX2 to EX1 on both networks fine.<o:p></o:p>
In the middle of the week, about 3/12/14, we resolved the issue. We rebooted EX1, no
fix, but after rebooting EX2, it all resolved. It did a fail over to DREX1. I think it failed to do the failover to EX1. However, when it came back up, it was happy, it was reseeding slowly. After about an hour and a half, it
was all healthy.<o:p></o:p>
We thought it was all good EXCEPT, on Friday night at 11:00pmish on 3/14/14, the same
issue occurred; a status of Disconnected and Resynchronizing, and after about
30 seconds, the status would show Resynchronizing.<o:p></o:p>
The database was mounted on EX2 and seeding to EX1 again. I did not notice the
issue until I performed my review of the backup jobs again on Monday.<o:p></o:p>
Late Monday morning, my boss and I were looking at more articles, but all the same results,
delete the database copy and reseed. Which we knew would not work.<o:p></o:p>
I mentioned that it was strange because the networks were all up. What made us try the next
scenarios was just "luck" I guess. I made a statement about not remembering
which networks DAG replication took place over. Again, we have a LAN and
a BACKUP network. Bother were listed to use replication, so we decided to
disable replication over the BACKUP network in the EMC. Immediately, the
database copies switch to healthy and started seeding.<o:p></o:p>
Later that evening I enabled replication over the BACKUP network and it failed again with
a status of Disconnected and Resynchronizing, and after about 30 seconds, the
status would show Resynchronizing. I disabled the replication over the
BACKUP network and the database copy went back to healthy<o:p></o:p>
The last round of windows updates were pushed to these boxes the Friday before the
issues began, 2/28/14. I don't believe the updates to be the issue. <o:p></o:p>
Can anyone make any suggestions as to where to look? It worked with the BACKUP
network enabled to so long that is eluding me as to why the issues would start
all of a sudden. I am also confident that the switch configuration for the
BACKUP network has not been changed at all in at least 2-3 months. I am
still open to look at the config. Please help if you can.<o:p></o:p>
<o:p></o:p>
Lastly, this is more of a monitoring thing, if anyone can suggest a good way to monitor
the database copies so that I can be alerted when the status changes. We
use WhatsUpGold 16.2 to monitor the devices. <o:p></o:p>
Thanks for any future assistance.<o:p></o:p>
Ian
Ian

You don't have to enable the Replication on Backup Network.
You should collapse your DAG network.
http://blogs.technet.com/b/timmcmic/archive/2011/09/26/exchange-2010-collapsing-dag-networks.aspx
http://blogs.technet.com/b/samdrey/archive/2012/12/04/exchange-2010-dag-collapse-the-mapi-networks-in-a-dag.aspx
Post the result of Below command:
Get-DatabaseAvailabilityGroupNetwork
Cheers,
Gulab Prasad
Technology Consultant
Blog:
http://www.exchangeranger.com    Twitter:
  LinkedIn:
   Check out CodeTwo’s tools for Exchange admins
Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

Exchange 2010 Receive Connector intermittently getting an SMTP RSET from sending SMTP servers causing missing user email

Users are receiving about 95% of their messages from sending SMTP servers. Intermittently, sending SMTP servers send the Exchange 2010 Server a SMTP RSET command for no apparent reason. The RSET Command (by SMTP specification) causes the Exchange 2010 Server
to drop the message. The sending SMTP servers then do not resend the message after asking the Exchange server to drop the message. This means the message is marked as Sent by the sending servers but the dropped messages never show up in the users' Outlook
inbox.
Exchange 2010 Version 14.3 (Build 123.4)
Roles: Hub Transport, Client Access, Mailbox
What is going on?
Exchange Receive Connector log showing a RSET example:
2014-07-17T12:47:07.370Z,A1-S1\Windows SBS Internet Receive A1-S1,08D16FD38F3D3355,1,10.80.120.15:25,65.99.255.73:53479,*,SMTPSubmit SMTPAcceptAnySender SMTPAcceptAuthoritativeDomainSender AcceptRoutingHeaders,Set Session Permissions
2014-07-17T12:47:07.370Z,A1-S1\Windows SBS Internet Receive A1-S1,08D16FD38F3D3355,2,10.80.120.15:25,65.99.255.73:53479,>,"220 vpn.a1expediting.com Microsoft ESMTP MAIL Service ready at Thu, 17 Jul 2014 08:47:06 -0400",
2014-07-17T12:47:07.480Z,A1-S1\Windows SBS Internet Receive A1-S1,08D16FD38F3D3355,3,10.80.120.15:25,65.99.255.73:53479,<,EHLO inbound37.exchangedefender.com,
2014-07-17T12:47:07.480Z,A1-S1\Windows SBS Internet Receive A1-S1,08D16FD38F3D3355,4,10.80.120.15:25,65.99.255.73:53479,>,250-vpn.a1expediting.com Hello [65.99.255.73],
2014-07-17T12:47:07.480Z,A1-S1\Windows SBS Internet Receive A1-S1,08D16FD38F3D3355,5,10.80.120.15:25,65.99.255.73:53479,>,250-SIZE 52428800,
2014-07-17T12:47:07.480Z,A1-S1\Windows SBS Internet Receive A1-S1,08D16FD38F3D3355,6,10.80.120.15:25,65.99.255.73:53479,>,250-PIPELINING,
2014-07-17T12:47:07.480Z,A1-S1\Windows SBS Internet Receive A1-S1,08D16FD38F3D3355,7,10.80.120.15:25,65.99.255.73:53479,>,250-DSN,
2014-07-17T12:47:07.480Z,A1-S1\Windows SBS Internet Receive A1-S1,08D16FD38F3D3355,8,10.80.120.15:25,65.99.255.73:53479,>,250-ENHANCEDSTATUSCODES,
2014-07-17T12:47:07.480Z,A1-S1\Windows SBS Internet Receive A1-S1,08D16FD38F3D3355,9,10.80.120.15:25,65.99.255.73:53479,>,250-AUTH,
2014-07-17T12:47:07.480Z,A1-S1\Windows SBS Internet Receive A1-S1,08D16FD38F3D3355,10,10.80.120.15:25,65.99.255.73:53479,>,250-8BITMIME,
2014-07-17T12:47:07.480Z,A1-S1\Windows SBS Internet Receive A1-S1,08D16FD38F3D3355,11,10.80.120.15:25,65.99.255.73:53479,>,250-BINARYMIME,
2014-07-17T12:47:07.480Z,A1-S1\Windows SBS Internet Receive A1-S1,08D16FD38F3D3355,12,10.80.120.15:25,65.99.255.73:53479,>,250 CHUNKING,
2014-07-17T12:47:07.511Z,A1-S1\Windows SBS Internet Receive A1-S1,08D16FD38F3D3355,13,10.80.120.15:25,65.99.255.73:53479,<,MAIL FROM:<[email protected]> SIZE=165270,
2014-07-17T12:47:07.511Z,A1-S1\Windows SBS Internet Receive A1-S1,08D16FD38F3D3355,14,10.80.120.15:25,65.99.255.73:53479,*,08D16FD38F3D3355;2014-07-17T12:47:07.370Z;1,receiving message
2014-07-17T12:47:07.511Z,A1-S1\Windows SBS Internet Receive A1-S1,08D16FD38F3D3355,15,10.80.120.15:25,65.99.255.73:53479,>,250 2.1.0 Sender OK,
2014-07-17T12:47:07.558Z,A1-S1\Windows SBS Internet Receive A1-S1,08D16FD38F3D3355,16,10.80.120.15:25,65.99.255.73:53479,<,RCPT TO:<[email protected]> ORCPT=rfc822;[email protected],
2014-07-17T12:47:07.558Z,A1-S1\Windows SBS Internet Receive A1-S1,08D16FD38F3D3355,17,10.80.120.15:25,65.99.255.73:53479,>,250 2.1.5 Recipient OK,
2014-07-17T12:47:10.496Z,A1-S1\Windows SBS Internet Receive A1-S1,08D16FD38F3D3355,18,10.80.120.15:25,65.99.255.73:53479,<,RSET,
2014-07-17T12:47:10.496Z,A1-S1\Windows SBS Internet Receive A1-S1,08D16FD38F3D3355,19,10.80.120.15:25,65.99.255.73:53479,>,250 2.0.0 Resetting,
2014-07-17T12:47:10.559Z,A1-S1\Windows SBS Internet Receive A1-S1,08D16FD38F3D3355,20,10.80.120.15:25,65.99.255.73:53479,<,QUIT ,
2014-07-17T12:47:10.559Z,A1-S1\Windows SBS Internet Receive A1-S1,08D16FD38F3D3355,21,10.80.120.15:25,65.99.255.73:53479,>,221 2.0.0 Service closing transmission channel,
Daniel

Hi,
According to the receive connector log, your emails were failed to be deliverd with DNR. If I misudnerstand the meaning, please feel free to let me know. If yes, I'd like to confirm the detail information in the DNR to narrow down the
cause.
Additionally, based on my research, the RSET command performs an SMTP reset, and then aborts the message that is currently being sent. Thus, the log didn't provide more information for troubleshooting. Is there any other error in your event log? please check
the event log when the issue happens again.
Thanks,
Angela Shi
TechNet Community Support

Exchange 2010 Receive Connector gets 530 5.7.1 Not Authenticated Error

Hi All, I am using Exchange2010 SP2 with HT,CAS and Mail roles ( this is my test machine). I created a receive connector for Mutual TLS in which i have added remote servers with which i want to do mutual (Domain Secure Emails Transfer) and enabled TLS &
Mutual TLS in authentication tab only and partners in permission tab only. When I test these settings with my partners who are on exchange server or iron mail they are working fine. My problem occurs when i receive mails from MDaemon Pro 13.5 and the problem
is i get 530 5.7.1 Not Authenticated error. Can anyone help me why i am getting this.

I am attaching more details for the said problem. Below is send log from mdaemon side and receive log from exchange 2010 (my side).
Sender Log: (MDaemon side)
--- Session Transcript ---
Mon 2014-02-03 17:31:18: Parsing message <xxxxxxxxxxxxxxxxxxxxxxxx\pd35000084484.msg>
Mon 2014-02-03 17:31:18: * From: [email protected]
Mon 2014-02-03 17:31:18: * To: [email protected]
Mon 2014-02-03 17:31:18: * Subject: Mutual TLS 03022014
Mon 2014-02-03 17:31:18: * Size (bytes): 1551
Mon 2014-02-03 17:31:18: * Message-ID: <[email protected]>
Mon 2014-02-03 17:31:18: Attempting SMTP connection to [receive.com]
Mon 2014-02-03 17:31:18: Resolving MX records for [receive.com] (DNS Server: 141.1.1.1)...
Mon 2014-02-03 17:31:18: * P=010 S=000 D=receive.com TTL=(240) MX=[win2k8.receive.com]
Mon 2014-02-03 17:31:18: Attempting SMTP connection to [win2k8.receive.com:25]
Mon 2014-02-03 17:31:18: Resolving A record for [win2k8.receive.com] (DNS Server: 141.1.1.1)...
Mon 2014-02-03 17:31:28: * DNS: 10 second wait for DNS response exceeded (DNS Server: 141.1.1.1)
Mon 2014-02-03 17:31:28: Attempting SMTP connection to [win2k8.receive.com:25]
Mon 2014-02-03 17:31:28: Resolving A record for [win2k8.receive.com] (DNS Server: 8.8.8.8)...
Mon 2014-02-03 17:31:28: * D=win2k8.receive.com TTL=(239) A=[receiver_ip]
Mon 2014-02-03 17:31:28: Attempting SMTP connection to [receiver_ip:25]
Mon 2014-02-03 17:31:28: Waiting for socket connection...
Mon 2014-02-03 17:31:28: * Connection established (sender_ip:60054 -> receiver_ip:25)
Mon 2014-02-03 17:31:28: Waiting for protocol to start...
Mon 2014-02-03 17:31:33: <-- 220 win2k8.receive.com Microsoft ESMTP MAIL Service ready at Mon, 3 Feb 2014 17:31:41 +0500
Mon 2014-02-03 17:31:33: --> EHLO mail.sender.com
Mon 2014-02-03 17:31:33: <-- 250-receive.com Hello [sender_ip]
Mon 2014-02-03 17:31:33: <-- 250-SIZE
Mon 2014-02-03 17:31:33: <-- 250-PIPELINING
Mon 2014-02-03 17:31:33: <-- 250-DSN
Mon 2014-02-03 17:31:33: <-- 250-ENHANCEDSTATUSCODES
Mon 2014-02-03 17:31:33: <-- 250-STARTTLS
Mon 2014-02-03 17:31:33: <-- 250-AUTH NTLM
Mon 2014-02-03 17:31:33: <-- 250-8BITMIME
Mon 2014-02-03 17:31:33: <-- 250-BINARYMIME
Mon 2014-02-03 17:31:33: <-- 250 CHUNKING
Mon 2014-02-03 17:31:33: --> STARTTLS
Mon 2014-02-03 17:31:33: <-- 220 2.0.0 SMTP server ready
Mon 2014-02-03 17:31:33: SSL negotiation successful (TLS 1.0, 2048 bit key exchange, 128 bit encryption)
Mon 2014-02-03 17:31:33: --> EHLO mail.sender.com
Mon 2014-02-03 17:31:33: <-- 250-receive.com Hello [sender_ip]
Mon 2014-02-03 17:31:33: <-- 250-SIZE
Mon 2014-02-03 17:31:33: <-- 250-PIPELINING
Mon 2014-02-03 17:31:33: <-- 250-DSN
Mon 2014-02-03 17:31:33: <-- 250-ENHANCEDSTATUSCODES
Mon 2014-02-03 17:31:33: <-- 250-AUTH NTLM
Mon 2014-02-03 17:31:33: <-- 250-8BITMIME
Mon 2014-02-03 17:31:33: <-- 250-BINARYMIME
Mon 2014-02-03 17:31:33: <-- 250 CHUNKING
Mon 2014-02-03 17:31:33: --> MAIL From:<[email protected]> SIZE=1551
Mon 2014-02-03 17:32:03: <-- 530 5.7.1 Not authenticated
Mon 2014-02-03 17:32:03: --> QUIT
--- End Transcript ---
Receive Log: (Exchange 2010 side)
2014-02-03T13:31:12.609Z,WIN2K8\Default WIN2K8,08D0EEF2D8DBF9DD,0,receiver_ip:25,sender_ip:60294,+,,
2014-02-03T13:31:12.609Z,WIN2K8\Default WIN2K8,08D0EEF2D8DBF9DD,1,receiver_ip:25,sender_ip:60294,*,SMTPSubmit SMTPAcceptAnySender SMTPAcceptAuthoritativeDomainSender AcceptRoutingHeaders,Set Session Permissions
2014-02-03T13:31:12.609Z,WIN2K8\Default WIN2K8,08D0EEF2D8DBF9DD,2,receiver_ip:25,sender_ip:60294,>,"220 win2k8.receive.com Microsoft ESMTP MAIL Service ready at Mon, 3 Feb 2014 18:31:11 +0500",
2014-02-03T13:31:12.625Z,WIN2K8\Default WIN2K8,08D0EEF2D8DBF9DD,3,receiver_ip:25,sender_ip:60294,<,EHLO mail.sender.com,
2014-02-03T13:31:12.625Z,WIN2K8\Default WIN2K8,08D0EEF2D8DBF9DD,4,receiver_ip:25,sender_ip:60294,>,250-win2k8.receive.com Hello [sender_ip],
2014-02-03T13:31:12.625Z,WIN2K8\Default WIN2K8,08D0EEF2D8DBF9DD,5,receiver_ip:25,sender_ip:60294,>,250-SIZE,
2014-02-03T13:31:12.625Z,WIN2K8\Default WIN2K8,08D0EEF2D8DBF9DD,6,receiver_ip:25,sender_ip:60294,>,250-PIPELINING,
2014-02-03T13:31:12.625Z,WIN2K8\Default WIN2K8,08D0EEF2D8DBF9DD,7,receiver_ip:25,sender_ip:60294,>,250-DSN,
2014-02-03T13:31:12.625Z,WIN2K8\Default WIN2K8,08D0EEF2D8DBF9DD,8,receiver_ip:25,sender_ip:60294,>,250-ENHANCEDSTATUSCODES,
2014-02-03T13:31:12.625Z,WIN2K8\Default WIN2K8,08D0EEF2D8DBF9DD,9,receiver_ip:25,sender_ip:60294,>,250-STARTTLS,
2014-02-03T13:31:12.625Z,WIN2K8\Default WIN2K8,08D0EEF2D8DBF9DD,10,receiver_ip:25,sender_ip:60294,>,250-AUTH NTLM,
2014-02-03T13:31:12.625Z,WIN2K8\Default WIN2K8,08D0EEF2D8DBF9DD,11,receiver_ip:25,sender_ip:60294,>,250-8BITMIME,
2014-02-03T13:31:12.625Z,WIN2K8\Default WIN2K8,08D0EEF2D8DBF9DD,12,receiver_ip:25,sender_ip:60294,>,250-BINARYMIME,
2014-02-03T13:31:12.625Z,WIN2K8\Default WIN2K8,08D0EEF2D8DBF9DD,13,receiver_ip:25,sender_ip:60294,>,250 CHUNKING,
2014-02-03T13:31:12.625Z,WIN2K8\Default WIN2K8,08D0EEF2D8DBF9DD,14,receiver_ip:25,sender_ip:60294,<,STARTTLS,
2014-02-03T13:31:12.625Z,WIN2K8\Default WIN2K8,08D0EEF2D8DBF9DD,15,receiver_ip:25,sender_ip:60294,>,220 2.0.0 SMTP server ready,
2014-02-03T13:31:12.625Z,WIN2K8\Default WIN2K8,08D0EEF2D8DBF9DD,16,receiver_ip:25,sender_ip:60294,*,,Sending certificate
2014-02-03T13:31:12.625Z,WIN2K8\Default WIN2K8,08D0EEF2D8DBF9DD,17,receiver_ip:25,sender_ip:60294,*,"CN=win2k8.receive.com, OU=Domain Control Validated - QuickSSL(R) Premium, Certificate subject
2014-02-03T13:31:12.625Z,WIN2K8\Default WIN2K8,08D0EEF2D8DBF9DD,18,receiver_ip:25,sender_ip:60294,*,"CN=SSL CA, OU=SSL, O=3rd Party, C=LL",Certificate issuer name
2014-02-03T13:31:12.625Z,WIN2K8\Default WIN2K8,08D0EEF2D8DBF9DD,19,receiver_ip:25,sender_ip:60294,*,0763ED,Certificate serial number
2014-02-03T13:31:12.625Z,WIN2K8\Default WIN2K8,08D0EEF2D8DBF9DD,20,receiver_ip:25,sender_ip:60294,*,1234567890,Certificate thumbprint
2014-02-03T13:31:12.625Z,WIN2K8\Default WIN2K8,08D0EEF2D8DBF9DD,21,receiver_ip:25,sender_ip:60294,*,win2k8.receive.com;win2k8.receive.com;autodiscover.receive.com,Certificate alternate names
2014-02-03T13:31:13.234Z,WIN2K8\Default WIN2K8,08D0EEF2D8DBF9DD,22,receiver_ip:25,sender_ip:60294,<,EHLO mail.sender.com,
2014-02-03T13:31:13.234Z,WIN2K8\Default WIN2K8,08D0EEF2D8DBF9DD,23,receiver_ip:25,sender_ip:60294,*,,TlsDomainCapabilities='None'; Status='NoRemoteCertificate'
2014-02-03T13:31:13.234Z,WIN2K8\Default WIN2K8,08D0EEF2D8DBF9DD,24,receiver_ip:25,sender_ip:60294,>,250-win2k8.receive.com Hello [sender_ip],
2014-02-03T13:31:13.234Z,WIN2K8\Default WIN2K8,08D0EEF2D8DBF9DD,25,receiver_ip:25,sender_ip:60294,>,250-SIZE,
2014-02-03T13:31:13.234Z,WIN2K8\Default WIN2K8,08D0EEF2D8DBF9DD,26,receiver_ip:25,sender_ip:60294,>,250-PIPELINING,
2014-02-03T13:31:13.234Z,WIN2K8\Default WIN2K8,08D0EEF2D8DBF9DD,27,receiver_ip:25,sender_ip:60294,>,250-DSN,
2014-02-03T13:31:13.234Z,WIN2K8\Default WIN2K8,08D0EEF2D8DBF9DD,28,receiver_ip:25,sender_ip:60294,>,250-ENHANCEDSTATUSCODES,
2014-02-03T13:31:13.234Z,WIN2K8\Default WIN2K8,08D0EEF2D8DBF9DD,29,receiver_ip:25,sender_ip:60294,>,250-AUTH NTLM,
2014-02-03T13:31:13.234Z,WIN2K8\Default WIN2K8,08D0EEF2D8DBF9DD,30,receiver_ip:25,sender_ip:60294,>,250-8BITMIME,
2014-02-03T13:31:13.234Z,WIN2K8\Default WIN2K8,08D0EEF2D8DBF9DD,31,receiver_ip:25,sender_ip:60294,>,250-BINARYMIME,
2014-02-03T13:31:13.234Z,WIN2K8\Default WIN2K8,08D0EEF2D8DBF9DD,32,receiver_ip:25,sender_ip:60294,>,250 CHUNKING,
2014-02-03T13:31:13.234Z,WIN2K8\Default WIN2K8,08D0EEF2D8DBF9DD,33,receiver_ip:25,sender_ip:60294,<,MAIL From:<[email protected]> SIZE=17914,
2014-02-03T13:31:13.234Z,WIN2K8\Default WIN2K8,08D0EEF2D8DBF9DD,34,receiver_ip:25,sender_ip:60294,*,Tarpit for '0.00:00:30',
2014-02-03T13:31:43.250Z,WIN2K8\Default WIN2K8,08D0EEF2D8DBF9DD,35,receiver_ip:25,sender_ip:60294,>,530 5.7.1 Not authenticated,
2014-02-03T13:31:43.250Z,WIN2K8\Default WIN2K8,08D0EEF2D8DBF9DD,36,receiver_ip:25,sender_ip:60294,<,QUIT,
2014-02-03T13:31:43.250Z,WIN2K8\Default WIN2K8,08D0EEF2D8DBF9DD,37,receiver_ip:25,sender_ip:60294,>,221 2.0.0 Service closing transmission channel,
2014-02-03T13:31:43.250Z,WIN2K8\Default WIN2K8,08D0EEF2D8DBF9DD,38,receiver_ip:25,sender_ip:60294,-,,Local
I hope this shall help you understand some thing. Do remember that i am using mutual (force) TLS with this client
whose domain is already in my send/receive secure list of TransportConfig.

Exchange 2010 SMTP Connector

Hello,
We are having an issue with our exchange 2010 hub transport server and its external SMTP connector. We use an external DNS CNAME as the smart host, this works on 2003 (As a FQDN of the host, not a smart host) but we receive DNS query failures on 2010.
We can successfully route to the relay if we use an A record but an CNAME doesn't seem to work, is this as per design? Can we only use A records or IPs?
Thanks

You mean Send Connector, right? (SMTP Connector is an Exchange 2000 or 2003 thing.)
Are you sure you entered the CNAME correctly in the connector properties? Can you ping the smart host or establish a telnet session over port 25?
I've never heard of that issue before. You might consider opening a ticket with Microsoft Support.
Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."

Exhcnage 2010 send connector

our exchange 2010 smtp send connector shows we are sending an smtp request to an unwanted address every 10 minutes. How does one determine with the session number listed who/what is initiating that request?

Hi,
SMTP logging is disabled on Exchange server 2010 by default. I recommend you use the following cmdlet to enable protocol logging for the Send connector.
Set-SendConnector "xxx" -ProtocolLoggingLevel Verbose
For more information, here is an article for your reference.
Understanding Protocol Logging
http://technet.microsoft.com/en-us/library/aa997624(v=exchg.141).aspx
Hope it helps.
Best regards,
Amy Wang
TechNet Community Support

Exchange 2010: Sender address rejected: Access denied

hi friends
i have been recently experiencing an issue with one of my customer which i send email i get bounce message while i can receive their emails with no issue. i have exchange 2010 installed and im using Anti spam device too. my domain is ok.com
i try to send from OWA as well but i get the same result.
Delivery has failed to these recipients or groups:
[email protected] A problem occurred during the delivery of this
message to this e-mail address. Try sending this message again. If the problem continues, please contact your helpdesk.
Diagnostic information for administrators:
Generating server: antispamServer.ok.com
[email protected] #< #5.0.0 X-Spam-&-Virus-Firewall; host mail.abc.com[22.22.22.12] said: 554
5.7.1 <btv1==14869c83b8f==[email protected]: Sender address rejected: Access denied (in reply to RCPT TO command)> #SMTP#
Original message headers:
any idea?
thanks

hi
when i disable the antispam device i get this error
smtp5.relay.iad3a.emailsrvr.com rejected your message to the following e-mail addresses:
[email protected]
smtp5.relay.iad3a.emailsrvr.com gave this error: <[email protected]>: Sender address rejected: Access denied
Your message wasn't delivered due to a permission or security issue. It may have been rejected by a moderator, the address may only accept e-mail from certain senders, or another
restriction may be preventing delivery.

Exchange 2010 Send As Permissions Dropping

We are finding send as rights are dropping even though they are still appearing in the send As Rights Permissions box. This has been happeneing intermittently for a few weeks now, has anyone experienced something similar?
Thanks

Hi,
As per the information and details provided by you, Send As permission is Dropping in Exchange 2010.
Please follow these steps to setup Send As Permission in Exchange Server2010: -
In Exchange 2010, Click on Start>
Programs> Microsoft Exchange> and then click
Active Directory Users and Computers.
In the View menu, click on the
Advanced Features.
Expend Users, then right click the Mailbox Owner object where you want to grant the permission, and then click
Properties.
Click on the Security tab, and then click on
Advanced.
In the Access Control Setting for Mailbox Owner dialog box, click on Add.
In the Select User, Computer, or Group dialog box, click the user account or the group that you want to grant Send As permission to and then click
OK.
In the Permission entry for Mailbox Owner dialog box, click
This Object Only in the Apply onto list.
In the Permission list, locate
Send As, and then click to select the Allow check box.
Click OK three times to close the dialog boxes.
I hope this information will be helpful for you.
Thanks and regards
Ashish@S
Ashish@V

Exchange 2007 Send Connectors

Hello,
I'm relatively new to administering Exchange and I had some questions on Send Connectors. We send mail to a few different domains that usually 75% of the time will generate a message saying:
Delivery is delayed to these recipients or distribution lists:
This message has not yet been delivered. Microsoft Exchange will continue to try delivering the message on your behalf.
Delivery of this message will be attempted until 1/9/2014 9:31:13 AM (GMT-05:00) Eastern Time (US & Canada). Microsoft Exchange will notify you if the message can't be delivered
by that time.
Sometimes messages will make it to the intended recipients and other times not. Most of the time they are just regular emails without any attachments on them. I'm not exactly sure how connectors work, but I'm thinking that I can set one up to tell exchange
that it should route these certain emails to that domain. Is this the correct thought process on how a send connector would work and are there any ramifications I need to worry about if I set up a second or third send connector?
I apologize if this is naïve or doesn't make sense. Please let me know if you need more information. We run Exchange 2007 on Windows SBS 2008.
Thank you.

Hi,
It seems that it could be a reverse DNS lookup issue. I recommend you check if the reverse DNS record is configured correctly.
If it is ok, I suggest you enable logging at your send connector. Then check the log to see if you could find some clues.
Best regards,
Belinda
Belinda Ma
TechNet Community Support

Exchange 2007 send connector does nor respect Maximum message size (sometimes...)

Hi to all
We have 9 email server, 5 Mailboxes, 2 CAS and 2 HT, We began to have problems to send and receive from internet; so I checked the queues and I discovered that some users are sending messages with a size greater than 16 MB, althought internally can send
until 40MB, if they send externally, only until 16MB.
I revised all the configuration:
Organization Configuration/Hub Transport/Global Settings/ Maximum send size (KB):40960
Server Configuration/Hub Transport/HT01/Receive Connectors/Default HT01/Maximum message size(KB): 40960 (only this server can send outside, the other server is in spare)
Organization Configuration/Hub Transport/Send Connector/SendMailOuside/Maximum message size(KB) 16386
We send by an Smart host that is used only by the HT01 to a Symantec server.
With this, we have this situations:
In the queue, I see some users are sending emails with a size more than 16MB outside the organization, I revised their configuration and the "maximun send size" is clear the checkbox (just like my account), the weir is if I try to send an email
with a size more than 16MB, I got the message: "#550 5.3.4 ROUTING.SizeLimit; message size exceeds fixed maximum size for route ##", this is not sense because their account configuration is the same like mine, so the Exchange must not let
them to put the email in the queue...
If between internal users try to send an email with size more than 16MB, this is allowed and it's send without any problem
So I don't know where is the misconfiguration, is permited to send mails with size less than 40MB internally, but externally only until to 16MB, but I din't know why the Exchange system let some users to send (or at least put in the queue) this kind of messages,
my account is in the same DB like the other users...
I hope to be clear in the description of the situation, maybe a patch or some thing, the HT server has the January patch and in april will be applied the last patchs.
Doc MX

Hi DocMX,
Thank you for your question.
We could run the following command:
Get-TransportConfig | FL max*size
Then, we could check the send connector by the following command:
Get-SendConnector | FL Identity,MaxMessageSize
We could run the following command to check an individual user maximum size.
Get-Mailbox <username> | FL Name,Max*size
In my solution, we could rebuild the user profile that those users could send emails more than 16MB to check if the issue persist.
We could also restart the service of “Microsoft Exchange Transport”.
If there are any questions regarding this issue, please be free to let me know.
Best Regard,
Jim
Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact [email protected]
Jim Xu
TechNet Community Support

Exchange 2010 - Send / Recieve Limits

Hi All,
I'm facing this weird issue where my send and receive limits are not the same, currently I'm unable to receve a large sized mail even though my receive limits are at that rate. What I've noticed is its hitting my Send Limit. What is the reason for this I've
seen a few posts on this on the internet but I find it a little hard to believe I will Post those article links here too.
Links with similar Issue:
http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/Q_27744685.html
Please Advice,
Thanks and Best Regards,
Michael

Hi Amy / Andy,
I'm aware of the three places to change the limits and that User level limits take precedence when authenticated only.
[PS] C:\Windows\system32>Get-TransportConfig | ft maxsendsize, maxreceivesize
MaxSendSize
MaxReceiveSize
12.01 MB (12,595,200 bytes)                                 30.27 MB (31,744,000 bytes)
[PS] C:\Windows\system32>Get-ReceiveConnector | ft name, maxmessagesize
Name
MaxMessageSize
Edge Server to Hub Transport Server                         30.27 MB (31,744,000 bytes)
Edge Server to Hub Transport Server                         30.27 MB (31,744,000 bytes)
[PS] C:\Windows\system32>Get-SendConnector | ft name, maxmessagesize
Name
MaxMessageSize
EdgeSync - Inbound to Default-First-Site-Name               unlimited
EdgeSync - Default-First-Site-Name to Internet               30.27 MB (31,744,000 bytes)
My Problem is External Mail that is being sent to an Internal User is hitting the Send Connector Org Limit when it shouldn't be and I'm getting the NDR of message size exceeded.
Thanks and Best Regards,
Michael

Import csv file in Address Spaces in an Exchange 2007 Send Connector

hello , i must put more than 300 domains in the addres space of a Send connector.
is possible have a csv file with the 300 domains and a powershell script to import this file in the address space of one send connector?
example csv file :
cepsa.es
repsol.com
parsi.es
Regards
Thansk in advance
mcse 200x + mesaging 2000 2003 2007 2010

Hi
At First, you CSV should be set as the format like
Name
cepsa.es
repsol.com
parsi.es
If you would like to set a new Send Connector. you can simply do
New-SendConnector -Name ConnectName -AddressSpace ((Import-CSV <PathOfCSV>) | ForEach {$_.Name})
If you would like to add to a Send Connector that already existed, Please run
$al = (Get-SendConnector -Identity <ConnectName>).AddressSpaces
$al += (Import-CSV <PathOfCSV>) | ForEach {$_.Name})
Set-SendConnector -Name ConnectName -AddressSpace $al
Cheers
Zi Feng
Zi Feng
TechNet Community Support
The first script is still working as it should under Exchange 2013 when a send connector is created for the first time.
The second part of adding (or removing) address spaces from an existing send connector was a little bit trickier.
the following script did it:
Get-SendConnector "ConnectorName" | Set-SendConnector -AddressSpace ((Import-CSV <PathOfCSV>) | ForEach {$_.Name})
Watch out! this command also removes domains which are not present in the csv file!

1x Exchange 2010 on-premises hosts 2 domains/companies, they've now split and will be hosted at separate locations.. autocomplete & NDR's

Per the subject. CompanyA and CompanyB shared the same Exchange 2010 Server. They have close ties but have outgrown the shared offices so CompanyB has moved 2 miles down the road. There is no link between the offices.
CompanyA is keeping the original server, CompanyB has moved to new premises with their own Forest/Domain/DC and a shiny new Exchange 2010 Server.
I'll be using new-mailboxexportrequest / new-mailboximportrequest to move all e-mail data to CompanyB and then creating x500 proxy addresses so that at least at CompanyB they can all reply to CompanyB mails. That helps CompanyB continue to be able to respond
to old CompanyB e-mails/meeting requests.
But CompanyA and CompanyB will still want to e-mail each other regularly, I haven't done the move yet but past experience suggests that due to auto-completes (and how Outlook/Exchange functions internally) they're likely to experience a lot of bounce-backs
e-mailing each other, especially responding to pre-split mail.
I'm likely to use NK2Edit and a login script to automatically remove the other company from the autocompletes so new e-mails should go through okay but are there any other solutions for CompanyA responding to old CompanyB mails and meeting requests
(and vica versa?) Special Send Connector with the old X400 addresses? Anything?
Any helps really appreciated.

Hi,
Agree with Jon.Knight. If there is no direct route between company A and company B, they will have to route over the internet.
When you move company B' users to a new forest, the email address will not exist on both sides at the same time then a shared SMTP namespace would work. You can create an SMTP connector on both sides with the local domain defined in the address space.
With this the Exchange server checks locally for the email address and if it does not find it defined locally, it will route the email to the other Exchange server which will in turn deliver it to a local mailbox. Make sure both sides have this shared
SMTP address space defined in the accepted domains. The address space needs to be listed as an Internal Relay.
Here is a thread for your reference.
Cross Forest Migration mail flow between Exchange 2007 and 2010
http://social.technet.microsoft.com/Forums/en-US/2592bc14-87aa-4bad-a3b2-edbaab547f3c/cross-forest-migration-mail-flow-between-exchange-2007-and-2010
Hope it helps.
If there are any problems, please feel free to let me know.
Best regards,
Amy
Amy Wang
TechNet Community Support

Exchange 2010 activesync, Personal archive access from Mobile devices like Iphone,IPAD and Android based Phones

Hi,
As of what i have found from different blogs is that all the activesync devices including IPhone , IPAD and Android based phones cannot access online archive/Personal archive in exchange 2010.
Is there any third party app in the market for the above devices which can support access of Online archive?
Thanks in Adavance

There must be a way! Since you can view the online archive through webmail with supported browsers on PC(IE, Firefox, Safari OSx) (so activeX is no must).
All it takes is a browser that can set a different 'agent' and that can interact with the webmail(OWA) website just like Safari on OSx.
I tried different browsers on the iPad, they all display the Online archive, but the navigation is broken. (scrolling by sliding your fingers does not work correct) The result is that you can not open(read) any mail in your online archive.
The browsers we tested and show the online archive but where the navigation doesn't work are:
On iPad:
- Kissmyagent
- Atomnic(the free AND payd version)
On android:
app: 'OWA for Android' (does not show the online Archive)
Maybe someone can come up with a browser and/or app that can show the online archive!

Exchange 2010 Send Connector to postfix (v. 2.11) smarthost uses STARTTLS and cannot connect

Similar Messages

Maybe you are looking for