FIXED - Exchange 2013 - Can I Recreate Default Frontend Receive Connector SAFELY?

Similar Messages

• Default frontend receive connector settings exchange 2013 hybrid edition?

  Hi,
  I am busy setting up a hybrid environment with exchange 2007 , exchange 2013 hybrid edition and office 365.
  When installing exchange 2013 it creates a default frontend receive connector, on the security tab anonymous user is also selected.
  Should i leave it this way?
  At the moment the mx record is pointing to the exchange 2007, in the future i will change the mx record to the exchange cloud.
  I can telnet and mail to the exchange 2013 server, but there is no spam protection, do i need the anonymous user if i am not intended to use this for the mx record, i suppose office 365 is going to use this connector.
  (ps: still have to run the hybrid configuration wizard, waiting for dns ownership txt record)

  Hi Steven,
  Just as Ed said, the connector restrict access via IP address. We can also create another ones.
  If you worry about the spam, I suggest enabling the Anti-Spam function on MBX server.
  More details in the following articles:
  Spam Protection 
  http://technet.microsoft.com/en-us/library/jj218660(v=exchg.150).aspx
  Enable Anti-Spam Functionality on Mailbox Servers
  http://technet.microsoft.com/en-us/library/bb201691(v=exchg.150).aspx
  Hope it is helpful
  Thanks
  Mavis
  If you have feedback for TechNet Subscriber Support, contact
  [email protected]
  Mavis Huang
  TechNet Community Support

• Exchange 2013 Frontend Receive Connector - cannot telnet port 25

  Hello There,
  I’m going to proceed with migration form exchange 2007 to 2013 but just encounter problem.
  I can telnet port 25 form new Exchange 2013 server but cannot telnet it form any other computer within LAN. 
  We have notice it when I was changing SMTP banner to match RevDNS. If I change Receive Connector to role Hub Transport it is responding on telnet 25 from other servers.
  But correct is to set it up as Frontend Transport.
  There is no AV and Friewall is disable. I can telnet prots form hubtransport role receive connectors.
  Fresh installation and server is fully updated. Please help. 
  Maciej

  multi-role CAS + MBX
  on ESXi 5.1
  I found some topics that this could be related to problem with Network card E1000E and Exchange 2013 
  I did experience vmware host crash during EX2013 installation. But after restart Installation took off when its left and as far as i could tell everything else is working fine. 
  I also used wiershark to check negotiation and it looks like 25 is listening and even establishing conneciton but no baner and disconneciting couple of secconds after it is established. 
  It is 4AM so I hope Im writing it clear :)
  Thanks

• Exchange 2013 - can no longer move mailboxes from Exchange 2010 to Ex 2013.

  Migrating to Exchange 2013 from Exchange 2010. Created Ex 2013, moved some mailboxes OK. Then could no longer move mailboxes. No errors. The Migration email says complete. Synced: none, Total Mailboxes: none.
  Tried several mailboxes. Same result.
  Ex 2010 is SP3 RU6, (at least it says RU6 is installed in Programs/Features. The build is for SP3 w/o RU6???)
  Ex 2013 is SP1 aka CU4.
  How to proceed???
  john11

  After many attempts to fix the issue (move remaining 4 mailboxes from Exchange 2010 to Exchange 2013) I contacted Microsoft and we resolved the issue. Here's how.
  btw - Thanks for the suggestions from Ed. However, they did not seem to move us forward.
  What did work:
  1. On the Exchange 2010 box, create a new database. (Someone else suggested this also). Then move the remaining Exchange 2010 mailboxes to this new db. Then after that, move the 4 mailboxes to Exchange 2013 using the GUI on Ex 2013. This only worked for one
  of the four mailboxes. The other 3 failed.
  2. Apparently, we need to restart the Microsoft Exchange Mailbox Replication service on the Exchange 2013 after several failed move attempts to clear cache related to the moves.
  3. Then on the Exchange 2013 box, use this Exchange shell command:
  New-MoveRequest -identity "[email protected]" -TargetDatabase "Exchange 2013 DB name" -BadItemLimit '500' -verbose
  This moved the remaining 3 mailboxes including the Discovery mailbox. It took some time. But we could check the progress using
  Get-MoveRequest
  The MS Tech was terrific. Really knew his stuff. And all mailboxes are on Exchange 2013. Well, the last one is still moving, but I am optimistic.
  Thanks for the suggestions. I had to get this done and the MS Tech made that happen. 
  john11

• Exchange 2013 - can not upload apps

   Log in to ECP -> Organiztion -> APPS
   Below error reported after selecting APPS
   Error: The request failed. unable to connect to the remote server.
   Note: Same error reported on other exchange 2013 servers.

   I had issue with one of the arbitration mailbox, deleted  ad account, ran adprep and re-created mailbox. 
  Error:
  [PS] D:\RU5>Get-App -OrganizationApp | fl manifestxml
  The request failed. The operation has timed out
      + CategoryInfo          : InvalidOperation: (:) [Get-App], OwaExtensionOperationException
      + FullyQualifiedErrorId : [Server=EX1CVTEST2013,RequestId=4a69f46d-5cc1-4299-a5ae-a7416207181a,TimeStamp=6/12/2014
      10:45:06 PM] [FailureCategory=Cmdlet-OwaExtensionOperationException] B6E4AE10,Microsoft.Exchange.Management.Exten
    sion.GetApp
      + PSComputerName        : WWWWWW.XXXX.YYYYY.com
   Note: Verified all the arbitration mailboxes are acessable
  Arbitration mailboxes:
  FederatedEmail.4c1f4d8b-8179-4148-93bf-00a95fa1e042
  SystemMailbox{1f05a927-168e-4658-b14f-5353451a82b0}
  SystemMailbox{bb558c35-97f1-4cb9-8ff7-d53741dc928c}
  SystemMailbox{e0dc1c29-89c3-4034-b678-e6c29d823ed9}
  Migration.8f3e7716-2011-43e4-96b1-aba62d229136

• Exchange 2013 Issue - Cannot open default email folders. you must connect to microsoft exchange

  Hello all, this is my first post and nightmare to this issue because i believe i made mistake and overlook something. I search over the internet i cant find the best answer or maybe i missed something during the configurations. The exchange was working fine
  not after i change the setting following the method
  Configure External and Internal URL in Exchange 2012. after that, the users outlook experiencing disconnect from exchange. I restore back the previous setting but now I cant add any new user to the any Outlook version or change the server path. it will
  cause the problem which show the message below:
  "Can't open your default e-mail folders. You must connect to Microsoft Exchange with the current profile before you can synchronize your folder with your offline folders with your Outlook data file (.ost)"
  I restarted the server and check all the Exchange services are running. The Outlook web is running and they able to receive and send out. The existing link to the exchange are still working so I not really sure what setting should i look into. I was thinking
  about restoring back from Window Server Backup but was advise not to do it unless there are ways to look back the previous setting from the backup.
  One of my ex-boss told me could be the Exchange Certificate but wasn't sure.
  I really appreciate someone could advice and help me resolved this issue.
  IT Tech Supports

  Actually all are affected, but i manage to solved it running Virtual test version to trace the issue and finally able to fix it. Thanks for asking.
  IT Technician

• Exchange 2013 - Unable to recreate ECP Virtual Directory using New-EcpVirtualDirectory

  Hello,
  I had a problem accessing ECP so I decided to recreate its virtual directory on the client access server. I used Remove-EcpVirtualDirectory. The cmd completed successfully. Then I tried running New-EcpVirtualDirectory and am getting the following error:
  Argument: -Role ClientAccess
      + CategoryInfo          : InvalidArgument: (:) [New-EcpVirtualDirectory], ArgumentException
      + FullyQualifiedErrorId : 3C22AE5F,Microsoft.Exchange.Management.SystemConfigurationTasks.NewEcpVirtualDirectory
  Running the command using the -role clientaccess parameter doesn't change the outcome. I have tried running the Exchange setup using the recoverserver switch but the installator is unable to detect any problems with the installation and refuses to continue
  with the recover. Any thoughts?

  Hi,
  Unfortunately, this didn't help either, but it has resulted in a different error message which has eventually led me to an answer, so thank you very much for your help!
  The problem turned out to be quite strange (or not, I'm not very proficient with Exchange). It turned out that all the commands that I was executing, were actually applied to the mailbox server not to the CAS (hance the -role clientaccess error - it couldn't
  have been installed on a server that didn't have the role). Once, I used the -server parameter you proposed, the command failed again. The problem now was that while it was finally pointing to the right server it was still using the installation path on the
  mailbox server (SIC!). Exchange on the mailbox server has been installed at a non-default location and somehow the New-EcpVirtualDirectory command ran on CAS was trying to get to that path. So the trick that finally worked and something that Microsoft again
  doesn't include in their site was using the parameter -path as part of the command:
  new-ecpvirtualdirectory -internalurl https://xx.xx.xx/ecp -role clientaccess -server servername -websitename "Default Web Site" -Path "C:\Program Files\Microsoft\Exchange Server\V15\FrontEnd\HttpProxy\ecp"
  Hope it helps some poor soul some day. Thank you all for your help.

• Exchange 2013 - Can receive, but can't send.

  Emails aren't sending locally either so I doubt it is the firewall.
  Logs are in the event viewer and there are specific exchange sections.

  I can receive emails from other domains and elsewhere however I can't send emails locally or over the internet.
  Mail flow receiver and sender connectors seem to be configured correctly.
  Any ideas?
  This topic first appeared in the Spiceworks Community

• Exchange 2013 SP1: Fix for failing MSExchangeTransport service

  We had a newly updated Exchange 2013 SP1 that would not start the Transport service
  "Netstat -b" showed that a service was listening to port 25 on all IP's (0.0.0.0:25) and when the service could not get the port, it would die, and Exchange would attempt to restart it over and over.
  After many tears, I found this solution: 
  Through the console or the ECP, check the Frontend receive connectors and find the one that is listening on 0.0.0.0:25, which is probably the Default Frontend Receive.  Disable it.
  Restart the MSExchangeTransport and MSExchangeTransportFrontEnd services.
  If both services restart normally, troubleshooting is complete.
  We use several custom connectors carried forward from the previous installation, which was SBS 2008.  If this applies to you, take notice.

  Normally, the Default Frontend Receive Connector (0.0.0.0:25) is the messaging entry point for your organization (I am assuming that you have a single MBX/CAS server).
  1. If you disable the Default Frontend Receive Connector (0.0.0.0:25), you block inbound email.
  2. Most probably, the cause for your problem are the Custom Receive Connectors. Check their type, and if it is Hub Transport, delete and re-create them as Front End Receive connectors.
  Step by Step Screencasts and Video Tutorials

• External Mail Flow not coming into Exchange 2013 Server

  We just finished migrating from Exchange 2007 to Exchange 2013 and when I disable a certain receive connector on Exchange 2007 we stop receiving external emails. I have reviewed all of the Exchange 2013 Receive Connectors and everything looks to be fine
  but the server does not get mail flow. If anyone could assist with this issue that would be great.
  Thanks,
  Ryan

  Hi,
  According to your description, all your inbound mails cannot be received in your Exchange 2013 server after you disable a receive connector in your Exchange 2007 server. If I misunderstand your meaning, please feel free to let me know.
  If yes, since your MX record has been configured properly for your Exchange 2013 server, we can begin with checking the A record for the Exchange 2013 server and confirm if all external mails cannot come in your organization. And we can depend on the following
  troubleshooting to narrow down the mail flow issue:
  1. Check the NDR information if there is NDR.
  2. Check Telnet to test the mail flow:
  http://technet.microsoft.com/en-us/library/bb123686(v=exchg.150).aspx
  Thanks,
  If you have feedback for TechNet Subscriber Support, contact
  [email protected]
  Angela Shi
  TechNet Community Support

• Receive Connectors for Internal Relays - Before & After 2007-2013 Co-existence

  I have just completed the process of migrating from Exchange 2007 Standard SP3 RP10 to Exchange 2013 Standard. I now have Exchange 2013 Standard CU3 installed on two Server 2012 Standard systems. The two new exchange servers are members of a DAG.
  With Exchange 2007, I had to include the IP addresses of multi-function devices (MFDs) with scan to e-mail capability in a receive connector in order for the scan to e-mail to work. 
  Five of the MFDs were on the same subnet as our Exchange 2007 servers, and one MFD was not. 
  It is on the same subnet as our Exchange 2013 servers.
  I created new Receive connectors on our Exchange 2013 servers for this purpose. 
  The one MFD on the same subnet as the Exchange 2013 servers was mistakenly excluded from a receive connector. 
  Much to my surprise, it is able to relay mail.
  I removed the IP address of one of the other MFDs to see if the fact that it is on a different subnet than the Exchange 2013 servers made a difference. 
  I replicated our domain controllers to help ensure that a lack of AD replication would not be an issue with this test. 
  The excluded MFD is still able to relay items.
  I have an application on a server.  The application relays messages, but the IP address of the server it is on is not included in any receive connectors.
  By searching through  the SMTPreceive log, I found the IP address of the MFDs I did my scan to e-mail tests from in the log. 
  I also found the IP address and relayed messages from the application server. 
  The log indicates that the Default Frontend connector is handling this traffic. 
  Does Exchange 2013, by default, relay messages from all internal IP addresses? 
  Does this mean that I don’t need receive connectors for any internal devices (MFDs, servers, etc.). 
  Our Exchange 2007 servers have been decommissioned.  Would I have needed connectors while we were still in a co-existence situation? 
  Am I likely to need them when we have our next co-existence situation in a few years?

  Hi Cara. Thank you for the response.
  If I understand you correctly, you are saying that the MFDs are able to relay because the Default Frontend connector allows them to. 
  That makes sense for the one MFD that was not included in the customised connector I created. 
  Thank you for helping me sort that out.
  By analysing the Front End Transport logs at the following location on my server, I determined that the included MFDs were using the customised connector I had created. 
  C:\Program Files\Microsoft\Exchange Server\V15\TransportRoles\Logs\FrontEnd\ProtocolLog\SmtpReceive
  If I removed the IP address for one of those MFDs, it was still able to relay, but it was doing that through the Default Frontend connector. 
  That makes sense.  As explained near the end of the following article, Exchange uses the most specific connector. 
  http://exchangeserverpro.com/exchange-2013-configure-smtp-relay-connector/
  The one that includes the specific IP address of the MFD will be used, but if the IP address is not specified in any connectors, The Default Frontend connector will automatically be used by
  the device.
  I believe that I now understand how the have the relaying from MFDs is taking place, but I am not certain how some applications are completing their relaying. 
  Another department in my organisation has their own network. 
  I have a customised receive connector that includes the IP addresses of two application servers on their network. 
  Applications on these servers relay messages through the Exchange server on my network. 
  The headers on the relayed messages suggest that the messages are being relayed by the Default Frontend connector. 
  The logs for that connector, however, do not contain any entries for the two IP address. 
  The message tracking logs suggest that the Default <servername> connector is relaying for these applications.
    If the most specific connector is supposed to handle the relaying, why is that not happening in this case? 
  Also, two other application servers from this network are not included in any customised connectors I have created. 
  The logs show that they are relaying mail through the Default Frontend connector. 
  If I understand you correctly, you are saying that this should not be happening, as applications and external users require a customised connector, rather than a built-in connector. 
  If I have mis-understood you, please clarify this for me. 
  Thanks!!

• Exchange 2013 co-existence with 2007 can not send from 2013 - receives OK

  2013 SP1  -separate servers for MBX and CAS - 4 of each. Exchange 2007 configured as a CCR
  I am in co-existence mode but have not yet switched on the legacy.domainname.com. I have a new certificate installed on all servers - 2007 and 2013 with the legacy namespace included
  I can receive on the exchange 2013 servers and can send to exchange 2013 users but cannot send to 2007 users or externally. I have enabled protocol logging and I'm seeing:
  2014-04-02T00:57:31.476Z,Outbound Primary,08D1120CF8FEEDBA,0,,10.0.9.1:25,*,,attempting to connect
  2014-04-02T00:57:52.521Z,Outbound Primary,08D1120CF8FEEDBA,1,,10.0.9.1:25,*,,"Failed to connect. Winsock error code: 10060, Win32 error code: 10060, Error Message: A connection attempt failed because the connected party did not properly respond after a
  period of time, or established connection failed because connected host has failed to respond 10.0.9.1:25"
  The client has a pair of Axway mailgateway appliances (Tumbleweed). We can Telnet between the exchange 2013 servers and the Axways. There is a firewall between these mail gateways and the exchange servers and the following ports were opened - 25,443,465,995,110
  I used the existing send connectors from 2007 and just added the mailbox servers to them. I created 2 new receive connectors to match 2 specialist 2007 connectors.
  But I still can't send mail. Any suggestions where next to check?

  Hi Tony 
  Based on the protocol logs error looks like there is connectivity problem between Ex2007 and Ex2013
  First you can try dropping an email through Telnet from Exchange 2013 to Exchange 2007 to see the message failure happens at which transit.
  You can add the IP address of Exchange 2013 in Exchange 2007 default receive connector and vice versa.
  Restart the transport service and try sending an email from exchange 2013 to Exchange 2007 and see the results
  Also you can try creating a dedicated receive connector for Exchange 2007 in Exchange 2013 and vice versa if the above step does not work 
  Also try disabling the firewall and see if it helps.
  Remember to mark as helpful if you find my contribution useful or as an answer if it does answer your question.That will encourage me - and others - to take time out to help you

• Unable to send to external email recipients - Multi Tenant Exchange 2013 - MultiRole servers in DAG

  Greetings all, I hope someone can help.
  I have created a Exchange 2013 multi-tenant organization, with two servers, both multi-role - CAS and Mailbox roles.
  Internal mail flow is fine (external email addresses can send to the domain).
  External firewall port forwards ports 443 and 25 to the Internal DAG IP address.
  There are two multi-role Exchange servers that are members of the DAG.
  I am able to connect to OWA and ECP via https://externalIP/OWA and https://alias.domain.com/OWA
  No SSL certificates have been purchased or installed yet.
  Exchange URLs have not been changed since default configuration at install.
  OWA and ECP works both internal and external.
  External DNS works with SPF and PTR records correctly configured
  Exchange RCA - Send test only fails with one Spam Listing (this Blacklist provider now flags all domains and you cannot ask to be removed)
  Send Connectors are the default ones created during install. Receive connector is standard configuration with  - * - 
  When sending email to an external address, I receive a failure notice
  ServerName.test.corp.int gave this error:
  Unable to relay 
  Your message wasn't delivered due to a permission or security issue. It may have been rejected by a moderator, the address may only accept email from certain senders, or another restriction may be preventing delivery.
  More Info - 
  ServerName.test.corp.int
  Remote Server returned '550 5.7.1 Unable to relay'
  I have been troubleshooting this for many hours with no progress.
  I have created new Send Connectors for the server that is advising that it is unable to relay, but they have all failed.
  I have tried setting the Internal IP address for Exhange Server 1 (Exchange Server 2 reports failure), with most combinations of Security (Anonymous, Exchange Users, etc).
  I have also tried with the IP range 192.168.11.0/24 to allow the whole the subnet, I still receive the unable to relay failure notice.
  I have tried this guide - hxxps://glazenbakje.wordpress.com/2012/12/30/exchange-2013-how-to-configure-an-internal-relay-connector/ - with different combinations, still no resolution.
  I am at a loss as to why I can't send out with the default configuration. I would assume that email would flow out without any changes, but this does not happen.
  Can someone please assist before I lose my sanity.
  Thanks in advance,
  Terry

  Greetings all, I hope someone can help.
  I have created a Exchange 2013 multi-tenant organization, with two servers, both multi-role - CAS and Mailbox roles.
  Internal mail flow is fine.
  Incoming mail from external senders is also fine. - 
  external email addresses can send to the domain).
  External firewall port forwards ports 443 and 25 to the Internal DAG IP address.
  There are two multi-role Exchange servers that are members of the DAG.
  I am able to connect to OWA and ECP via https://externalIP/OWA and https://alias.domain.com/OWA
  No SSL certificates have been purchased or installed yet.
  Exchange URLs have not been changed since default configuration at install.
  OWA and ECP works both internal and external.
  External DNS works with SPF and PTR records correctly configured
  Exchange RCA - Send test only fails with one Spam Listing (this Blacklist provider now flags all domains and you cannot ask to be removed)
  Receive Connectors are the default ones created during install. Send connector is standard configuration with  - * - 
  When sending email to an external address, I receive a failure notice
  ServerName.test.corp.int gave this error:
  Unable to relay 
  Your message wasn't delivered due to a permission or security issue. It may have been rejected by a moderator, the address may only accept email from certain senders, or another restriction may be preventing delivery.
  More Info - 
  ServerName.test.corp.int
  Remote Server returned '550 5.7.1 Unable to relay'
  I have been troubleshooting this for several days with no progress.
  I have created new Receive Connectors for the server that is advising that it is unable to relay, but they have all failed.
  I have tried setting the Internal IP address for Exhange Server 1 (Exchange Server 2 reports failure), with most combinations of Security (Anonymous, Exchange Users, etc).
  I have also tried with the IP range 192.168.11.0/24 to allow the whole the subnet, I still receive the unable to relay failure notice.
  I have tried this guide - hxxps://glazenbakje.wordpress.com/2012/12/30/exchange-2013-how-to-configure-an-internal-relay-connector/ - with different combinations, still no resolution.
  Even more info - Further troubleshooting -
  I found my one of my Exchange servers had an extra NIC. I have since added a second NIC to the other server, so now both Exchange servers have dual NICs. I removed the DAG cleanly and recreated the DAG from scratch, using this link -
  hxxp://careexchange.in/how-to-create-a-database-availability-group-in-exchange-2013/ 
  The issue still exists, even with a newly created DAG. I also found that the Tenant Address Books were not 'applied'. I applied them but still no resolution
  I think the issue is related to multi-tenant configuration even though the error says that it can't relay. The unable to relay message can appear when sending from a domain that the Organization does not support. Like trying to email as [email protected]
  when you domain name is apple.com - But through extensive research I still can't resolve the issue.
  Can someone please assist before I lose my sanity.
  Thanks in advance,
  Terry

• Cannot send email from Exchange 2007 to Exchange 2013

  Hello Anyone,
  Anyone can help? I've prepare MS Exchange 2013 already, for Migration MS Exchange 2007 and I got the issue.
  My issue is I can't send email from Exchange 2007 to Exchagen 2013, but for Exchange 2013 can send email to Exchange 2007,
  is my issue only internal email for external email both Exchange server is working fine.
  Regards,
  Eakkasak

  Thanks for your reply, when I send email from Exchange 2007 to Exchange 2013 I'm get the error message below.
  Delivery is delayed to these recipients or distribution lists:
  Eakkasak Buajan
  Subject:
  This message has not yet been delivered. Microsoft Exchange will continue to try delivering the message on your behalf.
  Delivery of this message will be attempted until 8/29/2014 8:30:29 PM (GMT+07:00) Bangkok, Hanoi, Jakarta. Microsoft Exchange will notify you if the message can't be delivered by that time."
  I'm already tick  "Exchange server Authentication" in the Default Receive connector properties of Exchange 2013"
  I'm restart services and restart all Exchange Server but doesn't work.
  Thanks,
  Eakkasak
  Sent by Microsoft Exchange Server 2007

• SMTP test to Exchange 2013 failing

  I have an Exchange 2013 server set up for testing which I am trying to have the internal servers relay off of to EarthLink (My ISP).
  The Receive Connector is set up as a FrontEnd Transport, Anonymous and Externally Secured authentication.  It accepts all addresses from my internal subnet. 
  The Send Connector is set up using a Smart connector to smtpauth.earthlink.net.  It is set to use port 587 ( which is what EarthLink apparently uses).  It uses basic authentication with my credentials to EarthLink.  The address space is set
  to '*'.
  When I am on one of the member servers, I telnet 25 to the Exchange 2013 server and testing it:
  220 exchange.home.com Microsoft ESMTP MAIL Service ready at Sun, 23 Nov 201
  4 08:41:40 -0500
  ehlo home.com
  250-home.cave.com Hello [172.16.200.20]
  250-SIZE 36700160
  250-PIPELINING
  250-DSN
  250-ENHANCEDSTATUSCODES
  250-AUTH
  250-8BITMIME
  250-BINARYMIME
  250 CHUNKING
  mail from:[email protected]
  250 2.1.0 Sender OK
  rcpt to:[email protected]
  250 2.1.5 Recipient OK
  DATA
  354 Start mail input; end with <CRLF>.<CRLF>
  Hello
  Goodbye
  451 4.7.0 Temporary server error. Please try again later. PRX3
  I have been searching all over for some insights what this 451 4.7.0 .... PRX3 error is.  There are a number of posts about PRX2, PRX4 and so forth.  I have already found the information about verifying all DNS servers and creating a record in
  the host file.  None of that changed anything.
  I disabled Symantec thinking it was causing the problem. Nope.
  Any suggestions are GREATLY appreciated!

  Hi   Dolbert
  Thank you for your question.
  Did you can receive/send email?
  If not, you can give me some error in your log or event?
  “451 4.7.0 Temporary server error. Please try again later. PRX3” encoded SMTP response for when proxy fails because of connection failures to the destination. It happened at the send connector cannot resolve the correct destination. You can refer to the
  following link to set configure internal reply:
  http://glazenbakje.wordpress.com/2012/12/30/exchange-2013-how-to-configure-an-internal-relay-connector/
  http://exchangequery.com/2013/12/02/steps-to-configure-anonymous-and-authenticated-relay-in-exchange-2013/
  If there are any questions, please let me know.
  Best Regard,
  Jim