Exchange 2007, Gmail & TLS
I am a bit confused here. We have Exchange 2007 on site and it has generally run alright for the years I've been here (it was in place when I arrived), and every now and then when we have a planned power outage, something seems to go wrong with it when it's powered down.
This time round, TLS has apaprently stopped working. When I try and email in from my gmail account I get told that "The error that the other server returned was: 454 454 TLS currently unavailable (state 8)." and it takes 24 hours for the message to arrive. This seems to be by design with regards to gmail, to alert to problems, although it was never a problem before.
When powering back up this time I removed the old domain controllers that had been demoted last week, so that may be relevant. I also deleted an expired Web Server certificate from the email server that had been issued by an enterprise CA that I destroyed a couple of weeks ago (it was easier than moving it from 2003 x86 to 2008R2 x64 given that no valid certificates were out).
Initially, after power up, Exchange wasn't accepting external emails - I could email around the organisation, I could email out, but nothing was coming in. I had to allow all permission groups on the Default and Client receive connectors to get that working again; no idea how it had worked in the past but this is a common theme with this Exchange server and power outages.
I've tried running Enable-ExchangeCertificate -service:smtp for the certificate the server currently uses (GoDaddy, for the OWA etc.) and Exchange tells me it is using that certificate for SIP.W (i.e. everything) but the TLS is still not doing anything.
Can anyone who actually knows something about Exchange shed any light on this? I'm just very confused that it worked before the power outage and doesn't anymore :(
(and yes, I am considering Office 365 in the new academic year, funny you should ask)