Exchange 2010

[vito]

Hi guys

I just completed the transition from Exchange 2003 to 2010 early last year. Exchange 2003 is still running as the legacy exchange server and the school is still using it as the only exchange server because we can't get the exchange 2010 to receive external mails.

2003 box is working perfectly normal.

Only way we can test if the 2010 receiving, we assign the Exchange 2003's external facing IP address to exchange 2010. This IP address is recognised in ISP provider's LAN as the external relay IP address for the Exchange server.

2010 can send and receive internally and can send to external recipients but can't receive from external. Does my ISP Provider need to make further changes in their DNS (i.e. creating a new MX Record)? Do they have the internal name of my exchange server on their DNS records? Because the local name of the new exchange box is obviously different to the 2003 box.

Any help would be appreciated.

Thanks

[glennda]

I think you need to enable to new exchange box to receive emails anonomously - in exchange management console go to server config hub transport select the server and open properties on default [Servername] permission groups and then select Anonymous users.

[vito]

Thanks for the reply Glennda.

"Anonymous users" option is allready selected.

Thanks

[pantscat]

Does your ISP know the external address of your 2010 box?

[vito]

Yes they do. It is the address that the old exchange uses. When I do the test on exch 2010, I borrow that IP address from the old exchange. on the mx record I change the priorty to be 0 for exch 2010.

[pantscat]

Sorry - I misread your original post.

A few things to check.

1. "Organisation Configuration - Hub Transport - Remote Domains" - this should be set to "*"

2. "Organisation Configuration - Hub Transport - Accepted domains" - Should be set to your external domain name.

3. "Server Congfiguration - Hub Transport - Receive Connectors" - Check the Default send connector has anonymous authentication ticked and that it is set to use all IP addresses on the Network tab. You can also turn the protocol logging up to verbose (e.g. lots!) to see if it's working.

It might also be worth telnetting through to your 2010 box via the external IP and see if you can send a simple email using HELO/EHLO.

A

[vito]

Thanks for all the replies. Pantscat, I just checked, the external domain name wasn't included but *.domain suffix was included in accepted domains. But I still included the full name as you advised me to.
I can't test it yet because I need to use the IP address of the Exch 2003 that means people can't use the email. I'll test it tonight and I'll do the telnet test. I'll let you know how I got on.

On the "Specify the FQDN this connector will provide in response to HELO or EHLO:" Do we need the enter the local name of the exch box or the external name of it?

Thanks again.

[dgardner]

Have you created an smtp connector?

[vito]

Hi dgardner.

SMTP Connectors created one is default, which accepts all IP ranges, the other one particularly accepts ISP's mail server IP ranges.

[dgardner]

We use live@edu here, so it's been a while since I used Exchange 2010 and I'll be rusty. I'm fairly sure that you need an incoming smtp connector and route the mail through the smart host (which will be isp issued) the last one I worked on was a dns name. I think it was in the hub transport section.

[timzim]

On the "Specify the FQDN this connector will provide in response to HELO or EHLO:" Do we need the enter the local name of the exch box or the external name of it?

Should be the server local FQDN but make sure server name is in caps, e.g. EXCH1.domain.local

Also check you've opened the appropriate ports on the mail server (25 for SMTP, 465/587 for SMTPS).

[dgardner]

If you don't use the IP address for the Exchange 2010 box that your ISP is relaying mail to, it will definitely not work.

I also seem to remember that Exchange 2010 was very fiddly with certificates. Especially if you have alternative common names for OWA etc. I had no end of trouble with that...

[dgardner]

Yes they do. It is the address that the old exchange uses. When I do the test on exch 2010, I borrow that IP address from the old exchange. on the mx record I change the priorty to be 0 for exch 2010.

Sorry, just re-read this. Forget my comment about relaying the mail to the old IP.

[zag]

We had a very similar problem installing exchange 2010 and I never got to the bottom of it. It was something to do with the connector permissions for us.

We moved to live@edu in the end. Couldn't be happier with the decision, no more messing with exchange routing

[sukh]

1. To receive email from the internet you need a receive connector which you already have with the correct permission. This is created by setup.exe by default.
2. To send email to the outside world, you need to create a send connector, which isn't created by setup.exe.
3. To receive emails from the internet, make sure the MX records with lower priority points to Exchange 2010, then make sure if you have a NAT/Firewall that port forwarding is setup correctly. I would change the MX for testing to 5 for Exchange 2010 and 10 for Exchange 2003.
4. When you switch over for testing and send an email say from hotmail, do you get an NDR?
5. Up the logging on the Default receive connector to see if a connection is even attempted.
6. From an external host, try and telnet onto the Exchange 2010 external IP to see if it's listening on port 25