Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Wanet Telecoms Ltd on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

2nd node of Exchange cluster cannot send external mail

Status
Not open for further replies.
negaduck

negaduck

Technical User
May 13, 2004
3
NL
If a failover takes place, the second node of our Exchange cluster cannot send mail to any external recipients. The error message is: "There was a SMTP communication problem with the recipient's email server. Please contact your system administrator. <[virtual_server_fq_name] #5.5.0 smtp;553-you are trying to use me>

I would really appreciate some ideas.
 
Sort by date Sort by votes
In exchange 2000 and 2003, when sending mail, it goes out over the real IP of the node, not the virtual IP of the SMTP virtual server. You'll need to do translation at the firewall for the IP of each node as well as that of the virtual server. For each, you'll need an A record and a PTR record in external DNS.


In very small designs with just a single cluster this can become an issue. In larger designs, you would want one or two unclustered SMTP bridgeheads in the routing goup. This will avoid the problem altogether.



 
Upvote 0 Downvote
There is an external mail server (ISP). I was able to "telnet [servername] 25" without a problem. Does this mean anything?
 
Upvote 0 Downvote
Let's say node 1 is 10.0.1.1 and node 2 is 10.0.1.2. The smtp virtual server is 10.0.1.3. On the firewall, the external interface is 172.16.1.1, and you've set up a virtual IP of 172.16.1.2 that NATs to your virtual server 10.0.1.3 on the inside. You have an mx record that points to "mail.domain.com" and "mail" has both an A record and a PTR record in DNS.


Inbound mail works fine. You can telnet to 172.16.1.2 which is translated to 10.0.1.3 and you get a connection. Outbound mail is where you will have a problem. You would expect the mail to originate on 10.0.1.3 and be translated to 172.16.1.2. This is not what happens on a cluster. The mail originates on 10.0.1.1 or 10.0.1.2 depending on which node is active. If you have not set up some static translation, either there is no rule on the firewall and it doesn't go out at all, or it goes out as the default external interface 172.16.1.1 for which there is no A and PTR record. Either way, it will fail.



 
Upvote 0 Downvote
Many thanks for your help. Eventually we were able to pinpoint a configuration error regarding the IP address of the second node in a firewall which is managed externally.

Thanks again.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

mangentle
  • Locked
  • Question
What are the key advantages of using Microsoft Windows Servers for businesses?
Replies
1
Views
1K
gbaughma
gbaughma
DrB0b
  • Locked
  • Question
Windows 2016 IIS FTP server with a ton of user accounts
Replies
4
Views
869
DrB0b
DrB0b
zorg2004
  • Locked
  • Question
Cluster CSV Disk Ownership Performance
Replies
0
Views
287
zorg2004
zorg2004
DrB0b
  • Locked
  • Question
HyperV trying to do extended replica to external HDD
Replies
0
Views
266
DrB0b
DrB0b
andyferris
  • Locked
  • Question
DC Event logs auditing cannot be set by GPO
Replies
1
Views
364
RRankin355
RRankin355

Part and Inventory Search

Sponsor

Back
Top