Testing SMTP connection on new Exchange install.

[JaimeLobo]

Background: Small network with 25 users, currently has Exchange 5.5 server running on NT SBS 4.5 with a T1 connection (static IP’s). It is being changed to a new install of Exchange 2K3 running on a new Server 2K3 and with work being done by an amateur/part-time network administrator.

Everything is installed and seems to be running well; all mailboxes set up (I just manually created them), the internal mail works, OWA works from outside, etc. My question is a two-parter:

First, what is the best method to make the new server "live" and start receiving our outside mail? Do I just need to have the ISP change the record from the old server’s IP xxx.xxx.xxx.030, to the new server IP xxx.xxx.xxx.032 or do I kill the old server and change the IP of the new server to that number? I'm thinking the former is correct because I don't know what the ramifications are of changing the IP on the new server. If that is the method, how long before I can safely assume that I am getting all mail at that address; I’ve heard a range from hours to days until everything propagates globally.

Second, I know when I set up the 5.5 server many years ago; I tested the incoming connection by sending mail from outside to somebody@xxx.xxx.xxx.030 (IP of server) rather than somebody@ourdomain.com. That doesn't seem to work with the new Exchange server; internet mail goes out of the new server just fine, but when I try to send mail to the new server using the new server’s IP address (...032), nothing comes in. I don’t even get any message from the new server saying the message is undeliverable. I don’t see anything in the event viewer. BTW, I currently have no hardware firewall, just the NAT/Basic Firewall in Routing and Remote Access and I have Port 25 open (only one open).

Is it something about 2K3 that doesn’t allow this to work or do I not have everything set up right for the SMTP connector.

TIA,

James Wolf
Orlando, FL

 

[BigShyBear]

1. Yes, you could have your ISP just change the IP address of of the mail server server in the DNS record.
There is a fancier way of doing this taking advantage of the MX record and the hosts records, but this is probably not necessary.
2. (do this BEFORE you have the ISP change the mail servers IP address in DNS)
From a computer inside the firewall pull up a dos prompt and run telnet:
telnet ip_address_new_mail_server 25
This should return
220-somekind_of_info_about_exchange_and_computer_name

This tells you that the SMTP service is running.
Now do this again from a computer OUTSIDE your firewall to test whether your firewall is allowing traffic through.
You need to make sure your firewall is allowing port 25 traffice (SMTP) through to your new mail server.
Please tell me you have a firewall and are not running a Microsoft product exposed.

2a. After you change the IP address, go to one of the free web mail servers like mail.yahoo.com or google or hotmail and send mail, and wait for it.

 

[JaimeLobo]

Thanks for the info so far.

I ran telnet from inside and got:

220 "new.mailserver.name" Microsoft ESMTP MAIL Service, Version: 6.0.3790.211 ready at Thu, 4 Nov 2004 14:53:28 -0500

Then did a dialed in to my AT&T Worldnet Account and tried to telnet and got a "Cannot Connect to Server..." error message; interestingly I got the same error message when tried to telnet to the old (and functioning) mailserver's IP address. So I guess I don't know where lies the problem. I'll try again (both IP's) from home tonight.

And as I mentioned, no hardware firewall at the moment, just the software one in Routing and Remote Access of Windows Server 2003. I have used the test at Gibson Research's site and it shows everything as "stealthed" except port 25.

 

[BigShyBear]

Not being able to telnet in to both your mail servers is a good indicator that the problem is an At&T Worldnet configuration issue - I've seen a number of ISP's block access to any mail server except their own when I was doing a dial-up. (this inncludes Earthlink)
Try this 'telnet on port 25' trick again from home.

Based on the inside telnet you know your new mail server is running.

 

[JaimeLobo]

Thanks again.

I did the same thing from home, got the same results. However, I turned on the max logging for the smtp sevice and this is a sample of the messages (I removed some of the repetative columns). Am I correct in assuming that the message is arriving, but not being accepted (or passed on to Exchange)?

c-ip cs-username s-sitename s-computername s-ip cs-meth cs-uri-query sc-stat sc-win32-stat
64.4.56.80 hotmail.com SMTPSVC1 exserver01 10.0.0.1 EHLO +hotmail.com 250 0
64.4.56.80 hotmail.com SMTPSVC1 exserver01 10.0.0.1 MAIL +FROM:<me@hotmail.com> 250 0
64.4.56.80 hotmail.com SMTPSVC1 exserver01 10.0.0.1 RCPT +TO:<me@xxx.xxx.xxx.132> 250 0
64.4.56.80 hotmail.com SMTPSVC1 exserver01 10.0.0.1 BDAT +1600+LAST 452 8
64.4.56.80 hotmail.com SMTPSVC1 exserver01 10.0.0.1 QUIT hotmail.com 240 891
64.4.56.28 hotmail.com SMTPSVC1 exserver01 10.0.0.1 EHLO +hotmail.com 250 0
64.4.56.28 hotmail.com SMTPSVC1 exserver01 10.0.0.1 MAIL +FROM:<me@hotmail.com> 250 0
64.4.56.28 hotmail.com SMTPSVC1 exserver01 10.0.0.1 RCPT +TO:<me@xxx.xxx.xxx.132> 250 0
64.4.56.28 hotmail.com SMTPSVC1 exserver01 10.0.0.1 BDAT +1321+LAST 452 8
64.4.56.28 hotmail.com SMTPSVC1 exserver01 10.0.0.1 QUIT hotmail.com 240 1094

I also got the following as an NDR to my hotmail account:

Reporting-MTA: dns;hotmail.com
Received-From-MTA: dns;mail.hotmail.com
Arrival-Date: Fri, 5 Nov 2004 23:04:08 -0800

Final-Recipient: rfc822;me@xxx.xxx.xxx.132
Action: failed
Status: 4.4.7

I looked up the status number on the MS KB, but it seemed pretty vague as to what it meant.

Thanks

James Wolf
Orlando, FL

 

[JaimeLobo]

Couple of more items. I notice in the event viewer, even though the SMTP sevice says it is started, I get this error:

Virtual Server Invalid Mail Queue Directory: The specified mail queue directory is not valid. Cannot start the SMTP Service.

The queues do exist under the mailroot\vsi 1\ directory and "everyone" has full control.

I also get these messages in the event viweer when I tried to e-mail:

This is an SMTP protocol log for virtual server ID 1, connection #25. The client at "xxx.xxx.xxx.xxx" sent a "xexch50" command, and the SMTP server responded with "504 Need to authenticate first ". The full command sent was "xexch50 1844 2". This will probably cause the connection to fail.

The IP address is from my wife's school (I asked her to try sending an e-mail).

Any of this mean anything?

Thanks

James Wolf