Exchange Server Forums
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Sending mail between SMTP servers
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
Sending mail between SMTP servers - 14.Nov.2010 1:11:08 AM
|
|
|
sschmidlap
Posts: 12
Joined: 30.Oct.2010
Status: offline
|
Hello. I have a simple and straightforward setup as I learning Exchange for the first time. I am supporting internal email only. I have a single Active Directory domain with two Active Directory sites. I have a clustered Exchange server in each site. EXCH-VS01 is my clustered Exchange server in St Louis. EXCH-VS02 is my clustered Exchange server in Phoenix. I originally had both servers in one Administrative Group and verified all functionality worked great. Was able to test and verify POP3, IMAP and SMTP. Everyone could send to everyone and receive. I then moved servers between administrative and routing groups to learn about connectors. Now, EXCH-VS01 (St Louis) is in the St Louis Admin/Routing Group and EXCH-VS02 (Phoenix) is in the Phoenix Admin/Routing Group. I created a routing group connector in both admin groups. The connectors are up and look good in Winroute. But mail is not flowing between the servers now. Users can only send to other users that have mailboxes in the same admin/routing group.
The error in Outlook is
Your message did not reach some or all of the intended recipients.
Subject: test
Sent: 11/13/2010 10:37 PM
The following recipient(s) could not be reached:
Luke Berry on 11/13/2010 10:38 PM
The recipient could not be processed because it would violate the security policy in force
<EXCH-VS02.techskills.com #5.7.0 smtp;530 5.7.0 Must issue a STARTTLS command first>
Please help
|
|
|
|
|
RE: Sending mail between SMTP servers - 14.Nov.2010 3:32:11 PM
|
|
|
uemurad
Posts: 8232
Joined: 7.Jan.2004
From: California, USA
Status: offline
|
It sounds like you have specified the requirement for TLS encryption on your SMTP Virtual Server. In the ESM, expand each server, Protocols, and SMTP. Open the properties of the Default SMTP Virtual Server, go to the Access tab and click on Authentication.
Uncheck the "Requires TLS encryption" box.
_____________________________
Regards,
Dean T. Uemura
Microsoft MVP - Exchange (2007-2011)
exchangeguy.blogspot.com
uemurad@yahoo.com
|
|
|
|
|
RE: Sending mail between SMTP servers - 14.Nov.2010 5:15:31 PM
|
|
|
sschmidlap
Posts: 12
Joined: 30.Oct.2010
Status: offline
|
Thank you for your help. This is what I just tried. I don't know if it worked yet. First, yes TLS encryption was checked on both servers. For authentication, AND outbound delivery I just checked anonymous access and left everything else blank. My next question, assuming this allows email to flow, is that I don't want to leave authentication at anonymous. From what I read configuring TLS is pretty complicated. But I can use basic or windows integrated. I would like to Windows Integrated authentication, but that calls for a username and password. What account would I use? Should I set up a service account for sending email between servers and use that account? What would you recommend? Thank you.
|
|
|
|
|
RE: Sending mail between SMTP servers - 14.Nov.2010 5:43:55 PM
|
|
|
sschmidlap
Posts: 12
Joined: 30.Oct.2010
Status: offline
|
Well, after changing authentication to anonymous, the delivery queues finally emptied out to zero, but the emails are STILL not being delivered between routing groups. More info. In setting for SMTP virtual server. I go to Access/Communication/Secure Communication. I have require a secure channel and require 128 bit encryption selected. That was working just fine when I just had one routing group as I installed the necessary certificates on server and client machines. I was able to send digitally signed and encrypted messages. Should I uncheck these items as well? Seems like to get this working, I have to turn off ALL security enhancements which is frustrating. Please help.
|
|
|
|
|
RE: Sending mail between SMTP servers - 14.Nov.2010 5:55:05 PM
|
|
|
sschmidlap
Posts: 12
Joined: 30.Oct.2010
Status: offline
|
Ok. I unchecked require a secure channel and require 128 bit encryption. The mail flows between SMTP servers now, but with NO security features! I don't understand as I installed certificates and such. When it comes to the training videos and docs, they are all great EXCEPT when it comes to certificates and enhanced security. This is definitely my big weak spot. Right now, I am thinking about using Windows integrated authentication on the SMTP servers. Now, would just this take effect for communication between SMTP servers or what it also require Outlook clients to authenticate to the Exchange server? Obviously, I don't want anonymous clients to be able to connect to the Exchange server, and I want the communication between SMTP servers to be secure. What are you recommendations for this please?
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
