Tech Off Thread

11 posts

Forum Read Only

This forum has been made read only by the site admins. No new threads or comments can be added.

Installing Exchange 2003 on Server 2003 with SP1

Back to Forum: Tech Off
  • User profile image
    Xenon101

    Ok I've tried this twice today without success I'm clearly doing something, somewhere, wrong.

    My network setup is rather confusing but basically it's like this:

    Internet -> XP Pro box -> Server -> Network Switch -> Parents Laptops & other wired desktop boxes.

    The firewall and NAT software is hosted on the XP Pro box and so currently it is all achieved by port forwarding. I haven't experienced any problems with this yet except DNS setting entries to the internal IP address by default but I changed that.

    So on to the Exchange install. I followed the check list and all the tests etc finished good. Got it installed fine. Read up on the error message saying I have to apply SP1 or SP2 or it won't work so thought sure thing I'll install SP2.

    Now I also setup an SMTP Connector for my primary domain xurial.net. The domain is setup in the local DNS server however is still hosted on other nameservers and I have set an A record for mail.xurial.net to my external IP and CNAMED the MX record to mail.xurial.net.

    I try to send out mail from Exchange and it works fine, even to remote servers, so relaying is working. I try to receive mail however with no luck.

    MX has been changed probably 2-4 hours however when I looked up mail.xurial.net I instantly had the new IP, same with everyone else I got to try it so hopefully it should have updated.

    I setup the mailboxes by simply adding users to Active Directory. It may be worth noting I added the SMTP connector after I setup the AD users & mailboxes. I also setup Recipient Policies for SMTP or something, can't remember the exact term.

    I'm still not receiving mail, port 25 incoming TCP is forwarded to the box (I missed this until recently! *oops*)

    So anyone got any ideas why this aint working? Could it just be i'm being impatient and the MX change hasn't propogated or should I be worried I've screwed up?

    Regards,
    Iain

  • User profile image
    out180

    First off, stop worrying about the DNS records until you need to.  You haven't reached that point yet.

    Telnet into port 25 on the Exchange box and send an e-mail to an internal mailbox.  Does it work?  If yes then your SMTP config is at least working on a basic level (internally).

    Next, from an external network telnet into port 25 via the outward facing IP address of the box.  Do not rely on DNS name resolution yet, do this by IP only.  If you connect then try and send an e-mail internally.  Does it work?  Can you connect?

    If both of those tests work then wait for your DNS changes to propagate.

    Depending on where you fail in the above tests will depend on your next step.  Post your results.

    --

    Use the following KB article if you do not know how to send e-mail via a telnet session.

    http://support.microsoft.com/kb/q153119/

    --

    If I use xurial.net as my name server I come up with 82.41.74.43 as your MX records IP address (mail.xurial.net).  If I telnet into port 25 of this machine I receive the following header.

    220 windows.Xurial.net Microsoft ESMTP MAIL Service, Version: 6.0.3790.1830 ready at  Sun, 4 Dec 2005 23:36:41 +0000

    While I did not attempt to send an e-mail it looks like it is working to me.

  • User profile image
    Xenon101

    Ok I've never tried sending mail via telnet before but following that article and trying

    MAIL FROM:iain.shortreed@xurial.net gives me the following error
    454 5.7.3 Client does not have permission to submit mail to this server.

    I don't know why this is as I it all appears to be setup to accept all mail! Perplexed

    Update: I tried this from a machine on the local network, from my XP box and from the server directly using telnet in cmd prompt. All gave the same result. Any ideas?

  • User profile image
    out180

    Xenon101 wrote:


    MAIL FROM:iain.shortreed@xurial.net gives me the following error
    454 5.7.3 Client does not have permission to submit mail to this server.


    Most likely your SMTP server is setup to require authentication and disallow anonymous submission.  Under the properties for your SMTP Virtual Server, Access Tab, Authentication button ensure that you have anonymous access checked.  Click Ok and back out on the Access Tab make sure under the Relay button you have 'Only the list below" selected and nothing in the list box below it.  This is required if you expect or want to receive e-mail from the internet.

    If you had to change either of these settings then go retest.  Most likely it fixed it.

    --
    Note:  You can quickly and very easily make yourself an open relay.  I am not responsible for that.  The 'Only the list below' option under the Relay settings is probably the most important to prevent this.  Also be sure you don't have silly accounts like test:test on your system.

  • User profile image
    Xenon101

    Ah! I see now! I had only set it up to allow myslef & another exchange user to use that at all (including relaying perms).

    No-one ever told me you needed SMTP to receive mail, I really thought it was only for sending :/ my bad.

    Also 'silly accounts like test:test' i have exchange installed and before that didn't create any accounts. So now, the only way to set passwords is to have those big bad boy heavily secure passwords.

    Also I rarely ever have accounts on a box that aren't used Smiley

    MAIL FROM:iain.shortreed@gmail.com
    250 2.1.0 iain.shortreed@gmail.com.........Sender OK

    Guessing that means it's fine now?

  • User profile image
    out180

    It looks like you are heading in the right direction.

    Once you verify that you are indeed accepting inbound e-mail for your local domain I recommend doing a Google search for 'open relay test' and using one of the many relay testers out there.  That just makes sure you haven't opened yourself up to relay.  A CYA if you will.  :O

    Other than that I imagine you are all set.  Make sure you have some anti-virus.  Smiley

  • User profile image
    blowdart

    out180 wrote:
    It looks like you are heading in the right direction.

    Once you verify that you are indeed accepting inbound e-mail for your local domain I recommend doing a Google search for 'open relay test' and using one of the many relay testers out there.  That just makes sure you haven't opened yourself up to relay.  A CYA if you will.  :O


    ordb do a good test

  • User profile image
    out180

    blowdart wrote:


    ordb do a good test


    I forgot about that one.  Yes, that is the best one to use.

  • User profile image
    Xenon101

    Ok that's gonna check it out in a bit but I don't think I will be as the only users with relay permissions are my account & the other 3 staff accounts on the box.

    Now, I'm trying to setup a 2nd domain but not sure how I would go about it as the domain controller assigns all users @xurial.net...so i presume exchange would do the same, but some of the users cannot have xurial.net e-mail accounts as they are for staff.

    Instead I want to allow certain people to have xn3.net e-mails. I have configured DNS, it's not changed yet but ready to be, just need to know what needs to be done in Exchange.

    I have added an SMTP Connector for the domain.

    Cheers all Big Smile

  • User profile image
    W3bbo

    Xenon101 wrote:
    Now, I'm trying to setup a 2nd domain but not sure how I would go about it as the domain controller assigns all users @xurial.net...so i presume exchange would do the same, but some of the users cannot have xurial.net e-mail accounts as they are for staff.


    <Oversimplification>AD domains you see tacked onto the end of user logon names are NOT the same thing as SMTP e-mail address domains, don't confuse them</Oversimplification>

  • User profile image
    Xenon101

    Fair enough. Is it possible for me to get rid of this SP2 and install SP1 without screwing it all up? The terminology and grouping in SP2's menus are confusing me!!

Conversation locked

This conversation has been locked by the site admins. No new comments can be made.