question

AleksandarMaksimovski-3481 avatar image
0 Votes"
AleksandarMaksimovski-3481 asked AleksandarMaksimovski-3481 answered

Exchange 2019 CU11 not sending external mails

Hi,

Recently i upgraded to Exchange 2019 CU 11 from CU3 and now i cannot send external mails. Internal work in and out, i can receive from external but i cannot send. All of them are ending in the queue.
I have checked the TLS 1.2 and it is enabled. Port 25 is opened and all the needed ports are opened.
186130-mail.jpg


office-exchange-server-administrationoffice-exchange-online-itprooffice-exchange-server-mailflowoffice-exchange-server-connectivity
mail.jpg (1014.8 KiB)
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

MdeRooij avatar image
0 Votes"
MdeRooij answered AleksandarMaksimovski-3481 commented

Box cannot communicate to the outside world. Sure you can connect from the Exchange box to externally on port 25? Some ISP's block 25 as a "measure" to block spamming.

· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

I can telnet from outside on port 25.

0 Votes 0 ·

186345-screenshot-at-mar-24-08-07-38.jpg




this is telnet from outside

0 Votes 0 ·
AaronXue-MSFT avatar image
0 Votes"
AaronXue-MSFT answered AleksandarMaksimovski-3481 commented

Hi @AleksandarMaksimovski-3481 ,

Are all outbound messages (send to different recipient domains) stuck in queue with the same error?(451 4.4.397 error communicating with target error)

I did some research about the error, most of the related information says the 25 port is the key of this issue. Please check the fire wall and make sure that all ports required by Exchange are opened.

I also found a similar case for you reference.
421 4.4.2 Connection dropped due to TimedOut. (microsoft.com)


If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

186327-screenshot-at-mar-23-22-00-03.jpg




this are the open ports that i have

0 Votes 0 ·

186373-screenshot-at-mar-24-08-04-40.jpg




sorry for previos comment it was wrong. this is my open ports list.

0 Votes 0 ·
AleksandarMaksimovski-3481 avatar image
0 Votes"
AleksandarMaksimovski-3481 answered

I can telnet on 25 from outside and inside.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

JasreetSingh avatar image
0 Votes"
JasreetSingh answered AleksandarMaksimovski-3481 commented

Can you check if you have valid MX, PTR and SPF record for the exchange hosting on Public DNS.

If not, please get them created and send a test mail.

Note : You can connect with your ISP for the PTR record.

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Everything is ok. I have already checked. It was working properly prior to the upgrade

0 Votes 0 ·
imamitsingh avatar image
0 Votes"
imamitsingh answered

If port 25 closes, ensure your Microsoft Exchange Front End Transport Service is started. Also, check this thread for help - https://community.spiceworks.com/topic/2342694-external-incoming-email-not-being-received-since-kb5008207-installed?utm_campaign=item&utm_medium=rss&utm_source=forum

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

AleksandarMaksimovski-3481 avatar image
0 Votes"
AleksandarMaksimovski-3481 answered

After examining the header of the mail i found out that the mails were sent via the IP assigned to the hyperv switch and not on the physical lan card that is assigned to the exchange. The exchange it self is installed on a hyperv host(not on a VM)
I have changed the priority of the network interface and now it was resolved. There was a physical net card and a hyperV switch also and somehow it was mixed up. I tried by adding both IP to the firewall rule and it worked. Than i changed the priority to the physical card and everything worked.

Weird issue.

Thanks, for the help

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.