SBS 2011 - Newbie Email Questions

_Kaiser_

Evening all,

So with a few days off, I decided tonight to take advantage of new additions to my technet sub and rebuild my home domain setup with SBS 2011 as the foundation (previously was running just 2008 R2)

So I shut down the old DC, setup a new Hyper-V VM, installed SBS 2011, threw in all the things it asked for and told it to use my newly purchased Domain name.. all good so far!

Logged in after setup finished and ran through the wizards - referring liberally to the guide here (the only exceptions being I didn't go with the "Smart Host for email" option and self-certified the server for now).

Anyway, after all this I now have my laptop joined to the new Domain and Outlook 2010 automatically pulls the settings from the new Exchange server and works fine... except that I can't receive external mail (eg: from my gmail a/c). Sending/receiving internal mail works fine, as does sending to gmail, but I can't get anything back.

Now presumably this is something to do with the A/MX records on my Domain host. I've been googling as a result and currently have enabled a MX record on their control panel that points to "mynewdomain.com. 10 my-external-ip"

At this stage I should also mention I know virtually zip about the hosting/exchange side of things which is why I decided to set it up .. my background is Deskside/Windows AD admin and now more management and I've never had a chance to build an Exchange server from scratch as there was always an existing solution in place.

So this is probably something fairly easy I'm missing but any tips/links much appreciated

Cheers

Ctrl Alt Del

Hello,

1.Firstly,check on your domain control panel if you have something smaller than 10 as priority !If yes,your new external IP should have a smaller one...

2.Check your firewall GUI and open port 25 for SMTP and point it to your sbs ip address

3.Configure on Exchange Management console, the Receive Connector settings,as per Microsoft instructions !


Few things:

-once port 25 opened,you can receive a nice SMTP DOS so be careful with !
-on control panel ,set 10for your IP then 20 for your ISP POP3 account,just in case your server or broadband goes offline.Then,with a POP3 connector,download the "missed" emails every 15-30 minutes (aka MX Backup records)


Have fun...

_Kaiser_

Cheers for the assist

Ran through the "Setup your Internet Address" wizard again on SBS and put in a new "prefix.domain.com" and then added A and MX records on the hosting side and all seems fine now

Only problem I will have is if my IP changes but I gather I may be able to get around that with something like DynDNS that I've used before.

Ctrl Alt Del

Not sure,i always use static IPs in a real business net.
Use pop3 catch-all setup then !?

_Kaiser_

Hey again...

There's been a few changes at Kaiser2000's network

Although I finally got SBS2011 and it's in-built Exchange up and running, I soon discovered that it's limitations with regards to additional servers were going to cause me issues (eg: file sharing problems, NTFS permissions, user rights etc)

Although it's a great product for what it is, I soon realised that it doesn't like you going outside the main console/wizards at all

So I've blown it away and started over with my standard 2008 R2 setup - a DC, Exchange box, and my existing file server and all is well with the world... well almost!

- Clients can open Outlook and automatically get the settings from the Exchange box to complete their profile setup

- I can send emails from the client and they show in my gmail

BUT.. when i try to reply back, it gets lost in cyberspace.

I have a receive connector in Exchange setup like so:

Type: Internet
FQDN: mail.mydomain.com (where this is my web Domain, not local AD one)
Anonymous users is checked


There's lots of stuff on all this online but a lot of it doesn't differentiate between when it's talking about your internal domain and public domain which isn't helping.

I'm also not sure if I do or don't need an MX record in AD and if so, where and what should it say (in simple "MX records for dummies" terms ), and according to this port testing site, it says port 25 is blocked - even though it worked fine in SBS2011 and I haven't changed anything on the firewall (except the IP to point to the new Exchange server).
I'm with UPC - do they block port 25? If so, how was SBS getting around it?

Any advice much appreciated.. I feel like I'm so close at this stage

Mr. Fancypants

You need to have some public DNS records for example if your company's email address is going to be person1@kaiser2000.ie then you need an A record registered for something like mail.kaiser2000.ie and an MX record pointing at the same A record. You will also need port 25 forwarding to your Exchange box. For this to all be accomplished you should have a static public ip address or it will get messy fast (unless you enjoy being at the mercy of a dynamic dns provider). If you want to give us or pm me your company dns name i can check to see if you have your dns set up correctly.

Ctrl Alt Del

try this one:
www.mxtoolbox.com

just do your domain name search on MX records testing phase !

Have fun...

_Kaiser_

Ctrl Alt Del wrote: »

try this one:
www.mxtoolbox.com

just do your domain name search on MX records testing phase !

Have fun...

Cheers for that.. gave it a go and it resolves to the correct IP/mail.mydomain.com and isn't blacklisted

But, the SMTP test fails with:
7/24/2012 8:41:46 AM Connection attempt #1 - Timeout occurred due to inactivity. [16.22 sec]

I've verified the ports are open on the Firewall

To be honest it's probably something I have misconfigured on the Receive/Send Connectors - Would anyone have a few screenshots I can compare against (obviously changing your own data as needed)

Mr. Fancypants

You need to make sure that port 25 is forwarded to the internal ip address of the sbs server.

_Kaiser_

mbroaders wrote: »

You need to make sure that port 25 is forwarded to the internal ip address of the sbs server.

Ah well now there's a 2008 R2 DC and a 2008 R2 Exchange box and I have it set to forward to the latter

Mr. Fancypants

Whoops forgot you changed from SBS. Makes little difference anyhow. Check to see if you can telnet to the local ip address of the exchange server on port 25 from a machine on the same range such as the DC. telnet x.x.x.x 25

_Kaiser_

mbroaders wrote: »

Whoops forgot you changed from SBS. Makes little difference anyhow. Check to see if you can telnet to the local ip address of the exchange server on port 25 from a machine on the same range such as the DC. telnet x.x.x.x 25

Yep, gives me a mail server ready 220 message back...

Mr. Fancypants

Kaiser2000 wrote: »

Yep, gives me a mail server ready 220 message back...

Sounds like the problem is with your firewall or UPC. Haven't heard of UPC blocking port 25. Presumably if the test you ran on mxtoolbox is failing then when you telnet to port 25 to your public ip (from outside your network, can test now if you are at home) is failing also.

Ctrl Alt Del

Go to www.grc.com ,run a Shieldup test and see what ports you have open! Also,there you'll check the mapping from wan to lan !

Test WAN-to-Lan for SMTP traffic,try lan-to-lan and on same server !

Seen on few routers that there is a Firewall rule AND a NAT policy that needs to be set for "shaping" the traffic !

Have fun...

Kaiser2000 wrote: »

Cheers for that.. gave it a go and it resolves to the correct IP/mail.mydomain.com and isn't blacklisted

But, the SMTP test fails with:
7/24/2012 8:41:46 AM Connection attempt #1 - Timeout occurred due to inactivity. [16.22 sec]

I've verified the ports are open on the Firewall

To be honest it's probably something I have misconfigured on the Receive/Send Connectors - Would anyone have a few screenshots I can compare against (obviously changing your own data as needed)