IIS SMTP Issues - 2k3 Server

[KingKaeru]

Hi Guys,

I have an issue with configuring the default SMTP Service on IIS 2k3 server. I have two systems on a windows domain with the default IIS SMTP Service installed on both systems. Each system is setup to accept connections and relay email from the localhost and the other system. When I try to send email from one system to the other though, the email does not leave the local SMTP server and sits in the mailroot/Queue directory.

I can telnet to port 25 of both systems from both systems and successfully create a message manually.

Any ideas on why the emails arent being delivered?

System 1:
Domain: foo.com
Hostname: system1.foo.com

System 2:
Domian: foo.com
Hostname: system2.foo.com

Thanks,
--KK

 

[SJConsultant]

Anything in the Event logs or smtp logs? Are they eventually showing up in the "badmail" folder as undeliverable?

What address are you using to send from one server to another when manually telnetting to SMTP?

SMTP logs would at least show a connection attempt if any is made from one server to another.. If emails are sitting in the queue and then eventually the badmail folder, I'd venture to say a possible DNS issue.

 

[KingKaeru]

That's what i'm suspecting. That it's a DNS issue since the domains I am sending to are not real domain names. I'm simply using these two servers as a test bed.

The emails eventually get moved to badmail. When packetsniffing with ethereal, there doesnt seem to be a connection attempt at all.

Would bringing up a nameserver with the domain records resolve this issue?

--KK

 

[SJConsultant]

I've done a similiar testbed and simply entered the appropriate names and ip addresses in the hosts file of each server. Much simpler solution than trying to implement a full name server.

Setup a hosts file and retry. If issues still persist, then a packet capture, event logs, and SMTP logs will be needed to further troubleshoot.

 

[KingKaeru]

That's interesting and I'll definately add the records in the hosts file tomorrow.

Didnt think of it since the systems are on a windows domain and so they can resolve each other via domain name fine.

e.g. ping system1.foo.com works.

Thanks,

--KK

 

[SJConsultant]

That's interesting and I'll definately add the records in the hosts file tomorrow.

Didnt think of it since the systems are on a windows domain and so they can resolve each other via domain name fine.

e.g. ping system1.foo.com works.

As an FYI You may need to add entries for the FQDN and netbios e.g. system1 to ensure everything resolves correctly.

 

[swatbat]

I've done a similiar testbed and simply entered the appropriate names and ip addresses in the hosts file of each server. Much simpler solution than trying to implement a full name server.

Setup a hosts file and retry. If issues still persist, then a packet capture, event logs, and SMTP logs will be needed to further troubleshoot.

That may work but since they are on the same domain I wasn't thinking about that other then they have a .com in the name. That may do it for him.

 

[KingKaeru]

Update - still no workie


here's more information:

Host File on server1

192.168.1.113   system1.foo.com
192.168.1.113   system1
192.168.1.150   system2.foo.com
192.168.1.150   system2

Host File on server2

192.168.1.113   system1.foo.com
192.168.1.113   system1
192.168.1.150   system2.foo.com
192.168.1.150   system2

Command line tests on system1 (same results when done from system2):

kingkaeru@system2 ~
$ nslookup system1.foo.com
Server:  primary.foo.com
Address:  192.168.1.6

Name:    system1.foo.com
Address:  192.168.1.113


kingkaeru@system2 ~
$ ping system1.foo.com

Pinging system1.foo.com [192.168.1.113] with 32 bytes of data:

Reply from 192.168.1.113: bytes=32 time<1ms TTL=128
Reply from 192.168.1.113: bytes=32 time<1ms TTL=128
Reply from 192.168.1.113: bytes=32 time<1ms TTL=128
Reply from 192.168.1.113: bytes=32 time<1ms TTL=128

Ping statistics for 192.168.1.113:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms

kingkaeru@system2 ~
$ telnet system1.foo.com

220 system1.foo.com Microsoft ESMTP MAIL Service, Version: 6.0.3790.1830 ready at  Thu, 31 Aug 2006 09:15:36 -0700
ehlo
250-system1.foo.com Hello [192.168.1.150]
250-TURN
250-SIZE 2097152
250-ETRN
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-8bitmime
250-BINARYMIME
250-CHUNKING
250-VRFY
250 OK
mail from: [email][email protected][/email]
250 2.1.0 [email][email protected][/email]er OK
rcpt to: [email][email protected][/email]
250 2.1.5 [email][email protected][/email]
data
354 Please start mail input.
derf
.
250 Mail queued for delivery.
quit
221 Closing connection. Good bye.
Connection to host lost.
kingkaeru@system2 ~

kingkaeru@system2 ~
$ telnet localhost 25
220 system2.foo.com Microsoft ESMTP MAIL Service, Version: 6.0.3790.1830 ready at  Thu, 31 Aug 2006 09:22:33 -0700
ehlo
250-system2.foo.com Hello [127.0.0.1]
250-TURN
250-SIZE 2097152
250-ETRN
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-8bitmime
250-BINARYMIME
250-CHUNKING
250-VRFY
250-TLS
250-STARTTLS
250 OK
mail from: [email][email protected][/email]
250 2.1.0 [email][email protected][/email]er OK
rcpt to: [email][email protected][/email]
250 2.1.5 [email][email protected][/email]
data
354 Please start mail input.
derf
.
250 Mail queued for delivery.
quit
221 Closing connection. Good bye.


Connection to host lost.

kingkaeru@system2 ~
$

From the above log.

The first attempt to deliver email by connecting to the remote SMTP and creating a connection works.

The second attempt to deliver by relaying from the local SMTP fails and drops the message in Queue(to be moved eventually to badmail).

Here's the packet logs of the only communication between System2 and System1 when trying to relay from System2's SMTP to System1.

Packet 1 - SMB Echo Request
Source: 192.168.1.150
Destination: 192.168.1.113

Packet 2 - SMB Echo Response
Source: 192.168.1.113
Destination: 192.168.1.150

Packet 3 - TCP 3165 > netbios-ssn [ACK] Seq=53 Ack=53 Win=64846 Len=0
Source: 192.168.1.150
Destination: 192.168.1.113

Any ideas?

Thanks guys.

--KK

 

[SJConsultant]

Can you post a copy of the SMTP logs of both systems?

 

[KingKaeru]

#Software: Microsoft Internet Information Services 6.0
#Version: 1.0
#Date: 2006-08-31 18:04:02
#Fields: date time c-ip cs-username s-sitename s-computername s-ip s-port cs-method cs-uri-stem cs-uri-query sc-status sc-win32-status sc-bytes cs-bytes time-taken cs-version cs-host cs(User-Agent) cs(Cookie) cs(Referer) 
2006-08-31 18:04:02 192.168.1.113 OutboundConnectionResponse SMTPSVC1 SYSTEM2 - 25 - - 220+system1.foo.com+Microsoft+ESMTP+MAIL+Service,+Version:+6.0.3790.1830+ready+at++Thu,+31+Aug+2006+11:04:01+-0700+ 0 0 128 0 16 SMTP - - - -
2006-08-31 18:04:02 192.168.1.113 OutboundConnectionCommand SMTPSVC1 SYSTEM2 - 25 EHLO - system2.foo.com 0 0 4 0 16 SMTP - - - -
2006-08-31 18:04:02 192.168.1.113 OutboundConnectionResponse SMTPSVC1 SYSTEM2 - 25 - - 250-system1.foo.com+Hello+[192.168.1.150] 0 0 54 0 16 SMTP - - - -
2006-08-31 18:04:02 192.168.1.113 OutboundConnectionCommand SMTPSVC1 SYSTEM2 - 25 MAIL - FROM:<[email protected]>+SIZE=7739 0 0 4 0 16 SMTP - - - -
2006-08-31 18:04:02 192.168.1.113 OutboundConnectionResponse SMTPSVC1 SYSTEM2 - 25 - - [email protected]+OK 0 0 62 0 16 SMTP - - - -
2006-08-31 18:04:02 192.168.1.113 OutboundConnectionCommand SMTPSVC1 SYSTEM2 - 25 RCPT - TO:<[email protected]> 0 0 4 0 16 SMTP - - - -
2006-08-31 18:04:02 192.168.1.113 OutboundConnectionResponse SMTPSVC1 SYSTEM2 - 25 - - [email protected]+ 0 0 53 0 16 SMTP - - - -
2006-08-31 18:04:02 192.168.1.113 OutboundConnectionCommand SMTPSVC1 SYSTEM2 - 25 BDAT - 7739+LAST 0 0 4 0 16 SMTP - - - -

#Software: Microsoft Internet Information Services 6.0
#Version: 1.0
#Date: 2006-08-31 18:04:01
#Fields: c-ip cs-username s-sitename s-computername s-ip s-port cs-method cs-uri-stem cs-uri-query sc-status sc-win32-status sc-bytes cs-bytes time-taken cs-version cs-host cs(User-Agent) cs(Cookie) cs(Referer) 
192.168.1.150 system2.foo.com SMTPSVC1 SYSTEM1 192.168.1.113 0 EHLO - +system2.foo.com 250 0 206 30 0 SMTP - - - -
192.168.1.150 system2.foo.com SMTPSVC1 SYSTEM1 192.168.1.113 0 MAIL - +FROM:<[email protected]> 250 0 64 61 0 SMTP - - - -
192.168.1.150 system2.foo.com SMTPSVC1 SYSTEM1 192.168.1.113 0 RCPT - +TO:<[email protected]> 250 0 55 52 0 SMTP - - - -

Event log:

Message delivery to the host '192.168.1.113' failed while delivering to the remote domain 'system1.foo.com' for the following reason: The connection was dropped by the remote host.

--KK