iT邦幫忙

0

求解 Exchange 2007 send log問題

各位IT邦大神好,目前遇到A客戶 mail.abc.com.tw 要寄信給B客戶 mail.xyz.com.tw
A客戶會收到exchange2007反饋的訊息表示嘗試寄出次數已達上限,
查看lOG後,看起來是跟B客戶建立連線後被中斷,想請問可能的原因有?
2018-12-18T23:43:28.612Z,ABC,08D62030B70A6469,1,192.168.2.25:25116,139.175.158.116:25,+,,
2018-12-18T23:43:30.643Z,ABC,08D62030B70A6469,2,192.168.2.25:25116,139.175.158.116:25,<,220 ESMTP,
2018-12-18T23:43:30.643Z,ABC,08D62030B70A6469,3,192.168.2.25:25116,139.175.158.116:25,>,EHLO mail-s.ABC.com.tw,
2018-12-18T23:43:30.643Z,ABC,08D62030B70A6469,4,192.168.2.25:25116,139.175.158.116:25,<,"250-XYZ.com.tw Hello mail.ABC.com.tw [60.249.106.211], pleased to meet you",
2018-12-18T23:43:30.643Z,ABC,08D62030B70A6469,5,192.168.2.25:25116,139.175.158.116:25,<,250-ENHANCEDSTATUSCODES,
2018-12-18T23:43:30.643Z,ABC,08D62030B70A6469,6,192.168.2.25:25116,139.175.158.116:25,<,250-PIPELINING,
2018-12-18T23:43:30.643Z,ABC,08D62030B70A6469,7,192.168.2.25:25116,139.175.158.116:25,<,250-8BITMIME,
2018-12-18T23:43:30.643Z,ABC,08D62030B70A6469,8,192.168.2.25:25116,139.175.158.116:25,<,250-SIZE,
2018-12-18T23:43:30.643Z,ABC,08D62030B70A6469,9,192.168.2.25:25116,139.175.158.116:25,<,250-DSN,
2018-12-18T23:43:30.643Z,ABC,08D62030B70A6469,10,192.168.2.25:25116,139.175.158.116:25,<,250-ETRN,
2018-12-18T23:43:30.643Z,ABC,08D62030B70A6469,11,192.168.2.25:25116,139.175.158.116:25,<,250-AUTH LOGIN PLAIN,
2018-12-18T23:43:30.643Z,ABC,08D62030B70A6469,12,192.168.2.25:25116,139.175.158.116:25,<,250-STARTTLS,
2018-12-18T23:43:30.643Z,ABC,08D62030B70A6469,13,192.168.2.25:25116,139.175.158.116:25,<,250-DELIVERBY,
2018-12-18T23:43:30.643Z,ABC,08D62030B70A6469,14,192.168.2.25:25116,139.175.158.116:25,<,250 HELP,
2018-12-18T23:43:30.643Z,ABC,08D62030B70A6469,15,192.168.2.25:25116,139.175.158.116:25,>,STARTTLS,
2018-12-18T23:43:30.658Z,ABC,08D62030B70A6469,16,192.168.2.25:25116,139.175.158.116:25,<,220 2.0.0 Ready to start TLS,
2018-12-18T23:43:30.674Z,ABC,08D62030B70A6469,17,192.168.2.25:25116,139.175.158.116:25,-,,Remote (這邊就會被B客戶那端中斷掉,why???)
2018-12-18T23:43:30.674Z,ABC,08D62030B70A6469,0,,139.175.158.113:25,,,attempting to connect
2018-12-18T23:43:51.674Z,ABC,08D62030B70A6469,1,,139.175.158.113:25,
,,"Failed to connect. Error Code: 10065, Error Message: 通訊端操作無法連線到主機。 139.175.158.113:25"

B客戶有兩台mail server但第二台只是備援,所以不開放25port..導致去嘗試其他台mail server時有最後一行LOG產生

在麻煩各大神惠請賜教 謝謝T^T

把smtp server TLS關掉
troy1005 iT邦新手 4 級 ‧ 2018-12-20 16:59:40 檢舉
感謝門神,關掉測試的確可行,只是以後server 寄信安全信就降低許多T^T??
yesongow iT邦大師 1 級 ‧ 2018-12-21 09:53:57 檢舉
Ready to start TLS,然後就沒有下面了!

1 個回答

0
門神JanusLin
iT邦超人 1 級 ‧ 2018-12-20 09:48:41
最佳解答

試試
Disable outbound TLS on Exchange 2007

https://madtownengineer.com/2009/06/30/disable-outbound-tls-on-exchange-2007/

The outbound send connector on Exchange 2007 will try to establish TLS with the other side (if the other side asks). To disable outbound TLS on send connector, perform this powershell command:
set-sendconnector -IgnoreSTARTTLS:$true
If there are multiple send connectors then and you want to disable TLS on all of them.
Then do this
Get-sendconnector| set-sendconnector -IgnoreSTARTTLS:$true
I had a customer that routed the outbound ip address of the exchange smtp to match their inbound spam appliance, then the certificate did not have a name that matched the host name.
The easiest solution was to disable TLS.
The other solution was to add another name to the certificate

看更多先前的回應...收起先前的回應...
troy1005 iT邦新手 4 級 ‧ 2018-12-20 17:00:03 檢舉

感謝門神,關掉測試的確可行,只是以後server 寄信安全信就降低許多T^T??

那是寄出信件,和認證無關

不然就請那家手工具的關掉

或是用Cost的觀念,特別處理這個網域的信件

我要發表回答

立即登入回答