• Home
  • Topics
    • Office 365
    • Teams
    • SharePoint Online
    • Exchange 2019
    • Exchange 2016
    • Exchange 2013
    • Hybrid
    • Certificates
    • PowerShell
    • Migration
    • Security
    • Azure
  • Blog
  • Podcast
  • Webinars
  • Books
  • About
  • Videos
    • Interview Videos
    • How To Guide Videos
  • Subscribe
    • Facebook
    • Twitter
    • RSS
    • YouTube

Practical 365

You are here: Home / Exchange Server / External Mail Flow Not Working After Exchange Server Upgrade

External Mail Flow Not Working After Exchange Server Upgrade

February 26, 2014 by Paul Cunningham 27 Comments

After an upgrade to Exchange Server 2013 Service Pack 1 you may discover that external email flow has stopped working.

If your inbound email is via a smart host you may notice queuing of mail on that server, or when testing inbound external using the Microsoft Remove Connectivity Analyzer the test may fail.

exchange-2013-sp1-front-end-transport-01In the Application event log of the Exchange server the following event may be logged.

Log Name: Application
Source: MSExchangeFrontEndTransport
Date: 26/02/2014 4:18:38 PM
Event ID: 7012
Task Category: Components
Level: Warning
Keywords: Classic
User: N/A
Computer: E15MB1.exchange2013demo.com
Description:
The service state for frontend transport is inconsistent. Current state – Inactive. Expected state – Active.

To resolve the issue, restart the Microsoft Exchange Frontend Transport service.

exchange-2013-sp1-front-end-transport-02

After the service has restarted you should find the following event log entry.

Log Name: Application
Source: MSExchangeFrontEndTransport
Date: 26/02/2014 4:19:40 PM
Event ID: 7009
Task Category: Components
Level: Information
Keywords: Classic
User: N/A
Computer: E15MB1.exchange2013demo.com
Description:
Retrieved the service state. Host service – FrontendTransport, Service state data – Active.

In addition, the Remote Connectivity Analyzer Inbound SMTP test should now be successful, and the test emails should arrive in the inbox of the email address you use for testing.

exchange-2013-sp1-front-end-transport-03

Exchange Server Exchange 2013, Mail Flow, Service Pack 1, Transport

Comments

  1. James says

    March 7, 2021 at 8:01 pm

    Thank you!!!!

    Just spent all day patching my servers due to the out-of-band emergency security update MS just published only to get that sinking feeling after patching my Edge server when incoming email from the Internet stopped working.

    Happened to see the error in the event log which led me to this article!

    Reply
  2. Mohd Izhar says

    July 3, 2016 at 5:16 pm

    Hi,

    I have single exchange 2013 with CAS and MBX in same box and Edge server 2013. External emails are working fine but inbound emails are getting stuck in edge server with the error -“451 4.4.0 DNS query failed. The error was: SMTPSEND.DNS.NonExistentDomain nonexistent domain”

    Need help.

    Reply
  3. Bamkele says

    March 5, 2016 at 11:55 pm

    Hi Paul

    I am experiencing the issue of port 25 not opening. I setup a new Exchange server 2013 SP1 and we want to decommission the other one see log below. This log comes up when I restart the FrontEnd service.

    Process MSExchangeFrontendTransport.exe (PID=19780). Object [CN=Exchange Routing Group (DWBGZMFD01QNBJR),CN=Routing Groups,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=”NAME OF OUR COMPANYs,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=corp,DC=”OUR DOMAIN”,DC=com]. Property [RoutingMasterDN] is set to value [“THE SERVER THAT WE WANT TO DECOMMISSION”
    DEL:34490536-775c-49d5-9741-6bccfb45dc55], it is pointing to the Deleted Objects container in Active Directory. This property should be fixed as soon as possible.

    Reply
  4. welani says

    July 3, 2015 at 11:03 pm

    Removing all receive connectors and recreating the with original setting could help? Because the moment I create the one with port 25, the Front end service fails.

    Reply
    • Paul Cunningham says

      July 4, 2015 at 12:41 am

      That happens if you create the new connector on the wrong service. Custom receive connectors must always be created on the Frontend Transport service.

      https://www.practical365.com/exchange-2013-configure-smtp-relay-connector/

      Reply
  5. welani says

    July 3, 2015 at 8:15 pm

    How can I safely change to another port. If I change to say 26, and on the router too, there are no NDRS and the mail doesn’t come too. Something internet related seems to be using port 25 making it unavailable for smtp.

    Reply
    • Paul Cunningham says

      July 3, 2015 at 9:56 pm

      Trying to use port 26 for SMTP isn’t going to work. Every other server on the internet uses port 25 for SMTP.

      Reply
  6. Welani says

    July 2, 2015 at 1:41 am

    I have a problem receiving external emails and discovered that the Frontend Transport service fails. In the events I get an errors “Failed to start listening (Error:10048).Binding:0.0.0.0:25.” “The address is already in use. Binding:0.0.0.0:25” then “Inbound direct trust authentication failed for certificate %1. The source IP address of the server that tried to authenticate to Microsoft Exchange is [%2]. Make sure EdgeSync is running properly.”

    My situation is that I migrated from exchange 2010 to 2013 and everything has been working fine until some 4 days ago when I noted that my ISP server is bouncing back emails coming to my exchange 2013 with message “The system : host (mypublicaddress) said 550.5.7.1 Unable to relay for myemailaddress(in reply to RCPT TO command)

    Have tried to uninstall all roles from the legacy 2010 but nothing is working for me. I am able to sendreceive internal mail, but can only send out and not receive.

    Please assist.

    Reply
    • Paul Cunningham says

      July 2, 2015 at 8:23 am

      I suspect you have added a receive connector to the 2013 server incorrectly.

      https://exchangemaster.wordpress.com/2014/01/24/incorrectly-adding-new-receive-connector-breaks-exchange-2013-transport/

      Reply
  7. ravi says

    February 13, 2015 at 8:45 pm

    i have multi role exchange servers 2013. total 4 servers and they all are in cluster.
    here is what i planned for SP1 installation.

    1) install SP1 on one server at a time and reboot the server make sure server can be functional after reboot.

    currently i am on build 775.38.

    Anything else to consider?

    Reply
  8. Naresh says

    November 15, 2014 at 1:50 am

    Thanks for the resolution. Why does this fail BTW? What causes it to go in to inconsistent state? Is there a root cause that triggers that condition?

    Reply
  9. Mahesh says

    July 24, 2014 at 5:24 pm

    below test passed:

    Test Steps
    Attempting to retrieve DNS MX records for domain ‘epelab.in’.
    One or more MX records were successfully retrieved from DNS.
    Additional Details
    MX Records Host mail.epelab.in, Preference 10
    Elapsed Time: 72 ms.

    Test Steps
    Attempting to resolve the host name mail.epelab.in in DNS.
    The host name resolved successfully.
    Additional Details
    IP addresses returned: 192.168.1.60

    Below tests failed:

    Testing inbound SMTP mail flow for domain ‘mahesh.d-n@epelab.in’.
    The Microsoft Connectivity Analyzer failed to test inbound SMTP mail flow.
    Additional Details
    Elapsed Time: 21321 ms.

    Testing Mail Exchanger mail.epelab.in.
    One or more SMTP tests failed for this Mail Exchanger.
    Additional Details
    Elapsed Time: 21249 ms.

    Testing TCP port 25 on host mail.epelab.in to ensure it’s listening and open.
    The specified port is either blocked, not listening, or not producing the expected response.
    Tell me more about this issue and how to resolve it
    Additional Details

    A network error occurred while communicating with the remote host.
    Elapsed Time: 21047 ms.

    hi,

    i have a exchange 2010 setup in our lab and registered DNS epelab.in on godaddy.com.
    I could able to send a mail externally , but receive is not happening from external.

    my understanding is we need to do NAT in firewall i.e. is map a private IP 192.168.1.60 to public ip in firewall and port 25 to be opened.

    This setup is for our testing purpose (not for company) i don’t have firewall and public ip.Is there a way i can achieve or could able to receive mails from externally, if so could you please inform me how to achieve the same.

    i am stuck here!!!

    Regards,
    Mahesh

    Reply
    • Paul Cunningham says

      July 26, 2014 at 12:20 pm

      192.168.1.60 is a private IP address that is not reachable from the internet. You need to put your public IP address in DNS instead.

      Reply
  10. Sven-Erik Lie says

    May 8, 2014 at 6:28 pm

    We had the same problem. Solution for us :

    Make sure that DNS ip is set on the new FrontendTransportService (In our case the ip is the same as on TransporService)

    Get-TransportService InternalDNSServers (DNS Server IP)

    Get-FrontendTransportService InternalDNSServers (DNS Server IP)

    Reply
  11. Dave R says

    March 16, 2014 at 7:53 am

    You saved my life! I had a custom relay receive connector and as soon as I disabled it the Transport Service started…. Vodka Time!!

    Reply
    • Paul Cunningham says

      March 16, 2014 at 7:56 pm

      That sounds like a different issue. Make sure your relay connector is bound to Frontend Transport not Hub Transport.

      https://www.practical365.com/exchange-2013-configure-smtp-relay-connector/

      Reply
  12. Jan Aarts says

    February 28, 2014 at 9:02 pm

    Thanks for the headsup !!

    Reply
  13. Walden Gajo says

    February 27, 2014 at 10:08 pm

    Thanks for the info. This would have been a mind-boggling event specially if the install is through the command prompt :-).

    Reply
  14. Mihail Stacanov says

    February 26, 2014 at 5:36 pm

    Did you restart server right after upgrade?

    I believe there is clearly stated that it’s necessary to restart server after upgrade.

    Reply
    • Paul Cunningham says

      February 26, 2014 at 7:45 pm

      Command line setup for the SP1 upgrade does not prompt for a restart.

      Reply
      • Mihail Stacanov says

        February 26, 2014 at 7:46 pm

        Ahh, for sure šŸ™‚

        Reply

Leave a Reply Cancel reply

You have to agree to the comment policy.

Recent Articles

  • Turn On MFA: Real-World Example of Fraud, Domain Stealing, and the Nearly Lost House Deposit
  • Changes in Microsoft 365 Apps Channels and Why You Should Care
  • A New Tool to Manage Exchange-related Attributes Without Exchange Server
  • Microsoft Launches Group Ownership Governance Policy
  • Making the Case for Identity GovernanceĀ in Azure Active Directory

Copyright © 2022 Quadrotech Solutions AG · Disclosure · Privacy Policy
Alpenstrasse 15, 6304 Zug, Switzerland