Outlook by the sound

What happened to my summer--Part 4

Part 4—the dispair of the Unhappy B

Mikado.

See how the Fates their gifts allot,
For A is happy — B is not.
Yet B is worthy, I dare say,
Of more prosperity than A!

--Gilbert and Sullivan

I was a happy, Oh so happy A,to have a system managing my e-mail properly.  And the frosting on the cup-cake (carrot) was the fact that NNTP messages were flowing to and from my NNTP client.  You do remember, Diligent Reader, that I had been in the middle of trouble shooting the absence of NNTP traffic when the DSL connection went down.  I attribute it to the several repair-reinstalls that I did during the frantic flail.  The install Wizard got it right the last time, as there really should not be a problem with NNTP on SBS2003.

Back at the Original SBS2003 server, with its new Power Supply, I set about to replicate the Exchange setup that I had achieved with the migrated SBS2003 server.  (After all, I did not want give up my new 64-bit toy to the mundane execution of SBS2003 server tasks.  I wanted to get back to important things (like perhaps the Vista beta and Moss 2007 beta, wherein the future lies.)  But I was not to be an Oh so Happy A for very long.  Try as I may, I could not get the POP3 connector to pull e-mail, nor get that server to send, even though it was set up the same as the migrated server, which was happily receiving and sending the e-mail through the Verizon servers.

Admitting defeat, I started a Microsoft Support Incident.

Hello Hollis,

Thank you for contacting Microsoft Support. My name is Shoumik De and I am the Support Professional who will be working with you on this case. You can reach me using the contact information below and referencing your case ID that is SRX….

As we discussed, the issue you are experiencing is: Unable to receive and send mail using pop 3.

Once we resolve this issue, we will consider this incident completed and closed.

We shall be working to resolve this specific issue through the course of the case. If I have misunderstood your concern, please let me know.

Regards

Shoumik De

Technical Support Officer

Microsoft Enterprise Platform Support

Small Business Server

I spent the first two hours merely achieving login to an EasyShare session and watching the Support Engineer try to get the beast to send to one of their mail servers, and then to connect, using Telnet, to another server.  That failed also, and there was a short pause while he bumped my incident up to the next skill level.  During that interval, I had the opportunity to check the Telnet service on the box.  It wasn’t started.  That brought a smile—I could relate to that.  Then came several multi-hour sessions in which the new support engineer cracked the problem.  At the end, I asked the engineer to review what he had done.  With modest understatement, he gave the following summary:

Hi Hollis,

Glad to hear its working. The steps are below for resolving the network card issue and the DNS issue.

The network card had ghosted instances of its self. KB269155 shows how to look for these devices. (We are ant ICW after removing these extra network adapters)

http://support.microsoft.com/default.aspx?scid=kb;[LN];269155 


Figure 12 shows the Network Connections that are defined for the SBS2003 Server.

Figure 12  Network Connections on the SBS2003 Server


Figure 13 shows all the network adapters that are held in the device manager, including the two being used and ghosted adapter from earlier connections, which I had never known how to remove.

Figure 13  Network Adapters plus Ghosted Adapters

Figure 14 shows the Network Adapters that remained after the Support Engineer removed everything that no longer being used.

Figure 14  Final Network Adapters.

To resolve the DNS issue we added the following DNS servers for the dns forwarders list. 4.2.2.2 4.2.2.3 4.2.2.6 Step 5 of the following KB has the steps for adding DNS forwarders to a 2003 DNS server.

814591 How to Install and Configure DNS Server in Windows Server 2003

http://support.microsoft.com/default.aspx?scid=kb;EN-US;814591

How ever after adding the DNS forwarders, we were still having trouble with dns look up. (What we were getting was an error message saying that the server could not be found.  And it turned out to be the case that we could not find the ISP’s DNS servers that are accessed on a special port. hdp) After some testing we examined the DNS filter in ISA which was set up wrong.

The DNS Filter's properties had the following set:

Local Computer tab was set to use the computers internal IP (10.0.0.2) address instead of the default IP address option on the external interface. Then the remote computer option was set to use 10.0.0.100 instead of all remote computers. (This is a filter that I had created when I had added the Sharepoint server box to the to the system.  It had permitted Sharepoint to find the DNS server on the SBS server.  It had caused no problem before the upgrade when I had be happily sending and receiving from Earthlink.  There is a SBS2003 standard filter that was enabling the SBS server to reach the outside.  Anyway, changing that did get the e-mail flowing .hdp)

I replied:

Well, that is some of the story; but certainly not all of it.  From my point of view, it was a three-hour flail.  However, you knew what you were doing.  There are things that need explaining…

1)  <We are ant ICW after removing these extra network adapters>

I can’t parse that comment.

2)  <To resolve the DNS issue we added the following DNS servers for the dns forwarders list. 4.2.2.2 4.2.2.3 4.2.2.6>

After you did this, you found some old dns forwarder IP addresses in the Virtual SMTP server.  Was that from the Advanced Delivery page and behind the configure external DNS servers’s “Configure” button?  If yes, how did they get there?  Form the registry?  We have that page cleared now—Is that how it should be?

3) The error message before the POP3 connector first pulled was that ISA failed to create the Internal Protocol IP packet filter.  In addition to setting up the packet filter, and restarting the Firewall service, you got to a page where you rebuilt and reinstalled User policies.  At the time you remarked that for big corporations you didn’t have the luxury of doing that; but with a 75 user limit, you could do that in SBS.  Where was that done, and I know there is a kb that tells you how to do it because I have done that before, but long ago.

I know that this is a classic example of the non-expert asking the expert to explain what the expert has reduced to habit, and I get that all the time in my support efforts in the public newsgroups, but I worry that I will have to do much of it again when I apply SP1.

His response was then:

Hi Hollis,

      Sorry about the broken sentence. What I meant was we had run the ICW after removing the extra (ghosted) network adapters from device manager. I had also forgotten that we removed the specified dns servers from the SMTP virtual server; some one must have added those DNS servers there. The Advanced Delivery page behind configure external DNS server's "Configure" button should normally be empty on a SBS 2003 box. In your point 3 I rebuilt and updated both Recipient Update Services for the enterprise and domain (this was from the exchange system manager under Recipients) I then applied the recipient policy that is listed under Recipient Policies (these steps simply make sure the server knows what domain it handles mail for and that the users mail boxes are setup to accept mail for the domain). Generally you don't do this on a large exchange organization unless you have to, because of the performance hit on the servers. I do this some times in SBS as we will have a max of 75 users and 1 server, but in some large organizations there could be a few thousand users with multiple servers, and depending on the number of servers and work load it could take a few hours to complete. Below is a KB for trouble shooting the RUS. As for updating to SBS SP1, you should run into a problem like this. Just make sure you have current backups before installing the SB1 updates.

How to troubleshoot the Recipient Update Service by using the Application log in Exchange 2000 Server or in Exchange Server 2003

http://support.microsoft.com/default.aspx?scid=kb;[LN];822794

Let me know if you need anything else, I'll go a head and start the closing process for this case. You will get an email later today stating when next week the case will actually close

At this point, I feel I really need to say something about adding 4.2.2.2, 4.2.2.3, and 4.2.2.6 to the forwarder list.  That really bothered me, as I didn’t know whose servers they belonged to.  So, I asked a friend, which produced the following information:

“You can go to www.dnsstuff.com and find out who owns the netblock.
 

http://www.dnsstuff.com/tools/whois.ch?ip=4.2.2.2

Comes back as Level 3 Communications

So, now Unhappy B is transformed again to Happy A deserving or not.  I set up a couple of additional mail-boxes at my Verizon mail station.  The intention was to forward the received mail for the two basic clients at my house to the two new mailboxes at Verizon and pull them down with the other server.  That way the two servers would be kept in sync.  But all is not sweetness and light in River City.  I noticed that there was mail backing up in the Outgoing queue.  With the help of full logging for the SMTP Virtual Server and an Exchange MVP colleague, it was determined that the Verizon outgoing mail server was accepting the forwarded mail, then rejecting them and dropping the connection.  The Exchange MVP said that Verizon had their servers set up incorrectly.  So I sent them the information in a e-mail support incident, but they never replied.  And I abandoned the effort.  Sync would have to happen some other way.


We should also say that, even though this whole discussion has been predicated on using the Exchange POP3 connector which is only used in the Small Business Server product, these results are not limited to just SBS servers and the Exchange package contained there-in.  Other Exchange products, in other OS configurations, can use a third-party POP3 connector to pull the email.  But, some caveats should be made, so I will quote briefly from SlipStick.com.

"Connecting Microsoft Exchange Server to a POP3 Account

http://www.slipstick.com/exs/popconnect.asp

Downloading mail from a POP account into Exchange Server in general is not a supported configuration (though you wouldn't know it from the proliferation of tools to accomplish this). However, Microsoft does provide an Exchange Connector for POP3 Mailboxes for Small Business Server, having licensed Internet Mailbridge from Acotec. It's still not a supported configuration for full Exchange Server.

I'd suggest that you read about both sides of this issue. If you decide to try this route, there are plenty of tools to choose from. Features common to all POP3 collectors include the ability to POP mail from multiple servers and from multiple mailboxes. You'll also be able to control how often it checks for new mail in the POP3 accounts and limit it to downloading new mail during specific hours, such as only during business hours. All of the commercial POP3 connectors should be able to deliver mail to any SMTP address, including mail-enabled Public Folders.

Many of these tools support these forms of POP3 collection:

·  One-to-one, which collects mail from a single POP3 mailbox and sends it to a specific SMTP address

·  Many-to-one, which collects mail from multiple POP3 mailboxes and sends it to single SMTP address

·  One-to-many, which collects mail from single 'catch-all' POP3 mailbox and sends it to multiple SMTP addresses

Note that the one-to-many collection method fails when messages are BCC'd to users."



Gentle Reader, do you still remember the secondary goal of this project—the upgrade to Service Pack 1.  You recall that I worried about that to the Support Engineer when I was asking for a further explanation of what he had done.  He replied, somewhat prophetically by saying “As for updating to SBS SP1, you should run into a problem like this. Just make sure you have current backups before installing the SB1 updates.” At the time, I thought it was just fast typing which dropped the negative in the initial assertion.  And, of course, what good are current backups when you are installing a service pack that can’t be un-installed.  And particularly, when you really, really do not want to go back to the ante-bellum conditions.  You have to fix what the Wizards break.

http://www.slipstick.com/exs/popconnect.asp

Downloading mail from a POP account into Exchange Server in general is not a supported configuration (though you wouldn't know it from the proliferation of tools to accomplish this). However, Microsoft does provide an Exchange Connector for POP3 Mailboxes for Small Business Server, having licensed Internet Mailbridge from Acotec. It's still not a supported configuration for full Exchange Server.

I'd suggest that you read about both sides of this issue. If you decide to try this route, there are plenty of tools to choose from. Features common to all POP3 collectors include the ability to POP mail from multiple servers and from multiple mailboxes. You'll also be able to control how often it checks for new mail in the POP3 accounts and limit it to downloading new mail during specific hours, such as only during business hours. All of the commercial POP3 connectors should be able to deliver mail to any SMTP address, including mail-enabled Public Folders.

Many of these tools support these forms of POP3 collection:

·  One-to-one, which collects mail from a single POP3 mailbox and sends it to a specific SMTP address

·  Many-to-one, which collects mail from multiple POP3 mailboxes and sends it to single SMTP address

·  One-to-many, which collects mail from single 'catch-all' POP3 mailbox and sends it to multiple SMTP addresses

Note that the one-to-many collection method fails when messages are BCC'd to users."



Gentle Reader, do you still remember the secondary goal of this project—the upgrade to Service Pack 1.  You recall that I worried about that to the Support Engineer when I was asking for a further explanation of what he had done.  He replied, somewhat prophetically by saying “As for updating to SBS SP1, you should run into a problem like this. Just make sure you have current backups before installing the SB1 updates.” At the time, I thought it was just fast typing which dropped the negative in the initial assertion.  And, of course, what good are current backups when you are installing a service pack that can’t be un-installed.  And particularly, when you really, really do not want to go back to the ante-bellum conditions.  You have to fix what the Wizards break.

Previous                                                                Next