Cannot verify mail server connection after upgrading to windows server 2016

Report · Feb 04, 2020

Hello!

We recently upgraded a server from Windows 2012R2 to Windows 2016.

We are running Coldfusion 2016 update 13

Since we upgraded servers, we cannot receive emails. When trying to verify mail server connection, it fails.

All services worked on Windows Server 2012R2.

Mail log error as follows:

"javax.messagingexception: could not connect to SMTP host: xxx.xx.xx.xxx port: 25, response: -1"

We are not allowed to use telnet but I ran the following script on ther server:

test-netconnection xxx.xx.xx.xxx -port 25 and that returns that he tcp test succeeded=true

Windows firewall is off, defender is off (managed by an enterprise solution)

Checked McAfee settings and cannot find that traffic is being blocked.

Has anyone run accross this issue?

Report · Feb 04, 2020

The only thing I can think of offhand is, do you have either the SSL or TLS options enabled in CF?

Dave Watts, Eidolon LLC

Report · Feb 04, 2020

I have tried both options but still cannot verify the mail connection

Report · Feb 04, 2020

Lisa, that is indeed odd. So first, you are saying that you did not change servers, but only upgraded Windows on the box, right? And are you confirming that the CF version did not change in the process, either?

If both are true, then the only difference would SEEM to be about the upgrade of Windows, but there's no reason that alone should cause CF to be unable to reach the mail server. I would wonder if something else about the default or a changed Windows config, or some other installed app, may be impacting things.

Next, you have not clarified: is the mail server on the same box or a different one? (Could be a useful clue for recommending more diagnostics.)

Also, I see you say you confirm access to the port (25) on that destination server, but you have not confirmed that that port 25 is responding like a mail server should. Can you access the mail server (at that IP and port) from any other box, whether running CF or not? I realize you may not be able to, easily.

I know you said you can't run telnet, but can you install and run any other sort of command-line mail client, to confirm if THAT can reach the mail server, and talk with it? If not, that would confirm that the problem is indeed happening ON the box but not only FROM WITHIN CF. Again, that could be a useful diagnostic clue.

Finally, to be clear, when you say you have not been able to "receive" emails, you mean that those who you are sending emails to (from CF) are never getting them, right? Because this SMTP server setting in the admin (and that error) are indeed about CF's being unable to reach the smtp server to send emails. I'm not saying that to be a jerk, but just to make sure that we are all on the same page (you in your understanding, and we in understanding what your issue is).

/Charlie (troubleshooter, carehart.org)

Report · Feb 04, 2020

Charlie,

Thank you for replying.

First, I don't think I explained myself correctly. The 2016 server is question is a new virtual server. Our other server had issues and it was decided to build a new virtual server running Windows server 2016.

The server in question is on our developement environment. With that being said, we have a production server running the same applications but it is a Windows 2012R2 and we are able to receive mail.

I am very limited on what I can install as I am in an Enterprise environment.

We have a seperate SMTP server that we link to throught the Coldfusion Administrator page.

So essentially what happens is that we have a website that we access, input an approved email address and then receive a token to access the site.

I'm looking for any help that I can get because I have been searching for a solution for days and have come up empty.

Report · Feb 04, 2020

OK, so it's just a variation then on what I said: I suspect that something in the new server is blocking access to the mail server.

So again, is the mail server on a 3rd server (relative to this new and old one)? Or is it perhaps ON the old one? (That's possible. Mail server software is just another kind of server that can run on a machine, just like CF can.)

And I hear you that you "can't install anything" on the new CF machine, but you do need to prove if it can reach that mail server, and that that mail server responds to it as a mail server should.

I assume you have confirmed that the CF Admin mail page settings are 100% identical between the old and new CF right? not just the ip address but the username and password, and the checkboxes for things like SSL and TLS?

You also didn't clarify what version of CF is running on the old and new server. That may be useful. And also what version of Java is running? (This is potentially important if you have enabled the SSL/TLS.) The CF and Java versions are both reported on the CF Admin "settings summary" page.)

Finally, if instead of playing "20 questions" 🙂 you may prefer to have direct assistance, I can offer that. More at carehart.org/consulting. But I and others here will be happy to keep trying based on what you may shared.

/Charlie (troubleshooter, carehart.org)

Report · Feb 04, 2020

One thing you might want to try is to use PowerShell to make an actual SMTP connection, instead of just testing TCP connectivity. Just search for "powershell smtp test" for a variety of ways to do this from PowerShell. This will show you an actual SMTP failure if one exists. I'm sorry I didn't think of this earlier.

Dave Watts, Eidolon LLC

Report · Feb 04, 2020

Great point, Dave. Thanks for sharing it. While I wasn't aware that there was a PS way to do an smtp check, that's just the kind of thing I was saying would be useful for Lisa to do from outside of CF (like at the command line) to prove if this was really about CF or not.

Even if it does work, though (and still CF does not), then a lot of my questions do remain for her consideration.

/Charlie (troubleshooter, carehart.org)

Adobe Community

Cannot verify mail server connection after upgrading to windows server 2016