"rameok" <firstname.lastname@example.org> wrote in message
>I am having almost the same issue as below. Have been running wsus for a
> while now and decided to add email notifications. Am running an Exchange
> server internally. I get the following message when I click the "test"
> System.Net.Mail.SmtpException: Failure sending mail. --->
> System.Net.WebException: Unable to connect to the remote server --->
> System.Exception: No connection could be made because the target machine
> actively refused it xxx.xxx.xxx.xxx:25
It sounds like you have (correctly so, in accordance with best practices)
locked your Exchange Server down so that it doesn't accept inbound SMTP
connections from places it's not supposed to.
You'll need to modify your Exchange configuration to accept SMTP connects
from your WSUS Server.
> I've tried to make sure that the machine or user has relay permissions in
> Exchange, but I just can't get it to work.
*RELAY* permissions are not what you're looking for, since the WSUS Server
is not trying to "relay" a message. I'm presuming the terminal point of the
message is a mailbox on the Exchange Server. If so, then there's no relay
occuring. Relay would only apply if the destination mailbox were in some
other mail system external to your Exchange Server.
If your WSUS Server and Exchange Server are in the same domain, you should
be able to use the "Allow all computers which successfully authenticate..."
You might also check on the default SMTP Virtual Server Properties dialog
that you're not blocking access for authentication reasons. (e.g. does your
Exchange Server accept anonymous SMTP connections?)
"Connection control" on the Default SMTP Virtual Server Properties dialog
should also be checked for correct settings.
Finally.... since Exchange/Outlook doesn't communicate on port 25 -- check
to make sure there's no local firewall on the Exchange Server restricting
where the inbound port 25 connections can come from. A practical security
setup is to lock down the local firewall so the SMTP connections can only
come from the firewall or a bridgehead server (if one is in use) or a backup
SMTP relay server.
Lawrence Garvin, M.S., MCBMSP, MCTS, MCP
Senior Data Architect, APQC, Houston, Texas
Microsoft MVP - Software Distribution (2005-2008)
MS WSUS Website: http://www.microsoft.com/wsus
My Websites: http://www.onsitechsolutions.com;
My MVP Profile: http://mvp.support.microsoft.com/pro...awrence.Garvin