Sending E-Mail notifications from WSUS 3

Hi all,

I am trying to get the WSUS server to send email notifications to select ed
users and keep getting the error below.
I am runngin Windows Server 2003 Standard and my email server is Mailtraq.

Any Ideas??

Many thanks in advance

Mikie

System.Net.Mail.SmtpException: Failure sending mail. --->
System.Net.WebException: Unable to connect to the remote server --->
System.Exception: No connection could be made because the target machine
actively refused it
--- End of inner exception stack trace ---
--- End of inner exception stack trace ---
at
Microsoft.UpdateServices.Internal.BaseApi.SoapExce ptionProcessor.DeserializeAndThrow(SoapException soapException)
at
Microsoft.UpdateServices.Internal.DatabaseAccess.A dminDataAccessProxy.SendTestEmail(String
emailLanguage, String smtpUserName, String senderEmailAddress, String
smtpHostName, Int32 smtpPort, String recipients)
at
Microsoft.UpdateServices.Internal.BaseApi.EmailNot ificationConfiguration.SendTestEmail()
at
Microsoft.UpdateServices.UI.SnapIn.Dialogs.EmailNo tificationSettingsDialog.backgroundWorker_DoWork(O bject sender, DoWorkEventArgs e)

Forwarded to WSUS newsgroup via crosspost:
microsoft.public.windows.server.update_services as a convenience to OP.

On the web:
http://www.microsoft.com/communities... date_services

In your newsreader:
news://msnews.microsoft.com/microsof...pdate_services
--
~Robear Dyer (PA Bear)
MS MVP-Windows (IE, OE, Security, Shell/User)
AumHa VSOP & Admin http://aumha.net
DTS-L http://dts-l.net/

Mikie wrote:
> Hi all,
>
> I am trying to get the WSUS server to send email notifications to select
> ed
> users and keep getting the error below.
> I am runngin Windows Server 2003 Standard and my email server is Mailtraq.
>
> Any Ideas??
>
> Many thanks in advance
>
> Mikie
>
> System.Net.Mail.SmtpException: Failure sending mail. --->
> System.Net.WebException: Unable to connect to the remote server --->
> System.Exception: No connection could be made because the target machine
> actively refused it
> --- End of inner exception stack trace ---
> --- End of inner exception stack trace ---
> at
> Microsoft.UpdateServices.Internal.BaseApi.SoapExce ptionProcessor.DeserializeAndThrow(SoapException
> soapException) at
> Microsoft.UpdateServices.Internal.DatabaseAccess.A dminDataAccessProxy.SendTestEmail(String
> emailLanguage, String smtpUserName, String senderEmailAddress, String
> smtpHostName, Int32 smtpPort, String recipients)
> at
> Microsoft.UpdateServices.Internal.BaseApi.EmailNot ificationConfiguration.SendTestEmail()
> at
> Microsoft.UpdateServices.UI.SnapIn.Dialogs.EmailNo tificationSettingsDialog.backgroundWorker_DoWork(O bject
> sender, DoWorkEventArgs e)

> Mikie wrote:

>> I am trying to get the WSUS server to send email notifications to
>> selected
>> users and keep getting the error below.
>> I am runngin Windows Server 2003 Standard and my email server is
>> Mailtraq.
>>
>> Any Ideas??


>> System.Net.Mail.SmtpException: Failure sending mail. --->
>> System.Net.WebException: Unable to connect to the remote server --->
>> System.Exception: No connection could be made because the target machine
>> actively refused it


Most likely cause is that you've configured Mailtraq to not relay SMTP (a
GOOD thing),
or to only accept an SMTP connection from your firewall (or inbound MX
relay),
but now you'll need to configure an exception to allow inbound SMTP from
the WSUS Server.

Also, if you're using any kind of authentication mechanism on the Mailtraq
server,
make sure that either the WSUS Server is correctly configured to send
the necessary credentials,
(The E-Mail Server tab of Options | E-Mail Notifications)
or that the Mailtraq server will accept an anonymous SMTP connection
from the WSUS Server.

--
Lawrence Garvin, M.S., MCBMSP, MCTS, MCP
Senior Data Architect, APQC, Houston, Texas
MVP - Software Distribution (2005-2007)

MS WSUS Website: http://www.microsoft.com/wsus
My Websites: http://www.onsitechsolutions.com;
http://wsusinfo.onsitechsolutions.com
My MVP Profile: http://mvp.support.microsoft.com/pro...awrence.Garvin

I am having almost the same issue as below. Have been running wsus for a
while now and decided to add email notifications. Am running an Exchange 2003
server internally. I get the following message when I click the "test"
button.

System.Net.Mail.SmtpException: Failure sending mail. --->
System.Net.WebException: Unable to connect to the remote server --->
System.Exception: No connection could be made because the target machine
actively refused it xxx.xxx.xxx.xxx:25
--- End of inner exception stack trace ---
--- End of inner exception stack trace ---
at
Microsoft.UpdateServices.Internal.BaseApi.SoapExce ptionProcessor.DeserializeAndThrow(SoapException soapException)
at
Microsoft.UpdateServices.Internal.DatabaseAccess.A dminDataAccessProxy.SendTestEmail(String
emailLanguage, String smtpUserName, String senderEmailAddress, String
smtpHostName, Int32 smtpPort, String recipients)
at
Microsoft.UpdateServices.Internal.BaseApi.EmailNot ificationConfiguration.SendTestEmail()
at
Microsoft.UpdateServices.UI.SnapIn.Dialogs.EmailNo tificationSettingsDialog.backgroundWorker_DoWork(O bject sender, DoWorkEventArgs e)
--

I've tried to make sure that the machine or user has relay permissions in
Exchange, but I just can't get it to work.

Any ideas ?
RGK


"Lawrence Garvin [MVP]" wrote:

> > Mikie wrote:
>
> >> I am trying to get the WSUS server to send email notifications to
> >> selected
> >> users and keep getting the error below.
> >> I am runngin Windows Server 2003 Standard and my email server is
> >> Mailtraq.
> >>
> >> Any Ideas??
>
>
> >> System.Net.Mail.SmtpException: Failure sending mail. --->
> >> System.Net.WebException: Unable to connect to the remote server --->
> >> System.Exception: No connection could be made because the target machine
> >> actively refused it
>
>
> Most likely cause is that you've configured Mailtraq to not relay SMTP (a
> GOOD thing),
> or to only accept an SMTP connection from your firewall (or inbound MX
> relay),
> but now you'll need to configure an exception to allow inbound SMTP from
> the WSUS Server.
>
> Also, if you're using any kind of authentication mechanism on the Mailtraq
> server,
> make sure that either the WSUS Server is correctly configured to send
> the necessary credentials,
> (The E-Mail Server tab of Options | E-Mail Notifications)
> or that the Mailtraq server will accept an anonymous SMTP connection
> from the WSUS Server.
>
> --
> Lawrence Garvin, M.S., MCBMSP, MCTS, MCP
> Senior Data Architect, APQC, Houston, Texas
> MVP - Software Distribution (2005-2007)
>
> MS WSUS Website: http://www.microsoft.com/wsus
> My Websites: http://www.onsitechsolutions.com;
> http://wsusinfo.onsitechsolutions.com
> My MVP Profile: http://mvp.support.microsoft.com/pro...awrence.Garvin
>

"rameok" <rameok@discussions.microsoft.com> wrote in message
news932C4FF-5728-450C-AB9B-A6150375DF9E@microsoft.com...
>I am having almost the same issue as below. Have been running wsus for a
> while now and decided to add email notifications. Am running an Exchange
> 2003
> server internally. I get the following message when I click the "test"
> button.
>
> System.Net.Mail.SmtpException: Failure sending mail. --->
> System.Net.WebException: Unable to connect to the remote server --->
> System.Exception: No connection could be made because the target machine
> actively refused it xxx.xxx.xxx.xxx:25

It sounds like you have (correctly so, in accordance with best practices)
locked your Exchange Server down so that it doesn't accept inbound SMTP
connections from places it's not supposed to.

You'll need to modify your Exchange configuration to accept SMTP connects
from your WSUS Server.

> I've tried to make sure that the machine or user has relay permissions in
> Exchange, but I just can't get it to work.

*RELAY* permissions are not what you're looking for, since the WSUS Server
is not trying to "relay" a message. I'm presuming the terminal point of the
message is a mailbox on the Exchange Server. If so, then there's no relay
occuring. Relay would only apply if the destination mailbox were in some
other mail system external to your Exchange Server.

If your WSUS Server and Exchange Server are in the same domain, you should
be able to use the "Allow all computers which successfully authenticate..."
option.

You might also check on the default SMTP Virtual Server Properties dialog
that you're not blocking access for authentication reasons. (e.g. does your
Exchange Server accept anonymous SMTP connections?)

"Connection control" on the Default SMTP Virtual Server Properties dialog
should also be checked for correct settings.


Finally.... since Exchange/Outlook doesn't communicate on port 25 -- check
to make sure there's no local firewall on the Exchange Server restricting
where the inbound port 25 connections can come from. A practical security
setup is to lock down the local firewall so the SMTP connections can only
come from the firewall or a bridgehead server (if one is in use) or a backup
SMTP relay server.

--
Lawrence Garvin, M.S., MCBMSP, MCTS, MCP
Senior Data Architect, APQC, Houston, Texas
Microsoft MVP - Software Distribution (2005-2008)

MS WSUS Website: http://www.microsoft.com/wsus
My Websites: http://www.onsitechsolutions.com;
http://wsusinfo.onsitechsolutions.com
My MVP Profile: http://mvp.support.microsoft.com/pro...awrence.Garvin

Thanks for the advice. As it turns out, it was my McAfee policy config to
"prevent mass mailing worms from sending mail" setting on the WSUS server.
Turned that off, and everything worked as expected.
--
RGK


"Lawrence Garvin [MVP]" wrote:

> "rameok" <rameok@discussions.microsoft.com> wrote in message
> news932C4FF-5728-450C-AB9B-A6150375DF9E@microsoft.com...
> >I am having almost the same issue as below. Have been running wsus for a
> > while now and decided to add email notifications. Am running an Exchange
> > 2003
> > server internally. I get the following message when I click the "test"
> > button.
> >
> > System.Net.Mail.SmtpException: Failure sending mail. --->
> > System.Net.WebException: Unable to connect to the remote server --->
> > System.Exception: No connection could be made because the target machine
> > actively refused it xxx.xxx.xxx.xxx:25
>
> It sounds like you have (correctly so, in accordance with best practices)
> locked your Exchange Server down so that it doesn't accept inbound SMTP
> connections from places it's not supposed to.
>
> You'll need to modify your Exchange configuration to accept SMTP connects
> from your WSUS Server.
>
> > I've tried to make sure that the machine or user has relay permissions in
> > Exchange, but I just can't get it to work.
>
> *RELAY* permissions are not what you're looking for, since the WSUS Server
> is not trying to "relay" a message. I'm presuming the terminal point of the
> message is a mailbox on the Exchange Server. If so, then there's no relay
> occuring. Relay would only apply if the destination mailbox were in some
> other mail system external to your Exchange Server.
>
> If your WSUS Server and Exchange Server are in the same domain, you should
> be able to use the "Allow all computers which successfully authenticate..."
> option.
>
> You might also check on the default SMTP Virtual Server Properties dialog
> that you're not blocking access for authentication reasons. (e.g. does your
> Exchange Server accept anonymous SMTP connections?)
>
> "Connection control" on the Default SMTP Virtual Server Properties dialog
> should also be checked for correct settings.
>
>
> Finally.... since Exchange/Outlook doesn't communicate on port 25 -- check
> to make sure there's no local firewall on the Exchange Server restricting
> where the inbound port 25 connections can come from. A practical security
> setup is to lock down the local firewall so the SMTP connections can only
> come from the firewall or a bridgehead server (if one is in use) or a backup
> SMTP relay server.
>
> --
> Lawrence Garvin, M.S., MCBMSP, MCTS, MCP
> Senior Data Architect, APQC, Houston, Texas
> Microsoft MVP - Software Distribution (2005-2008)
>
> MS WSUS Website: http://www.microsoft.com/wsus
> My Websites: http://www.onsitechsolutions.com;
> http://wsusinfo.onsitechsolutions.com
> My MVP Profile: http://mvp.support.microsoft.com/pro...awrence.Garvin
>