This week, I learned some more about Exchange 07 senders, specifically the Intra-Organization SMTP Send Connector. I'm working at a client that has two Exchange 07 boxes, one is supposed to be a hot spare (XYZExchange02) with no live mailboxes on it. In the process of testing mail flow, I discovered that no mail is flowing from the hot spare to the live system and the following error appears in the Application Log:
Event Type: Error
Event Source: MSExchangeTransport
Event Category: SmtpSend
Event ID: 2017
Date: 11/27/2007
Time: 5:01:22 PM
User: N/A
Computer: XYZEXCHANGE02
Description:
Outbound authentication failed with error TargetUnknown for Send connector Intra-Organization SMTP Send Connector. The authentication mechanism is ExchangeAuth. The target is SMTPSVC/email.xyz.com.
Web searches turned up absolutely nothing except that the Intra-Organization SMTP Send Connector is created by default to handle all internal routing between hub transport servers based upon the AD topology, that it is hidden and can't be modified in any way, and that there is no logging for it (until SP1).
After staring at the above error message way to long, I realized that it was looking for a Service Principle Name (SPN) and I found a KB article detailing similar problems in Exchange 03. I ran the following command on a DC to set the SPN and lo and behold, everything started working.
setspn -a SMTPSVC/email.xyz.com XYZExchange01
The big question to me still is why is it trying to use email.xyz.com instead of XYZExchange01 for the SPN? My only answer is that the receive connector on XYZExchange01 is configured to identify itself as email.xyz.com.
Looks like I have some research to do on SPNs.