michelec
asked on
Some messages stuck in outbound queue in Exchange 2000
We are running an Exchange 2000 server (SP3). In general SMTP traffic inbound and outbound is flowing fine. However in some queues, mail is building up - especially hotmail.com, msn.com and earthlink.com. Some messages have been sitting in the queues for a couple of days now.
How can we make these messages go through?
Thanks,
Michele Cooper
How can we make these messages go through?
Thanks,
Michele Cooper
you might need to setup a PTR record for your IP, ask your ISP to set this up for you, also try http://postmaster.aol.com/trouble/ they has some tools here which will help you diagnose the problem. This is for sending mail to AOL but the test will be the same for all other mail servers. If you can send a mail to AOL then you can probably send it anywhere as they are incredibly strict.
here is a link for the PTR check's
http://postmaster.aol.com/tools/rdns.html
here is a link for the PTR check's
http://postmaster.aol.com/tools/rdns.html
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
An update: I looked at the SPAM/Relay stuff and the DNS resolution. All of that looks satisfactory.
I am looking into SMTPdiag tool... I'll get back with the results.
Thanks.
Michele
I am looking into SMTPdiag tool... I'll get back with the results.
Thanks.
Michele
ASKER
Well...
This became somewhat even more complicated.
To start with, the SMTPDiag tool showed that all DNS lookup was functioning as expected, mostly. I'll explain this later. The tests that failed were UDP and connected to the remote mail server on port 25. I suspect this is because port 25 was not open on those servers.
However, I discovered some unexpected oddities in the Exchange server in question. First of all, it is a front-end exchange server inside of a DMZ so it has an internal NIC card and and external NIC card. Each NIC has/had multiple IP addresses. This environment was hastiliy inherited, so I'm not sure of all of the reasons. Out of the clear blue sky, an IP address conflict arose on one of the internal NIC addresses. These are, of course, maually configured, so where a conflict came from is yet to be determined. This has caused the internal LAN connection to be disabled.
Turns out that the external NIC also has multiple addresses since it acts as a gateway for various functions.
The first step was to get rid of any unneeded IP addresses on both NIC cards. Problem is, I can't rmember at which point this caused mail to flow outbound, but all of a sudden it did.
What took me so long to get back to you was that then I discovered that some messages where also stuck in the queue outbound to this server from the back-end Exchange Server. I came to the conclusion that it must have been trying to connect to the remote server on the internal DNS address (although I didn't know how to verify this). However the front-end server only had an SMTP Virtual Server running on the external address. So, after creating an SMTP Virtual Server on the inside address, mail flowed from the back-end to the front-end.
In short, it seemed to be a DNS configuration problem.
Michele
This became somewhat even more complicated.
To start with, the SMTPDiag tool showed that all DNS lookup was functioning as expected, mostly. I'll explain this later. The tests that failed were UDP and connected to the remote mail server on port 25. I suspect this is because port 25 was not open on those servers.
However, I discovered some unexpected oddities in the Exchange server in question. First of all, it is a front-end exchange server inside of a DMZ so it has an internal NIC card and and external NIC card. Each NIC has/had multiple IP addresses. This environment was hastiliy inherited, so I'm not sure of all of the reasons. Out of the clear blue sky, an IP address conflict arose on one of the internal NIC addresses. These are, of course, maually configured, so where a conflict came from is yet to be determined. This has caused the internal LAN connection to be disabled.
Turns out that the external NIC also has multiple addresses since it acts as a gateway for various functions.
The first step was to get rid of any unneeded IP addresses on both NIC cards. Problem is, I can't rmember at which point this caused mail to flow outbound, but all of a sudden it did.
What took me so long to get back to you was that then I discovered that some messages where also stuck in the queue outbound to this server from the back-end Exchange Server. I came to the conclusion that it must have been trying to connect to the remote server on the internal DNS address (although I didn't know how to verify this). However the front-end server only had an SMTP Virtual Server running on the external address. So, after creating an SMTP Virtual Server on the inside address, mail flowed from the back-end to the front-end.
In short, it seemed to be a DNS configuration problem.
Michele
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Everything is working. We do have a firewall, a Cisco PIX. Your advice sounds good, I will definately look into that.
Michele
Michele
I agree with the above statement to get the front end server out of your DMZ. No...., I strongly agree that an you should move your front end server out of the DMZ.
Glad to here the SMTPDiag tool yielded useful information. It is one of my favorits.
Glad to here the SMTPDiag tool yielded useful information. It is one of my favorits.
Charles