Exchange 2010: 451 4.4.0 DNS query failed. The error was: SMTPSEND.DNS.NonExistentDomain.
Hi,
I have two Exchange 2010 servers running on Windows 2008 Ent R2.
These mail servers have been running fine for a few years.
Today I noticed two things.
1. users were telling me they were having delays receiving emails from outside of our own domain. The mail gets sent out, but it takes about 15-30 mins for users outside our our domain to get their mail. Mail sent from inside our domain gets delivered right away.
2. An error message that I see when I go to Tools->Queue Viewer in EMC. The error is: 451 4.4.0 DNS query failed. The error was: SMTPSEND.DNS.NonExistentDo
I'm assuming these two things are related. I don't understand why the problem is just showing up now. As I said, mail delivery has been fine for a while and I haven't done any major updates to the server in a few months.
Thanks for any ideas and suggestions as to what might be causing it and where I can look.
I have two Exchange 2010 servers running on Windows 2008 Ent R2.
These mail servers have been running fine for a few years.
Today I noticed two things.
1. users were telling me they were having delays receiving emails from outside of our own domain. The mail gets sent out, but it takes about 15-30 mins for users outside our our domain to get their mail. Mail sent from inside our domain gets delivered right away.
2. An error message that I see when I go to Tools->Queue Viewer in EMC. The error is: 451 4.4.0 DNS query failed. The error was: SMTPSEND.DNS.NonExistentDo
I'm assuming these two things are related. I don't understand why the problem is just showing up now. As I said, mail delivery has been fine for a while and I haven't done any major updates to the server in a few months.
Thanks for any ideas and suggestions as to what might be causing it and where I can look.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for the responses. I'm working on it.
Also, it an attached screen shot that shows a slightly different error message in my Queue Viewer. This is where the Queues are listed, not the individual messages.
Screen-shot-2014-12-19-at-8.24.38-AM.png
Also, it an attached screen shot that shows a slightly different error message in my Queue Viewer. This is where the Queues are listed, not the individual messages.
Screen-shot-2014-12-19-at-8.24.38-AM.png
I stand by my suggestions.
ASKER
Thanks Ben. I'm working on your suggestions right now. I just posted that graphic thinking it might spark some other suggestions. I'll respond back here in a bit..
ASKER
So I ran a DNS check on mxtoolbox.com and also an SMTP test. SMTP came back fine.
DNS came back with errors. Please see attached.
Are the SOA errors local to my server or the Rackspace DNS servers? Could these errors be causing my problems?
Screen-shot-2014-12-19-at-8.59.58-AM.png
DNS came back with errors. Please see attached.
Are the SOA errors local to my server or the Rackspace DNS servers? Could these errors be causing my problems?
Screen-shot-2014-12-19-at-8.59.58-AM.png
Those look like rackspace errors. So the destination domain you're having this issue with it hosted at rackspace? If so I'd get in contact with that domains support and let them know they have DNS issues.
ASKER
Yeah, I already did get in touch with Rackspace. The Email servers I have are hosted at Rackspace and the domains on my email server are in rackspace DNS servers. I'll update this thread when I find out something . Thanks.
Ahh gotcha. Could you tell me one of the destination domain names? I'd like to do some poking as well. You can pm me if you;d like.
ASKER
Just sent you a PM with one of the Domain names on the server. Thanks very much!
Yeah I'd say that these Start of Authority errors are on C**********.com's end, which appears to be using rackspace as well. The transaction time on the SMTP test is a concern too. Verify whether or not they are tarpitting, or their email host could just be overloaded, maybe speaking with a POC there might shed some light.
Here recently my own company is going through a migration from on premise to Office365 and an outside vendor was having issues receiving mail from us. Naturally it was attributed to our migration however turns out they also had messaging problems during the same time frame.
Here recently my own company is going through a migration from on premise to Office365 and an outside vendor was having issues receiving mail from us. Naturally it was attributed to our migration however turns out they also had messaging problems during the same time frame.
I tried a telnet test.. their host is having issues for sure. Did not recognize ehlo or helo, and was very laggy.
ASKER
Thanks Ben. I am the mail admin at C********.com. We do get slammed with spam and have a spam solution in place (GFI mail essentials). This just started happening a few days ago. I've done no major updates to the mail servers for months. The last one was a renew of the Cert, so I started thinking that might be it.
We considered office365 and might go that way in the future, but it concerns me because so many are going towards Office365 they are a very big target.
We considered office365 and might go that way in the future, but it concerns me because so many are going towards Office365 they are a very big target.
ASKER
I tried a telnet to C***********.com and had no lag and it did recognize ehlo. Were you talking about that?
ASKER
These are the commands I got back with a ehlo
250-SIZE 35840000
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-STARTTLS
250-AUTH NTLM
250-8BITMIME
250-BINARYMIME
250 CHUNKING
Are some missing?
250-SIZE 35840000
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-STARTTLS
250-AUTH NTLM
250-8BITMIME
250-BINARYMIME
250 CHUNKING
Are some missing?
OIC now lol. Ok I was thinking your domain was the destination. So just to be clear since I had this backwards, your outbound mail queues are what's having DNS resolution issues correct? Can you send me one of those domain names that you're having problems sending to?
A cert error would be fairly apparent however it'd not affect the delivery of outbound mail.. especially what happening in your queues. Which cert did you renew, Autodiscover, OWA, etc?
I only brought up O365 as an example. It is and will continue to grow into a huge target.. we had no choice in the matter though. Parent company force our hand.
A cert error would be fairly apparent however it'd not affect the delivery of outbound mail.. especially what happening in your queues. Which cert did you renew, Autodiscover, OWA, etc?
I only brought up O365 as an example. It is and will continue to grow into a huge target.. we had no choice in the matter though. Parent company force our hand.
When I telnet I don't get the typical 'welcome'-ish text. Only a 220***** line across the top. ehlo/helo are unrecognized.
ASKER
No, you were right the first time. The problem is with our inbound mail but more specifically with our inbound mail from an outside domain name.
So any mail being sent to someone in C******.com to someone else in C********.com comes though right away.
But for example, if someone is sending mail from icloud.com to C*******.com, it gets hung up. Not always but usually. This started happening a few days ago.
I looked in the application log the other day and saw some error messages about GFI (spam software) taking too long to filter mail. I thought that was the problem. Contacted GFI and upgraded to newest build. That solved the GFI error message but the above problem is still happening.
Cert is Autodiscover on the domain. But would a bad Cert cause the specific problem and symptoms I'm having?
Rackspace is looking at it now. They are usually pretty good, but if I get a tech who doesn't want to be bothered they will sometimes just say "not our area" and bounce it back to me.
Yeah, I hear you about 365. Might be the same here sooner rather then later. All the hacking and data breaching is going to get much worse. Most people don't realize how pervasive it is. I'm kind of amazed at how many large companies are trusting Microsoft with their emails. Anyway, I digress... Maybe it's Microsoft slamming on my mail server so I give up and switch to 365!
Thanks again...
So any mail being sent to someone in C******.com to someone else in C********.com comes though right away.
But for example, if someone is sending mail from icloud.com to C*******.com, it gets hung up. Not always but usually. This started happening a few days ago.
I looked in the application log the other day and saw some error messages about GFI (spam software) taking too long to filter mail. I thought that was the problem. Contacted GFI and upgraded to newest build. That solved the GFI error message but the above problem is still happening.
Cert is Autodiscover on the domain. But would a bad Cert cause the specific problem and symptoms I'm having?
Rackspace is looking at it now. They are usually pretty good, but if I get a tech who doesn't want to be bothered they will sometimes just say "not our area" and bounce it back to me.
Yeah, I hear you about 365. Might be the same here sooner rather then later. All the hacking and data breaching is going to get much worse. Most people don't realize how pervasive it is. I'm kind of amazed at how many large companies are trusting Microsoft with their emails. Anyway, I digress... Maybe it's Microsoft slamming on my mail server so I give up and switch to 365!
Thanks again...
Can I correctly assume that your Exchange box isn't under like a stupidly large load or anyhting? I really feel as though that slow transaction time is whats causing your problem.
Do you have the opportunity to test it w/o GFI running?
Do you have the opportunity to test it w/o GFI running?
ASKER
RIght now box is under very light load. Queues almost empty. I can turn off GFI and tried that already but it didn't change anything.
I think your right about the slow transaction time, but I'm starting to think it's really a DNS resolving thing.
Still waiting to hear back from RS. They have been looking at it a while so I'm guessing something is up..
I think your right about the slow transaction time, but I'm starting to think it's really a DNS resolving thing.
Still waiting to hear back from RS. They have been looking at it a while so I'm guessing something is up..
Wow.. so GFI made no difference. and RS hosts your domains external dns?
ASKER
Yup. RS hosts external DNS.
OK I had a counter part in the south give the telnet a try.. it recognized all the appropriate commands for him.
ASKER
Ok, great. Thanks so much!
Rackspace doesn't like michigan internets.. lol
ASKER
Thanks for all the help everyone gave me on this. It's still not solved, though the mail delay problem seems to have gone away. The errors are still there.
I will give credit to the answer that helped the most.
Thanks
Nacht
I will give credit to the answer that helped the most.
Thanks
Nacht
Sounds like a DNS issue. Are the DNS servers that are listed on the server's NIC functional? Is your Send connector setup to use external DNS servers and if so, are the external DNS servers specified on each transport server functional?
-JJ