<

Exchange Server Message Queue Error "451 4.4.0 DNS query failed"

Published on
6,461 Points
3,261 Views
2 Endorsements
Last Modified:
Resolve DNS query failed errors for Exchange
During a recent project to transition Exchange 2010 to Exchange 2016 when we cutover mail flow from Exchange 2010 (the legacy system) to Exchange 2016, messages were queuing up with "451 4.4.0 DNS query failed" errors.​

Picture1.png

On the Exchange 2016 server, we found there were two NICs--one was disabled. We then confirmed that working internal DNS servers were configured for the enabled NIC. Also ping, nslookup and telnet from the server was functioning properly for tests against internal and external resources.
 
For the one Exchange send connector, the legacy server was removed from the scope as a source server, the Exchange 2016 server was added as the only source server, and "Use the external DNS lookup settings on servers with transport roles" option was enabled. Additionally, the send connector was configured with smtp.office365.com as the smart host.
 
In spite of these settings changes, mail continued to queue up.
 
A closer look was taken at the NIC settings specific to DNS. One thing that was noticed in the advanced DNS settings was that the "Register this connection's addresses in DNS" option was not enabled. Per the customer, this is a option they always disable due to latent registration and resolution issues they've experienced in the past.
 Picture2.png
In my experience, it is better to leave the default options enabled on the primary NIC. It was recommended that the option be enabled and tested. Immediately upon enabling the "Register this connection's addresses in DNS" option (see below), the message queue flushed and all of the mail was successfully delivered from the new Exchange server to external recipients.​

Picture3.png 
I know this may seem like a small and insignificant change but it's really about those needles in the haystack settings that can break an environment. This was a great lesson for me as well as changing the way a customer will now look at things in their own network.
 Good luck and have fun!
 
Reference(s):
 
 
2
Comment
Author:Todd Nelson
0 Comments

Featured Post

Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

Join & Write a Comment

Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
This video tutorial shows you the steps to go through to set up what I believe to be the best email app on the android platform to read Exchange mail.  Get the app on your phone: The first step is to make sure you have the Samsung Email app on your …

Keep in touch with Experts Exchange

Tech news and trends delivered to your inbox every month