Resolve DNS query failed errors for Exchange
During a recent project to transition Exchange 2010 to Exchange 2016 when we cutover mail flow from Exchange 2010 (the legacy system) to Exchange 2016, messages were queuing up with "451 4.4.0 DNS query failed" errors.
On the Exchange 2016 server, we found there were two NICs--one was disabled. We then confirmed that working internal DNS servers were configured for the enabled NIC. Also ping, nslookup and telnet from the server was functioning properly for tests against internal and external resources.
For the one Exchange send connector, the legacy server was removed from the scope as a source server, the Exchange 2016 server was added as the only source server, and "Use the external DNS lookup settings on servers with transport roles" option was enabled. Additionally, the send connector was configured with smtp.office365.com as the smart host.
In spite of these settings changes, mail continued to queue up.
A closer look was taken at the NIC settings specific to DNS. One thing that was noticed in the advanced DNS settings was that the "Register this connection's addresses in DNS" option was not enabled. Per the customer, this is a option they always disable due to latent registration and resolution issues they've experienced in the past.
In my experience, it is better to leave the default options enabled on the primary NIC. It was recommended that the option be enabled and tested. Immediately upon enabling the "Register this connection's addresses in DNS" option (see below), the message queue flushed and all of the mail was successfully delivered from the new Exchange server to external recipients.
I know this may seem like a small and insignificant change but it's really about those needles in the haystack settings that can break an environment. This was a great lesson for me as well as changing the way a customer will now look at things in their own network.
Good luck and have fun!