Outgoing mail not being delivered

I have a slight problem.  My Exchange 2000 server is extremely slow when sending out mail.

I think the problem might be due to a flood of incoming email... I have been researching this since reloading SMTP on the server due to a failure a couple days ago.  

Any thoughts?

thanks

Derek
LVL 9
Derek Schauland (Microsoft MVP)IT ConsultantAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

shivsaCommented:
From the mailserver (at a command prompt) type nslookup
try a couple of domains like www.google.com, www.yahoo.com  What is the response times on these?

Any changes to DNS server ?
0
Derek Schauland (Microsoft MVP)IT ConsultantAuthor Commented:
U:\>nslookup www.google.com
*** Can't find server name for address 192.168.1.1: Non-existent domain
*** Default servers are not available
Server:  UnKnown
Address:  192.168.1.1

Non-authoritative answer:
Name:    www.google.akadns.net
Address:  216.239.41.99
Aliases:  www.google.com

there have been no changes to DNS recently.  The mail problems seemed to come on all by themselves...
0
shivsaCommented:
Activate SMTP logging to get more information.

See the settings for retransmission within your SMTP Server. This may have something  to do with your time intervals. the first connection fails and the lag is the transmission loop time.
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

ydirieCommented:
enable message tracking.
send an email to outside
check your smtp queue to see what happens to that email.
                            Does it ever shows up at all, how long does it take to show up in the queue, do they go retry mode. I would really suspect dns. Also, check your server task manager to see how the server acting and how much process your information store is taking up ? please give me these info and we should be ableto resolve. Is the SMTP queue full or empty. when you say slow, how slow ?

thanks
0
Derek Schauland (Microsoft MVP)IT ConsultantAuthor Commented:
The outbound message I sent as suggested above got into the queue and sat behind probably 60 NDR messages.

The queues seem to be very very full of spam and or NDRs caused by spam...

Any thoughts short of a spam filter?

Derek
0
shivsaCommented:
0
shivsaCommented:
also
check these too.
----------------------
there may be a  compromized local account on the box.
Check the local accounts on the box - reset passwords and ensure guest is disabled.
If the machine is in a domain - check the guest account and all other accounts for suspicious activity.
0
ydirieCommented:
We just solved the same issue for another person. Here is the link. Please read every section and let me know If  I can assist you more no this.
http://www.experts-exchange.com/Networking/Email_Groupware/Exchange_Server/Q_20813677.html
0
Derek Schauland (Microsoft MVP)IT ConsultantAuthor Commented:
All the guest accounts and other unneeded accounts seem to be disabled.  I also applied the post SP3 rollup and it still isnt moving along.  There are still a ton of outgoing queues and it looks like they are full of NDRs from incoming spam...

It seems like I am not making any progress with it...

0
ydirieCommented:
I know all the NDR sitting in your Queue will delay your outgoing mail. you will need to delete all them from the queue and choose do not send NDR. Make sure you are not a relay by checking your Virtual smtp settings that you select allow these machines below for relay and keep the list empty. Just for the moment, uncheck allow NDR under global settings, and let me know if it helps.

0
shivsaCommented:
u might have compromised account.

u can use some packet sniffer and changing administrative and user passwords.  Once the passwords are changed restart the Exchange Server and check the logs.
0
ydirieCommented:
Shivsa, What is your basis about an account been compromised ?
0
shivsaCommented:
having so many SPAM messages.
0
Derek Schauland (Microsoft MVP)IT ConsultantAuthor Commented:
I have one other server that relays mail to my exchange server to send an email via a web form, would it be better to disallow this relay and use the SMTP service via IIS on the webserver to send this email?

Other than that the exchange server isnt a relay as far as all the Virtual SMTP server(s) that are created...

It is just frustrating to try and keep up with all the mail stuck in the queues...

I am also looking into a spam filter to scan and filter mail before sending it to exchange... do any of you have recommendations there??
0
ydirieCommented:
There is always something like this hiding somewhere :)-
Allowing the webfarm to relay your exchange machine is not best practices and that could be your culprit. When web farm is allowed for relaying, 30-40 percent of all the webfarm outgoing emails end up having dirrent issues whether it is bad email address, someone's yahoo or hotmail account been full and thus causing all these emails to be in stuck in your exchange queue. As long as you have this in place, your outgoing emails will be always be the same.

Recomendations:

You can use IIS  on tyhe webserver to send mail. Just make sure you dont become anither spammer!
set up linux sendmail or something similar rather than slowing your exchange server.
Make sure you clean your excahnge bad mail folder to reduce another overhead on your server.

As far as spam, I have outsourced mine which is the day my queue went down from averaging 80-120 a day to big 0-2 or 3.
 
0
Derek Schauland (Microsoft MVP)IT ConsultantAuthor Commented:
The mail relaying from the webserver to exchange is internal... it sends an email containing order informaiton to specified email addresses within the company when an online order is submitted...

Should I still have SMTP on the webserver handling this email since it will go to exchange anyway?

It doesnt send to any outside addresses and the form handler only knows about the email address for customer service....

0
Derek Schauland (Microsoft MVP)IT ConsultantAuthor Commented:
The mail relaying from the webserver to exchange is internal... it sends an email containing order informaiton to specified email addresses within the company when an online order is submitted...

Should I still have SMTP on the webserver handling this email since it will go to exchange anyway?

It doesnt send to any outside addresses and the form handler only knows about the email address for customer service....

0
ydirieCommented:
it would shurely be up to you. I would not allow anyone to relay to the exchange server. If the other server has that capability, then let it send it and have your server accept the mail.
0
Derek Schauland (Microsoft MVP)IT ConsultantAuthor Commented:
I tried using SMTP via IIS with the webform, however it is configured badly... when i changed the smtp servername in the form handler it choked and will not send any mail...

If I leave it relay through exchange it works ok...

any ideas?
0
ydirieCommented:
I will check with someone with IIS stuff...I get back to you on this .
0
ydirieCommented:
How is your server processes working. when you look under task manager ? what is the average system idle time ?
0
Derek Schauland (Microsoft MVP)IT ConsultantAuthor Commented:
I do not see that displayed the idle process has been running for 116:40:10... I didnt see any avg idle time listed though
0
ydirieCommented:
this link might help explain some of these things.
http://www.mcpmag.com/columns/print.asp?EditorialsID=629

The task manager, I meant how the server CPU processes and memory. What about the information store CPU
0
Derek Schauland (Microsoft MVP)IT ConsultantAuthor Commented:
Mem Usage shows 975000K and Processor fluctuates between 2% and 15%

The IS has been using CPU for 04:22:25 and 265,740k of RAM
0
ydirieCommented:
I don't thing there an issue. Have you started deleting all old emails from the smtp queue. If not, let us do that for now. Dont send NDR reports when doing that!

0
Derek Schauland (Microsoft MVP)IT ConsultantAuthor Commented:
I would agree under normal circumstances that there is no issue and that the hardware should certainly handle the load, however the server is all kinds of slow.  I will try clearing the queues without an NDR, although i am not sure how much it will help based on how fast they fill up
0
ydirieCommented:
Also, for short term, let us uncheck the allow NDR under the global settings.
0
Derek Schauland (Microsoft MVP)IT ConsultantAuthor Commented:
I have that disabled and think i have cleared out most of the queues....
0
Derek Schauland (Microsoft MVP)IT ConsultantAuthor Commented:
It seems to have really caused a slow down internal mail is hanging up now...

I hope this is a hiccup in the grand scheme of things and that it will return to normal soon

0
Derek Schauland (Microsoft MVP)IT ConsultantAuthor Commented:
What might be the liklihood that a flood of spam could corrupt Windows SMTP bad enough to require a reinstall?

About 4.30 CST the exchange server ground to a halt (similar to last week, prompting the start of the thread) and i am reloading SMTP and updates to see if that helps for a little while...

this seems to get more bizzarre everyday.....
0
ydirieCommented:
Are you seeing any errors in the logs ?

Did you try to reboot your machine ?

please give your machine's specs such as processor, memory, pentium III. How many users. How do you have the machine configured ? raid configs. everything you can thing of. how many DCs

thanks
0
Derek Schauland (Microsoft MVP)IT ConsultantAuthor Commented:
I have rebooted several times and now it seems I am onto recovery.

The server is a dual P3 1.5GhZ with 1 Gb of RAM...  I have 50 users

The PC is also a DC (not my choice, setup prior to my taking the job) the PC is configured in a raid configuration

Upon trying to mount the stores, after all services were up and running, the stores are corrupt ... I think the frustration of the whole thing is driving me nuts and I am not even sure where to begin, regardless of all the training and such on exchange...

any help here would be very appreciated
0
Derek Schauland (Microsoft MVP)IT ConsultantAuthor Commented:
The latest error in the logs are as follows

Event Type:      Error
Event Source:      MSExchangeSA
Event Category:      MAPI Session
Event ID:      9175
Date:            12/8/2003
Time:            9:26:25 PM
User:            N/A
Computer:      EXCHANGE2K
Description:
The MAPI call 'OpenMsgStore' failed with the following error:
The Microsoft Exchange Server computer is not available.  Either there are network problems or the Microsoft Exchange Server computer is down for maintenance.
The MAPI provider failed.
Microsoft Exchange Server Information Store
ID no: 8004011d-0526-00000000

For more information, click http://www.microsoft.com/contentredirect.asp.

It seems that somehow this afternoon the db stores were corrupted...
0
ydirieCommented:
Remember, you inhereted the box, not built it. Having said, dont get frustrated as this is part of the job. I am looking into the errors and we should be able to fix this issue. Also, you said the stores are corrupt. How do you know  ?

cheer up friend and will solve this
0
ydirieCommented:
Also, we may want to turn on some of the exchange logs. Right the server under ESM choose some diagnostic logging
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Derek Schauland (Microsoft MVP)IT ConsultantAuthor Commented:
When trying to mount the mailbox store I received a message dialog that said the DB may be corrupt

I am waiting on a mbx store restore now

I will enable logs and see what comes out

thanks for the friendly word too... it is part of the job and I love the job... seems odd that there is no warning or "hey this is the problem"

0
Derek Schauland (Microsoft MVP)IT ConsultantAuthor Commented:
The store appeared to be corrupt, or the DBs were corrupt.  The ESEutil /p fixed the issue with a little patience...

I do appreciate all the input and assistance...
0
shivsaCommented:
I'm glad u got it solved.
thanks for the points.
0
ydirieCommented:
Wow. How large was your database and how long did it take /p command. Anyway glad the issue is resolved.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.