Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win


Exchange 2000 SP3 Matabase dump not showing correct information

Posted on 2004-04-30
Medium Priority
Last Modified: 2012-06-21
There is much history behind my question. Suffice to say that I am working with Microsoft on this issue but would like the Experts opinion as well...  

In my default recipient policy on the Email Addresses (Policy) tab in Exchange System Manager I have four lines for SMTP domains and another for X400.


Doing a dump of the matabase shows the following information (this is a clip from the dump).

RelayForAuth                    : (INTEGER) 0
KeyType                         : (STRING) "IIsSmtpSessions"

KeyType                         : (STRING) "IIsSmtpAlias"

KeyType                         : (STRING) "IIsSmtpUser"

KeyType                         : (STRING) "IIsSmtpDL"

KeyType                         : (STRING) "IIsSmtpDomain"
KeyType                         : (STRING) "IIsSmtpDomain"
RouteAction                     : (INTEGER) 32

KeyType                         : (STRING) "IIsSmtpDomain"
RouteAction                     : (INTEGER) 32

KeyType                         : (STRING) "IIsSmtpDomain"
RouteAction                     : (INTEGER) 32

I apologize that I don't have the script and command that was run to generate this info. I ran this at the request of a MS tech assigned to my case. The tech is concerned about a mydomain.com section not showing up in the dump along with the other "IIsSmtpDomain" strings.

This is all a product of my server starting to send relay denied messages back to my local outlook clients that looked like this:

Your message did not reach some or all of the intended recipients.
      Subject:      Older Resume
      Sent:      4/29/2004 12:04 PM

The following recipient(s) could not be reached:
      'some.body@company.com' on 4/29/2004 12:05 PM
            There was a SMTP communication problem with the recipient's email server.  Please contact your system administrator.
          <mail.mydomain.com #5.5.0 smtp;550 <some.body@company.com>... Relaying denied>

I tracked a message that gave me this message and found that the relay denied message was being generated before it ever left my mail server and it seems that my mail server is refusing to send the mail from an authenticated user with a local outlook client on my network. This happens to about 1% of the mail leaving the server seemingly at random times to random external domains. After repeatedly resending the same mail message the email does go through "normally". I have been working with MS for about a week on this and they think I have matabase corruption and are leaning towards reinstalling IIS on the mail server.

I realize that there may be  A LOT of information I need to give anyone reading this before they can make comments on this. I am not an exchange expert and will try to fill in information wherever I can.

Question by:kevinmcse1
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
LVL 23

Expert Comment

ID: 10960523
Hi Kevin,

I didn't follow all of what they/you have written down, but here goes my 2 cents...

I do think that the missing domain.com in your metabase is the problem. If you try to send an e-mail from a mailacoount that isn't on your own domain, than this is called relaying (e.g. on your mailserver mail.mydomain.com a mail from someone@yahoo.com to someoneelse@hotmail.com is being send). To make sure that this is not possible, relaying is prohibited on a Exchange server. Telling you how to enable this isn't the best way to go, you shouldn't enable relaying, it is a serious security breache.. So i think that that's your problem. Unfortenaltely, i don't know how to fix this problem, but seeing that Microsoft helps you, they should fix it for you.

And that brings me to my next opinion... I am a Exchange 2000 MCP, and for as far as i know (and the microsoft books state) a réïnstall of the IIS doen NOT fix the corruption of the IIS metabase. To restore the metabase, you should restore the System State Back-up.

Hope this helps a little bit and good luck with the Microsoft people (i'm afraid you'll need it)

Author Comment

ID: 10965258
That's an important opinion rhandel, thanks. I have a system state backup of that server but this issue has been going on for some time (months) and I have been backing up the "possibly" corrupted matabase along with the system state for who knows how long then. No chance of getting a clean matabase back through a restore now. How else would you correct the corruption? New mail server? (said with a nervuos amount of sarcasm...)
LVL 23

Expert Comment

ID: 10967124

Good news... You don't have to reïnstall the mail servers... You can also manually put back the metabase. Here's an article about how to do it. Also, my suggestion about the system state was right, see the first paragraph. I still don't know why microsoft says to do a reïnstall on IIS, maybe they have their reasons.. ;)..  Don't they have reasons for everything.. lol...


Hope this helps you out...
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.


Author Comment

ID: 10976832
I read through the article you refer to rhandels. It looks as though it assumes that the matabase you are restoring is a kmown good version (obviously) but my backups are not known to be good and are most certainly in the same state as the current Matabase. At the end of the article it states that the only recourse maybe a reinstall.

Unless I am missing somthing in the article (possible) I think I'm stuck with a IIS reinstall?

LVL 23

Accepted Solution

rhandels earned 750 total points
ID: 10976940

Looking at the article, i''m afraid you're right. Never thought this would be necesarry. But just reïnstalling it won't work, this part of the article ("After you uninstall it, you should also check the %Systemroot%\System32\inetsrv folder (which is not deleted by the uninstall process) for a file named metabase.bin. If you find one, delete it before reinstalling IIS.") is very important, else the old metabase will be used (like you didn't saw that one..;)).

I do believe, after reïnstalling IIS, the metabase is build up again, so that might be a little bit of a relief.


Author Comment

ID: 13765209
This thread is very old but thought I would share a few things about what i learned after the fact...

1) If you talk to MS support the number of different answers you get is directly porportional to the number of techs you talk to...

2) The issue I was having was not IIS related AT ALL. It was simply that companies that randomly produced the Relaying denied messages were also running servers that had port 25 open but were not mail servers. I have no idea why this would be the case but I verified that this was true with the third MS tech I talked to about my Relaying denied issue. This tech seemed to actually be knowledgeable and directed me to the real issue almost immediately.

It seems that my mail server would attempt to connect to the receiving mail server via DNS and a MX record and if it failed the first attempt it would automatically try an A record lookup instead ( silly you ask? I thought so, but this is by MS design). The A record could be any server running IIS and have port 25 open. This apparently happens more often than I thought. So, in succesfully connecting to a non mail server that has no mail clients accociated with it my mail server tries to send mail and the bogus destination server obviously send the Relaying denied message to my server.

That's it. Once the companies that my mail server was trying to connect to closed the servers with the A records down to IIS and port 25 traffic my mail server failed in the DNS lookup and simply retried in the specified amount of time. Eventually making the MX connection with the REAL mail server. It has been almost exactly a year since I posted this question and I have not seen but a handfull of these Relaying denied messages. I appreciat all the help I got from you experts. I just wish MS had not sent me on a wild goose chase for a week or more last year.

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
On September 18, Experts Exchange launched the first installment of the Help Bell, a new feature for Premium Members, Team Accounts, and Qualified Experts. The Help Bell will serve as an additional tool to help teams increase question visibility.
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

609 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question