Exchange 2000 SP3 Matabase dump not showing correct information
There is much history behind my question. Suffice to say that I am working with Microsoft on this issue but would like the Experts opinion as well...
In my default recipient policy on the Email Addresses (Policy) tab in Exchange System Manager I have four lines for SMTP domains and another for X400.
@mydomain.com
@mydomain.locallocation
@mydomain-inc.com
@mydomain-inc.net
Doing a dump of the matabase shows the following information (this is a clip from the dump).
RelayForAuth : (INTEGER) 0
[/smtpsvc/1/Sessions]
KeyType : (STRING) "IIsSmtpSessions"
[/smtpsvc/1/Alias]
KeyType : (STRING) "IIsSmtpAlias"
[/smtpsvc/1/User]
KeyType : (STRING) "IIsSmtpUser"
[/smtpsvc/1/DL]
KeyType : (STRING) "IIsSmtpDL"
[/smtpsvc/1/Domain]
KeyType : (STRING) "IIsSmtpDomain"
[/smtpsvc/1/Domain/mydomai
KeyType : (STRING) "IIsSmtpDomain"
RouteAction : (INTEGER) 32
[/smtpsvc/1/Domain/mydomai
KeyType : (STRING) "IIsSmtpDomain"
RouteAction : (INTEGER) 32
[/smtpsvc/1/Domain/mydomai
KeyType : (STRING) "IIsSmtpDomain"
RouteAction : (INTEGER) 32
I apologize that I don't have the script and command that was run to generate this info. I ran this at the request of a MS tech assigned to my case. The tech is concerned about a mydomain.com section not showing up in the dump along with the other "IIsSmtpDomain" strings.
This is all a product of my server starting to send relay denied messages back to my local outlook clients that looked like this:
Your message did not reach some or all of the intended recipients.
Subject: Older Resume
Sent: 4/29/2004 12:04 PM
The following recipient(s) could not be reached:
'some.body@company.com' on 4/29/2004 12:05 PM
There was a SMTP communication problem with the recipient's email server. Please contact your system administrator.
<mail.mydomain.com #5.5.0 smtp;550 <some.body@company.com>...
I tracked a message that gave me this message and found that the relay denied message was being generated before it ever left my mail server and it seems that my mail server is refusing to send the mail from an authenticated user with a local outlook client on my network. This happens to about 1% of the mail leaving the server seemingly at random times to random external domains. After repeatedly resending the same mail message the email does go through "normally". I have been working with MS for about a week on this and they think I have matabase corruption and are leaning towards reinstalling IIS on the mail server.
I realize that there may be A LOT of information I need to give anyone reading this before they can make comments on this. I am not an exchange expert and will try to fill in information wherever I can.
Thanks,
Kevin
In my default recipient policy on the Email Addresses (Policy) tab in Exchange System Manager I have four lines for SMTP domains and another for X400.
@mydomain.com
@mydomain.locallocation
@mydomain-inc.com
@mydomain-inc.net
Doing a dump of the matabase shows the following information (this is a clip from the dump).
RelayForAuth : (INTEGER) 0
[/smtpsvc/1/Sessions]
KeyType : (STRING) "IIsSmtpSessions"
[/smtpsvc/1/Alias]
KeyType : (STRING) "IIsSmtpAlias"
[/smtpsvc/1/User]
KeyType : (STRING) "IIsSmtpUser"
[/smtpsvc/1/DL]
KeyType : (STRING) "IIsSmtpDL"
[/smtpsvc/1/Domain]
KeyType : (STRING) "IIsSmtpDomain"
[/smtpsvc/1/Domain/mydomai
KeyType : (STRING) "IIsSmtpDomain"
RouteAction : (INTEGER) 32
[/smtpsvc/1/Domain/mydomai
KeyType : (STRING) "IIsSmtpDomain"
RouteAction : (INTEGER) 32
[/smtpsvc/1/Domain/mydomai
KeyType : (STRING) "IIsSmtpDomain"
RouteAction : (INTEGER) 32
I apologize that I don't have the script and command that was run to generate this info. I ran this at the request of a MS tech assigned to my case. The tech is concerned about a mydomain.com section not showing up in the dump along with the other "IIsSmtpDomain" strings.
This is all a product of my server starting to send relay denied messages back to my local outlook clients that looked like this:
Your message did not reach some or all of the intended recipients.
Subject: Older Resume
Sent: 4/29/2004 12:04 PM
The following recipient(s) could not be reached:
'some.body@company.com' on 4/29/2004 12:05 PM
There was a SMTP communication problem with the recipient's email server. Please contact your system administrator.
<mail.mydomain.com #5.5.0 smtp;550 <some.body@company.com>...
I tracked a message that gave me this message and found that the relay denied message was being generated before it ever left my mail server and it seems that my mail server is refusing to send the mail from an authenticated user with a local outlook client on my network. This happens to about 1% of the mail leaving the server seemingly at random times to random external domains. After repeatedly resending the same mail message the email does go through "normally". I have been working with MS for about a week on this and they think I have matabase corruption and are leaning towards reinstalling IIS on the mail server.
I realize that there may be A LOT of information I need to give anyone reading this before they can make comments on this. I am not an exchange expert and will try to fill in information wherever I can.
Thanks,
Kevin
ASKER
That's an important opinion rhandel, thanks. I have a system state backup of that server but this issue has been going on for some time (months) and I have been backing up the "possibly" corrupted matabase along with the system state for who knows how long then. No chance of getting a clean matabase back through a restore now. How else would you correct the corruption? New mail server? (said with a nervuos amount of sarcasm...)
Hi,
Good news... You don't have to reïnstall the mail servers... You can also manually put back the metabase. Here's an article about how to do it. Also, my suggestion about the system state was right, see the first paragraph. I still don't know why microsoft says to do a reïnstall on IIS, maybe they have their reasons.. ;).. Don't they have reasons for everything.. lol...
http://hacks.oreilly.com/pub/h/1153
Hope this helps you out...
Good news... You don't have to reïnstall the mail servers... You can also manually put back the metabase. Here's an article about how to do it. Also, my suggestion about the system state was right, see the first paragraph. I still don't know why microsoft says to do a reïnstall on IIS, maybe they have their reasons.. ;).. Don't they have reasons for everything.. lol...
http://hacks.oreilly.com/pub/h/1153
Hope this helps you out...
ASKER
I read through the article you refer to rhandels. It looks as though it assumes that the matabase you are restoring is a kmown good version (obviously) but my backups are not known to be good and are most certainly in the same state as the current Matabase. At the end of the article it states that the only recourse maybe a reinstall.
Unless I am missing somthing in the article (possible) I think I'm stuck with a IIS reinstall?
Kevin
Unless I am missing somthing in the article (possible) I think I'm stuck with a IIS reinstall?
Kevin
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
This thread is very old but thought I would share a few things about what i learned after the fact...
1) If you talk to MS support the number of different answers you get is directly porportional to the number of techs you talk to...
2) The issue I was having was not IIS related AT ALL. It was simply that companies that randomly produced the Relaying denied messages were also running servers that had port 25 open but were not mail servers. I have no idea why this would be the case but I verified that this was true with the third MS tech I talked to about my Relaying denied issue. This tech seemed to actually be knowledgeable and directed me to the real issue almost immediately.
It seems that my mail server would attempt to connect to the receiving mail server via DNS and a MX record and if it failed the first attempt it would automatically try an A record lookup instead ( silly you ask? I thought so, but this is by MS design). The A record could be any server running IIS and have port 25 open. This apparently happens more often than I thought. So, in succesfully connecting to a non mail server that has no mail clients accociated with it my mail server tries to send mail and the bogus destination server obviously send the Relaying denied message to my server.
That's it. Once the companies that my mail server was trying to connect to closed the servers with the A records down to IIS and port 25 traffic my mail server failed in the DNS lookup and simply retried in the specified amount of time. Eventually making the MX connection with the REAL mail server. It has been almost exactly a year since I posted this question and I have not seen but a handfull of these Relaying denied messages. I appreciat all the help I got from you experts. I just wish MS had not sent me on a wild goose chase for a week or more last year.
1) If you talk to MS support the number of different answers you get is directly porportional to the number of techs you talk to...
2) The issue I was having was not IIS related AT ALL. It was simply that companies that randomly produced the Relaying denied messages were also running servers that had port 25 open but were not mail servers. I have no idea why this would be the case but I verified that this was true with the third MS tech I talked to about my Relaying denied issue. This tech seemed to actually be knowledgeable and directed me to the real issue almost immediately.
It seems that my mail server would attempt to connect to the receiving mail server via DNS and a MX record and if it failed the first attempt it would automatically try an A record lookup instead ( silly you ask? I thought so, but this is by MS design). The A record could be any server running IIS and have port 25 open. This apparently happens more often than I thought. So, in succesfully connecting to a non mail server that has no mail clients accociated with it my mail server tries to send mail and the bogus destination server obviously send the Relaying denied message to my server.
That's it. Once the companies that my mail server was trying to connect to closed the servers with the A records down to IIS and port 25 traffic my mail server failed in the DNS lookup and simply retried in the specified amount of time. Eventually making the MX connection with the REAL mail server. It has been almost exactly a year since I posted this question and I have not seen but a handfull of these Relaying denied messages. I appreciat all the help I got from you experts. I just wish MS had not sent me on a wild goose chase for a week or more last year.
I didn't follow all of what they/you have written down, but here goes my 2 cents...
I do think that the missing domain.com in your metabase is the problem. If you try to send an e-mail from a mailacoount that isn't on your own domain, than this is called relaying (e.g. on your mailserver mail.mydomain.com a mail from someone@yahoo.com to someoneelse@hotmail.com is being send). To make sure that this is not possible, relaying is prohibited on a Exchange server. Telling you how to enable this isn't the best way to go, you shouldn't enable relaying, it is a serious security breache.. So i think that that's your problem. Unfortenaltely, i don't know how to fix this problem, but seeing that Microsoft helps you, they should fix it for you.
And that brings me to my next opinion... I am a Exchange 2000 MCP, and for as far as i know (and the microsoft books state) a réïnstall of the IIS doen NOT fix the corruption of the IIS metabase. To restore the metabase, you should restore the System State Back-up.
Hope this helps a little bit and good luck with the Microsoft people (i'm afraid you'll need it)