• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 430
  • Last Modified:

Urgent Exchange 2003 Mail Stuck in Queue

Hello,  I have an Exchange 2003 Server.

We have mail going to one specific company and it is stuck in our Queue.  We can receive email from them, but when we try to sending to them it won't go.

I have right clicked and said force connection, but nothing happens.

I don't know a lot about exchange, so some detailed help is very much appreciated.

Thanks,
0
GDoucette
Asked:
GDoucette
  • 6
  • 4
  • 3
2 Solutions
 
v_alberCommented:
Hi,
  It maight be a DNS issue.
  There are 2 things that you can tru really fast.
  1) Going to your internal DNS server and add an "A" record for those company MX server.
      You can check it by going to www.checkdns.net and typing the domain name.
      After you have done that restart DNS service and Exchange SA service.

  2) You can create SMTP connector to this domain.
      Go to Exchange System Manager ->Routing Groups ->First Routing Group -> Right mouse click on it ->
      Create New ->SMTP connector
      Specify it's name -> Choose "Forward all mail throuh ...." specify there the ip address for that company MX record.
      Add local bridgehead server as your server ->Go to Address Space tab ->Add -> SMTP -> specify that domain name
      Try to restart SMTP service and see if it works.

In the same time try to verify that your DNS is fine and that you are not black listed, cause that might be the reason why
your users unable to send mail to this domain. Your domain may be blocked locally in one specific domain or in some public black list RBL.

Hope helped, Alex.


0
 
GDoucetteAuthor Commented:
Hi Alex,

Thanks for the quick reply.  Two things:

Where do I go in my DNS Server?  What program do I open where to I type an "A' record, and what is an A record?

Two: How do I find out the IP address for their MX record?

0
 
v_alberCommented:
Hi,
  You probably have a Domain Controller with Active Directory, that's where your internal DNS server is installed.
  On that server go to Start, Programs, Administrative Tools, DNS.
  When you right mouse click on your DNS zone you can choose a new record, choose A, this a host record, which resolves host name to IP address, that's what it does.
  As I told you before to check for other's company MX record, go to www.checkdns.net, enter their domain name and enter. Wait for a minute and will get their mail servers in bottom of the page. Grab the IP address for one of them, that's their MX record.
0
Free tool for managing users' photos in Office 365

Easily upload multiple users’ photos to Office 365. Manage them with an intuitive GUI and use handy built-in cropping and resizing options. Link photos with users based on Azure AD attributes. Free tool!

 
GDoucetteAuthor Commented:
So I went to checkdns, and have their info.

when I go to DNS this is what  I see:

DNS

>Main Server
>>Forward LookupZones
>>>company 1
>>>>_msdcs
>>>>_sites
>>>>_tcp
>>>>_udp
>>>>_ForestDnsZones

If I right click I get the option "New Host (A)", but no Choose Host.

Please advise where I should be right clicking and what the menu item would read.

Thanks,
0
 
GDoucetteAuthor Commented:

Ok, I looked at our other server listed in this DNS, and read the event viewer.

I received this error message, but I am not really sure what it is asking me to do.

6702
MessageId=6702 Severity=Error SymbolicName=DNS_EVENT_UPDATE_DS_PEERS_FAILURE

DNS Server has updated its own host (A) records. In order to insure that its DS-integrated peer DNS servers are able to replicate with this server, an attempt was made to update them with the new records through dynamic update. An error was encountered during this update, the record data is the error code.

If this DNS server does not have any DS-integrated peers, then this error should be ignored. If this DNS server's Active Directory replication partners do not have the correct IP address for this server, they will be unable to replicate with it.

To insure proper replication:
Find this server's Active Directory replication partners that run the DNS server.
Open DNS Manager and connect in turn to each of the replication partners.
On each server, check the host (A record) registration for THIS server.
Delete any A records that do NOT correspond to IP addresses of this server.
If there are no A records for this server, add at least one A record corresponding to an address on this server, that the replication partner can contact. (In other words, if there multiple IP addresses for this DNS server, add at least one that is on the same network as the Active Directory DNS server you are updating.)
It is not necessary to update EVERY replication partner. It is only necessary that the records are fixed up on enough replication partners so that every server that replicates with this server will receive (through replication) the new data.
0
 
v_alberCommented:
That means if you are using 2 or more dns servers with Integrated Zones, you have to make sure that all A records correspond with proper server names and correct IP addresses.
Basicly you need to double click on "Company 1" in your DNS MANAGERon each server and verify that you know every record in there. If you use only one DNS server this error is irrelevant.
When you create an  "A" record you have to manually type their server details and not to choose host. Choose host is only for hosts you can browse and not for hosts on other domains.
0
 
SembeeCommented:
I think you may have two unrelated problems here.
First lets deal with the mail stuck in the queue.

I would never recommend that create an SMTP connector pointing to another site's MX server directly. Neither would I recommend that you put entries in to your DNS server for a domain that you don't control.
Both bits of advice aren't really very good solutions - the remote sites only need to make one small change and you will be unable to send mail and may not know why.

Instead a better solution is to use an SMTP connector but point it at your ISPs SMTP server. If the delivery failure is due to misconfigured reverse DNS or something like that then the ISPs server will get through.
Ideally I would wait to see what the NDR says when the messages eventually bounce, but it is unusual for a client to accept that waiting time - they want the email message to go through.

Next, the DNS issues.
I don't think this is related to above, but how have you got your domain controllers configured?
If DNS server is installed on both machines then you should have AD integrated DNS server for your AD domain on both servers. They should be pointing at themselves for primary DNS and the other domain controller for secondary DNS. (There is some debate over this - some people feel that all domain controllers should point to the same DC for primary and themselves for secondardy).
There should be NO external DNS servers in the network/dns configuration of any server or workstation. The only place that external DNS is acceptable is as forwarders in the DNS server config. This isn't strictly required as Windows 200x server is quite capable of looking up DNS information on its own.

Simon.
0
 
v_alberCommented:
To Sembee,
   Creating an SMTP direct connector and verifying it running would point to DNS problem, which can be fixed while mail
   queue is empty, and not the other way around. After the DNS being fixed the connector can be removed.
   It's just MS best practice.
0
 
GDoucetteAuthor Commented:
Simon, so on the connector instead of putting in the IP address for the company the emails are bouncing from, I should put in my ISP?

Dumb question, but how do I find out my ISP's IP address.

I don't know alot about the setup on the server, mostly just clients and desktops, so this stuff is all new to me.

0
 
SembeeCommented:
V_alber - point to a source that indicates that technique you have indicated as a Microsoft best practise please. I have been using Exchange for many years and have never seen that advise from anyone else before.

Gdoucette - It isn't your ISP's IP address, but the name of their smtp server. This is usually listed on their web site somewhere. Very often it is something like smtp.isp.net or mail.isp.net - same thing that you put in to Outlook Express for outbound email.

If you need to authenticate outbound email then that can be worked around as well.

Simon.
0
 
v_alberCommented:
Sembee - I work there
0
 
SembeeCommented:
V_alber - that is fine. We all have to work somewhere.
However I would still like to see a public note that indicates the technique you have outlined as a MS best practise. I have read most things produced by MS and others for Exchange and it isn't something that I have seen before.

I used to work for Motorola but it doesn't make me an expert in mobile phones.

Simon.
0
 
v_alberCommented:
Sembee - that's probably not the purpose of us being here discussing our specalties.
Though I do work as an Exchange Engineer.
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

  • 6
  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now