?
Solved

Incoming and outgoing mails stuck in smtp queues

Posted on 2004-11-17
27
Medium Priority
?
1,432 Views
Last Modified: 2008-02-01
Any help would be much appreciated. Let me begin by saying I'm fairly new to exchange, so this may well be a simple config issue.

Mail server was running fine until last weekend. On monday morning, no mails coming in or going out. When I checked the default virtual server queues they were empty, but new mails sent either from internal users or external don't appear on queues. After much frustration, I found that we were open for mail relay, which I closed off, and then I deleted the smtp connector and set up a new one. (Actually set up a new one and then deleted the old one). Now incoming and outgoing mails are appearring in the queues, but not getting forwarded to the internal users or to the external domains. They're just sitting on the server.I'm guessing that in disabling the open relay I've also disabled the proper relay from the server to the internal clients/external domains, but I don't know how to fix it. Any ideas???
0
Comment
Question by:dhony
  • 15
  • 12
27 Comments
 
LVL 104

Expert Comment

by:Sembee
ID: 12603834
Which version of Exchange?
And what exactly did you do to close the open relay? If it is Exchange 200x then it is relay secure out of the box and doesn't actually require anything to be changed.

I would also go to dnsreport.com and enter your domain name and see if that flags any errors.

Simon.
0
 

Author Comment

by:dhony
ID: 12603885
Thanks for the quick response - Exchange 2000. (Running SBS 2000). I've done the dnsreport thing and it's looking ok. To be honest I've forgotten the steps I followed to close the relay. It was late into the night last night. I followed steps I found either on a post here or on theMS support site. The relay restrictions under the default smtp virtual server are:
allow all except the list below, (which is blank)
and
allow all computers which successfully authenticate... is ticked.

under connection it also
allow all except the list below, (which is blank)
 
and under authentication everything is ticked, and there's no entry in the TLS default domain box
0
 
LVL 104

Expert Comment

by:Sembee
ID: 12604060
One of those settings is actually leaving you as an open relay.

Change "All except the list below" to "Only the list below" and leave the list blank.

If you don't have any users connecting to your server to send email via SMTP (Outlook Express etc) then you can disable the computers which authenticate as well. This does NOT affect users connecting with Outlook to Exchange.

Authentication is OK.

Are you using an SMTP Connector to send email? You only need a connector for outbound email - it doesn't affect inbound at all.
If you select one of the messages in the queues what does the reason code say?

It might be that your ISP has stopped you from sending email because you are open...

Simon.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:dhony
ID: 12604243
When I change relay setting as you described, (only the list below and blank) the computers connecting setting my incoming test mail from a yahoo account was returned with...  (I've x'd out the personal details)
Hi. This is the qmail-send program at yahoo.com.
I'm afraid I wasn't able to deliver your message to the following
addresses.
This is a permanent error; I've given up. Sorry it didn't work out.

<xxxx@xxxxx.ie>:
xx.xx.xx.xx does not like recipient.
Remote host said: 550 5.7.1 Unable to relay for xxxx@xxxx.ie
Giving up on xx.xxx.xxx.xx.
0
 
LVL 104

Expert Comment

by:Sembee
ID: 12605428
Presuming that the IP address that you have hashed out is your valid address, that sounds like it is Exchange or something else in front of Exchange not knowing it is responsible for the domain. Have you verified that the IP address on the MX records is correct?

Make sure that you aren't confusing relay control with connection control. On the connection tab it should be "All accept the list below".

Simon.
0
 

Author Comment

by:dhony
ID: 12606227
Nope. Definitely under relay - Relay Restrictions settings seem to need to be set to "All Except the list below" which is blank. I've unticked "Allow all computers which successfully authenticate to relay" as we're using outlook.
Under the connections tab we have all except the list below too, and it's also blank.
The Ip address on the mx records must be ok because the mails are now arriving as far as the server and sitting there. The problem is getting them from there to the user mailboxes.
Getting desperate
0
 
LVL 104

Expert Comment

by:Sembee
ID: 12606285
Which queue are they sitting in?

Simon.
0
 

Author Comment

by:dhony
ID: 12606331
incoming mails are all sitting in a queue called the same as the domain name, (without the mail. prefix. Outgoing mails are in a queue for yahoo.com, (there's only 2 mails there because that's allt hat I've sent to test)
0
 
LVL 104

Expert Comment

by:Sembee
ID: 12606926
That's odd. You shouldn't have a queue with that name. That means Exchange doesn't know it is responsible for that domain and is trying to send the messages out. Except they cannot get out.
Need to fix the inbound stuff first, because I suspect that if you fix outbound all that email in the queues will go back out and cause a loop.

Have you rebooted the server? If not, do so. Don't do anything else other than a simple reboot. If any errors are flagged, post back. Need the full content of the error message - error number, service text etc.

Simon.
0
 

Author Comment

by:dhony
ID: 12607370
Server's been rebooted a few times and it's coming back fine. The av software was out of date so I've checked and found a few viruses there. Netsky.p and melissa both showed up using panda's online scan. They're removed, but is it possible they changed/screwed up some settings?
0
 
LVL 104

Expert Comment

by:Sembee
ID: 12608439
I am starting to think that something has got screwed up. SMTP or IIS in general.
Have you check your Recipient Update Polices to ensure the domain is listed?
Anything in the event logs?

Simon.
0
 

Author Comment

by:dhony
ID: 12609790
Where do I check the recipient update policies? Event logs were showing up a load of WMI-related errors, which are cleared up now. There's also a load of perflib 1010 errors showing up. There was a problem with print spooler too which is now resolved. Perflib errors still there though. Got a hotfix from M/S which didn't resolve. Based on that mess, it's pretty likely that smtp/iis/something else got fubar'd. I'm reluctant to start re-installing though, because it sounds like it should be a pretty straight forward thing. Or am I underestimating exchange?
0
 
LVL 104

Expert Comment

by:Sembee
ID: 12609940
Recipient Polices - ESM, Recipients, Recipient Update Services. Right click on the default policy and choose Properties. Click on the "Email Addresses (policy)" tab. Your domain should be listed in the @domain.com format.

If it is IIS then this is the article that you need to refer to: http://support.microsoft.com/default.aspx?kbid=320202

Follow it VERY carefully. It is one of those things that if you aren't 100% sure then you will have to speak to MS.

Simon.
0
 

Author Comment

by:dhony
ID: 12612989
Thanks for the help Simon. I had a look at those articles, and they seem fairly straight forward so I'll give that a shot at lunch time and let you know how it goes. Even if it turns out that the recipient policy sorts it I'm inclined to think a re-install makes more sense, because we have no idea how it got changed anyway. It's a small office and no-one there would go near the server. I'm only in very occassionally, and I didn't go near there. Hopefully I'll be psoting in about 4 hours with a success story. Fingers crossed
0
 

Author Comment

by:dhony
ID: 12615712
Ok so, the re-install is complete, (with one or two hairy moments but we won't go into that.) What I have now is my list of queues, the first one being the domain (local delivery in brackets) which is empty with a little green arrow. Next is messages awaiting directory lookup, with the same arrow, and then messages waiting to be routed, also with the arrow. All three of these directories are empty. After that are a load of remote delivery domains, all of which have mails and are either in active or retry status. Almost all the mails in these folders have a sender of either postmaster@XXX where xxx is my domain, or a sender of <>. Are these all outgoing mails, and should any incoming mails be in the first three folders, (or rather the second and third folders, assuming the first is for mails sent from internal to internal users.) Or am I way off the mark? I've now changed the setting on relay to only the list below and blank, and mails aren't bouncing back when I send them from yahoo. Problem is they're not actually arriving either.
0
 

Author Comment

by:dhony
ID: 12615751
PS event log now showing the following - (I've yyy'd out the domain name but it is one from an outgoing mail)
Message delivery to the remote domain yyyyyy.com' failed for the following reason: The remote server did not respond to a connection attempt.

0
 
LVL 104

Expert Comment

by:Sembee
ID: 12616358
Messages from postmaster@ or <> are bounced messages - aka NDR messages.

You need to some tests to see whether you can actually send and receive SMTP traffic.

For receiving, go to dnsreport.com and enter your domain name as before. See if it can actually connect.

For sending, find out the address of your ISPs SMTP server.
Then on the server itself go in to a command prompt and enter the following text:

telnet smtp.isp.net 25
Where smtp.isp.net is the address of your ISPs SMTP server. You should get a response back. If you don't - and the command window just sits there then the SMTP traffic isn't getting out of your network.

Have any of the messages that you have sent in bounced back yet?

Simon.
0
 

Author Comment

by:dhony
ID: 12616659
no bouncebacks yet. dnsreport shows no MX record but finds an a record.
When dnsreport tries to connect to a specific address it gets...
[Could not connect: Got an unknown RCPT TO response: 550 5.7.1 Unable to relay for postmaster@

I can telnet to my isp's server ok.
 
I can also telnet to my server by server name, (This is from the server itself, it doesn't allow me to telnet to the domain name or to the ip address the domain name resolved to). When I do that though, the ehlo give a good response, ending in 250 OK. Mail from:me@yahoo.com looks ok but the `rcpt to:postmaster@xxx.xx' give me a message saying 550 5.7.1 Unable to relay for postmaster@xxx.xx
0
 
LVL 104

Expert Comment

by:Sembee
ID: 12617106
Lack of MX record isn't good. While some hosts will use the A host record, it isn't a recommended configuration. You need to get that fixed. That is probably stopping the email coming in.

Do you have postmaster@ attached to something?

Simon.
0
 

Author Comment

by:dhony
ID: 12617180
I actually did it to a valid internal account, (instead of postmaster), and got the above result. Should I delete and recreate the smtp connector?
0
 

Author Comment

by:dhony
ID: 12617535
I just restated the default smtp virtual server and re-enabled the queues, and now each of the domains listed is prefixed with the name of the smtp connector, and suffixed by (SMTP Connector - Remote Delivery). I'm wondering is there a problem with the connector. Also, I just noticed that one of those queues has two mails in it, with neither the sender or the receiver belonging to this domain. I think therefore they're spam;)
There are only two messages in the file system under mailroot\vs1\queue, so I'm wondering if I can delete them/that queue, and if I do will it free things up.
Grasping at straws???
0
 
LVL 104

Expert Comment

by:Sembee
ID: 12617693
What does the SMTP Connector do? Is it to send the email through another server (your ISP?). If not then remove it - Exchange doesn't need it, it is quite capable of delivering email on its own.

Simon.
0
 

Author Comment

by:dhony
ID: 12617827
Deleted the connector. Also deleted those spam messages in exchange, (they're gone from the queue folder in mailroot\vs1 too.
Still not sending out any mails though.
0
 
LVL 104

Expert Comment

by:Sembee
ID: 12618568
What else is on this machine? Anything that could be interfering with the SMTP traffic? AV, Antispam, anything like that?
What do the queues say is the error? Can you try another domain - not Yahoo? Something that isn't likely to have a high level of spam filters on it?

It looks like it might be coming down to one of two solutions.

1. Call MS.
2. If possible, build another machine, migrate everything out to that machine (email, public folders etc), then remove the original server, wipe and rebuild. Then swing everything back. If you decide to go that route then there are some precautions to take to ensure that everything works ok.

Simon.
0
 

Author Comment

by:dhony
ID: 12619659
I was just considering option 2 there. There's some weird sh!t going down here. I've removed any viruses & spyware, (including some v.nasty porn that took over my homepage), got the AV s/w running properly, and now I realise that my print spooler has been renamed as Internet Access Control. Don't know how all this happenned but it's a bit of a mess. I think Exchange just highlighted it beacuse it's the highest impact. These guys have had no mail for a week but I think I'm going to leave it for now and start from scratch tomorrow. Thanks for all the help Simon, I really appreciate it. If I get to the bottom of it I'll let you know
0
 

Author Comment

by:dhony
ID: 12727531
Just realised I never posted the solution here. After much heartache and agony, I eventually restored the registry from a system state backup. That sorted out the print issues straight away, and then I did a re-install of IIS and Exchange. The exchange re-install failed suggesting that outlook had been installed on the pc and that the mapi32.dll was the outlook version. Eventually restored that from the same backup as the system state and reinstalled ok. Problem was down to corrupt registry and various config files being corrupt./
0
 
LVL 104

Accepted Solution

by:
Sembee earned 1500 total points
ID: 12731161
Excellent - good to hear that you have it fixed.
Don't forget to close the question, or the mods will do it for you. If you aren't sure, then post in the support forum (support in the top right corner) for guidance.

Simon.
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As much as Microsoft wants to kill off PST file support, just as they tried to do with public folders, there are still times when it is useful or downright necessary to export Exchange mailboxes to PST files. Thankfully, it is still possible to e…
If you have come across a situation where you need to find some EDB mailbox recovery techniques, then here you will find the same. In this article, we will take you through three techniques using which you will be able to perform EDB recovery. You …
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
Suggested Courses
Course of the Month16 days, 19 hours left to enroll

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question