How to troubleshoot Exchange 2003 sending difficulties

I am relatively new to Exchange, so please forgive the question . . .

I have Microsoft Small Business Server 2003 with 12 or so users.  The server has GFI Mail Essentials for spam protection and GFI Mail Security for virus protection.  It has been working fine for months.  Today, all of a sudden, when sending to certain domains (like 6 or 7 different domains), users began getting immediate Non-delivery receipts.  However, not all the NDRs are the same.  And these are all to domains that have worked in the past.  As per the blacklist entries at http://www.mxtoolbox.com/blacklists.aspx - the server is not on any blacklists.  

Below is some of the text from some of the NDRs (domain names changed to protect the innocent):

The following recipient(s) could not be reached:

      User Name on 2/28/2005 6:12 PM
            There was a SMTP communication problem with the recipient's email server.  Please contact your system administrator.

            <mydomain.com #5.5.0 smtp;554 <external@recipient.com>: Relay access denied>

The following recipient(s) could not be reached:

      different-external@recipient.org on 2/28/2005 4:27 PM
            You do not have permission to send to this recipient.  For assistance, contact your system administrator.
            <mydomain.com #5.7.1 smtp;550 5.7.1 <different-external@recipient.org>... Relaying denied>

The following recipient(s) could not be reached:

      another-external@recipient.org' on 2/28/2005 4:53 PM
            There was a SMTP communication problem with the recipient's email server.  Please contact your system administrator.

            <mydomain.com #5.5.0 smtp;550 relaying to <another-external@recipient.org> prohibited by administrator>
 
While all these NDRs are differnet, they ALL worked just yesterday, which makes me think something is wrong.  Also of note, since the beginning of time with this server, I have gotten these event ids in the application log for every e-mail that is sent to an external Exchnage server:

event ID 7010:
This is an SMTP protocol log for virtual server ID 1, connection #806. The client at "123.123.250.51" sent a "xexch50" command, and the SMTP server responded with "504 Need to authenticate first  ". The full command sent was "xexch50 1776 2".  This will probably cause the connection to fail.

For more information, click http://www.microsoft.com/contentredirect.asp.

event id 7004:
This is an SMTP protocol error log for virtual server ID 1, connection #801. The remote host "123.123.201.227", responded to the SMTP command "rcpt" with "503 This mail server requires authentication. Please check your mail client settings.  ". The full command sent was "RCPT TO:<totally-different-user@organization.org>  ".  This will probably cause the connection to fail.

For more information, click http://www.microsoft.com/contentredirect.asp.



--------------------------

The two event IDs have happened for months, and the don't seem to be related since the server worked find despite getting dozens of event IDs 7004 and 7010 each day.  

I guess I should start by looking where I can find more pertinent information that will help me find where I should look.

Thank you
LVL 9
dmessmanAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

SembeeCommented:
Are you trying to use a SMART HOST somewhere in the configuration? Usually configured on the SMTP Virtual Server? If so - this could be pointing at a server that requires authentication.
You cannot set authentication on the SMTP VS as this will break incoming email. Therefore you will have to use an SMTP Connector.
http://www.amset.info/exchange/smtp-connector.asp

And there is a good reason why it worked yesterday and not today. Yesterday was February. Today is March. If anyone is using databases on monthly updates then a new update was probably applied today.

Simon.
0
dmessmanAuthor Commented:
The Exchange server does not have a smart host.  These problems occurred on February 28, so I doubt it was a monthly updates thing.  Besides, the problem was definetely on my server - many domains that were never a problem were suddenly a problem.  Later that evening I rebooted the server and the problem ceased.  However, that doesn't make me feel better - as I wish I knew the cause.  Where does one usually go for diagnostic data to see what could have been wrong?  When I ran a Postfix server, I could go into the logs and look at the conversations between my server and the other servers it was talking to.

Thanks
0
SembeeCommented:
Message tracking in Exchange does a similar thing.
ESM, Admin Groups, <your admin group> Server. Right click on your server and choose Properties. It is set on the first tab. You then use "Message Tracking Center" to read them.

You could also turn up logging on the SMTP VS, but I would only do that when you know there is problem - otherwise you will fill up with logs very quickly.

Simon.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.