[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Messages seem to immediately enter retry connection state and never or very rarely get sent

Posted on 2005-05-10
13
Medium Priority
?
815 Views
Last Modified: 2012-06-27
We are running Exchange 2000 SP4 on a Windows Server 2K SP4 platform.  Also runnng on the system are Trend Micro ScanMail and GFI MailEssentials.  Recently our message queues  have been getting backed up due to messages that seem to go immediately into the retry state.  The message becomes active after 2nd retry time comes around.  We are running internal DNS with external forwarders.  We have tried every relevant soulution posted on this site but have still not had any luck.  Any help would be greatly appreciated.

Thanks,
Mike
0
Comment
Question by:miketatum
  • 5
  • 5
  • 3
13 Comments
 
LVL 12

Expert Comment

by:BNettles73
ID: 13972860

You can turn up logging on DSAccess and Transport to get a more clear picture of what errors are occurring. Are you seeing any events in the application or system logs that might indicate a problem?

I have seen this generally linked to one of two issues -

1. The anti-virus software is dragging down performance on the server (I have really had this issue with Antigen running on my mailbox clusters)
    a. I'm not really familiar with GFI, but to test I typically unhook the AV solution from Exchange and see if the performance issue persists.
    b. If the AV software is disabled/unhooked and you still see the issue - I have actually had to uninstall and reinstall.
    c. AV software that runs over Exchange has significant impact at times due to the level of interaction it has with exchange components.
    d. Make sure you don't have any reverse DNS settings configured in the AV software or within Exchange.

2. You may be having issues with your GC ... you can turn up logging on DSAccess and see what events are generated.

Other Information:

3. You may want to check your hardware - make sure you aren't having any disk contention type issues.
4. Run performance monitor and identify any potential bottlenecks.
0
 
LVL 24

Expert Comment

by:flyguybob
ID: 13973782
have you tried rebooting, just in case it is a link state issue?
0
 

Author Comment

by:miketatum
ID: 13973792
Thanks for the suggestions; I'll get started looking at these items and let you what happens.
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 

Author Comment

by:miketatum
ID: 13978017
I have taken a look at all of the suggestions posted.  Rebooting exchange server is not an option.  I have stopped antivirus and GFI but this has not had an effect.  All reverse DNS settings are clear, this is one of the first things I looked at.  All hardawre appears to be ok, and system, application, and security logs appear to be ok.

After turning up DSAccess and Transport logging I found a reoccuring information message 2080:  FPServer@mydomain.com cd- 7711117 & ExchangeServer@mydomain.com cd- 6600116.

One interesting thing that I have found is that restarting the SMTP service allows the queue to clear very quickly (a lot like it should normally); what do you think this would indicate?
0
 
LVL 12

Expert Comment

by:BNettles73
ID: 13978873

The 2080 Event is generated when the topology is detected through the Directory Server Access component. This is purely informational and unless you don't see any errors I wouldn't worry about it.

1. Does the issue occur only during peak hours or does it persist even after-hours when you go through your slow mail periods?
2. Did you try removing and reinstalling the AV Software? Did you call the vendor and make sure there aren't any recent issues with an engine or pattern update?

You may disagree, but I can't tell you how many times I've battled this very same issue and 99% of the time it was AV related.

According to Microsoft: Troubleshooting Messages in a Retry State:

Messages that failed a queue submission are moved to this queue. Frequently, messages fail a queue submission before any other processing has been done. By default, messages in this queue are reprocessed in 60 minutes. Corrupted messages or low system resources can cause messages to appear in this queue.

Troubleshooting: REVIEW third-party programs that are installed or event sinks that can interfere with message queuing or message fidelity. If the computer responds slowly, use Windows Task Manager to determine processes that may use too many system resources. Restarting the Internet Information Server service may provide temporary relief until you can determine the root cause of the problem. To restart the Internet Information Server service, follow these steps:
1. Click Start, and then click Control Panel.
2. Double-click Administrative Tools.
3. Double-click Services.  
4. Right-click Internet Information Server, and then click Restart.
0
 
LVL 24

Expert Comment

by:flyguybob
ID: 13979384
I had a problem similar to this, and usually it is AV related.  The AV uninstall and re-install usually requires a reboot as well.  McAfee has been a recent culprit in an EE case I participated in.

However, I have seen problems similar to this.  In one case a Microsoft tech (2 of them, actually) spent many hours with a customer who could route mail internally, recieve internet mail, but not send internet mail.

The customer did not did not want to shutdown and power up for various reasons.  After finally agreeing, the Exchange systems were shut down and brought back up starting with the Routing Group Master, then the front-end/bridgehead servers, and then the back-end mailbox servers and clusters.

After all the systems were back up mail was routing correctly.

What does SMTPDiag report?  What does WinRoute show?

Bob
0
 

Author Comment

by:miketatum
ID: 13979663
After some more thinking and testing your suggestions and some of my own, I stumbled on one question:  Should I have an SMTP connector installed?

In response, to flyguybob, I finally broke down and restarted the server after installing some software updates for GFI MailEssentials, this did not fix our problem.  Also, like the situation you described, all other mail functions are working correctly except outgoing internet mail.  My next step is to uninstall and reinstall AV but I fear this is not the culprit in this case since it was installed no more than a month ago and everything has been performing well up until now.  I have SMTPDiag turned on but where can I find the log, it is not in event viewer.  Winroute appears to be ok, ready status.
0
 
LVL 24

Expert Comment

by:flyguybob
ID: 13982651
Sorry that the reboots did not work..I was really expecting that they would.

You should not need an SMTP connector unless you have a smarthost between you and the Internet...or unless SMTP outbound traffic has specifically been blocked from your mail server's IP address.  If you are using DNS, then it will route through the Default SMTP Virtual Server.

If you want to setup a SMTP connector, you can definitely do that.  The address space would be *, the cost would be 1, and you would forward via DNS.

One thing you might want to do is connect to one of the mail systems out there on port 25 from your mail server.
nslookup
> set type=mx
> company.com
(using GMAIL as an example)
gmail.com       MX preference = 10, mail exchanger = gsmtp171.google.com
gmail.com       MX preference = 10, mail exchanger = gsmtp185.google.com
gmail.com       MX preference = 10, mail exchanger = gsmtp171-2.google.com
gmail.com       MX preference = 10, mail exchanger = gsmtp185-2.google.com
gmail.com       MX preference = 20, mail exchanger = gsmtp57.google.com
gmail.com       MX preference = 5, mail exchanger = gmail-smtp-in.l.google.com

gsmtp171.google.com     internet address = 64.233.171.27
gsmtp185.google.com     internet address = 64.233.185.27
gsmtp171-2.google.com   internet address = 64.233.171.114
gsmtp185-2.google.com   internet address = 64.233.185.114
gsmtp57.google.com      internet address = 216.239.57.27
>exit

Get the address and telnet to the server
telnet mailserver.company.com 25

HELO <enter>
(wait for the response)

If you can't connect then you may need to find what is blocking outbound SMTP.


0
 

Author Comment

by:miketatum
ID: 13983345
Thanks for following up on this issue Bob; I will give this a try in the morning and let you know what I find.  Earlier after your other post I went ahead and found that there was an upgrade availiable for MailScan so I uninstalled the old and installed the new and again rebooted the server, still no luck.  I feel that this has to be either some sort of DNS issue or like you suggested port filtering/firewall related.  Not really sure why the firewall would be barking at this stuff now since it has been in place for a reasonable amount of time with no prior issues, but at this point I am willing to factor anything into the equation.

Thanks again,
Mike
0
 
LVL 12

Accepted Solution

by:
BNettles73 earned 750 total points
ID: 13985588

Check the performance monitor counter (SMTP Server \ Categorizer Queue Length) and tell me what it says ...

Give us some more information about the server - users, general hardware, does the server have other applications on it etc ...

What type of firewall are you using?
    Do you see any errors in the firewall logs?
Is the mail server installed on a DC/GC?
Is DNS hosted on the mail server or are you running it elsewhere?
Are you running any type of file level scanner on the server?

Do you know how to modify the registry to run on debug level options for DSAccess and Transport? You can push the registry values to 7 and it will return debug level information.

0
 
LVL 24

Assisted Solution

by:flyguybob
flyguybob earned 750 total points
ID: 13986086
...had a problem where an IP allow outbound statement was not "wri mem" on a Cisco box...when the rebooted it the inbound worked but the outbound did not.  Then again, we had the opposite problem one time as well.

Try telnetting out from the mail server console and see what happens.

Bob
0
 

Author Comment

by:miketatum
ID: 14010269
I have finally solved the problem, which in this case was not an exchange problem at all.  The firewall was improperly handling traffic on port 25; by this I mean it was set up to allow some traffic through, but not the volume associated with e-mail.  Therefore this caused the the queues to back up and still allow a few e-mails to go through.  Once the port was configured as the outhgoing smtp port everything cleared out of the queues and I have not had a problem since. BNettles73 and Bob, your help is still greatly appreciated and I will divide the points evenly between the two of you.
0
 
LVL 24

Expert Comment

by:flyguybob
ID: 14012053
Thanks!
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Here in this article, you will get a step by step guidance on how to restore an Exchange database to a recovery database. Get a brief on Recovery Database and how it can be used to restore Exchange database in this section!
If you have come across a situation where you need to find some EDB mailbox recovery techniques, then here you will find the same. In this article, we will take you through three techniques using which you will be able to perform EDB recovery. You …
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an anti-spam), the admin…
Suggested Courses
Course of the Month18 days, 11 hours left to enroll

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question