ParadiseITS
asked on
Exchange 2007 Server Queuing Mail and timing out to a perfectly good recipient
Out new Exchange 2007 server is having some issues with sending mail... we have multiple domains that we are having trouble getting mail out to.. here is the info in the message queue from one of the msgs:
Identity: appliedexch\284\787
Subject: n301 unique CRF sign off
Internet Message ID: <A8B2DC685B43F848BF0EC9A46
From Address: someone@ourcompany.com
Status: Ready
Size (KB): 35
Message Source Name: FromLocal
Source IP: 255.255.255.255
SCL: -1
Date Received: 9/27/2007 4:12:32 PM
Expiration Time: 9/29/2007 4:12:32 PM
Last Error: 421 Timeout reading data
Queue ID: appliedexch\284
Recipients: someone@somewhere.net
And one of the NDRs
Delivery is delayed to these recipients or distribution lists:
Myname
Subject: Something - resend with attachment
This message has not yet been delivered. Microsoft Exchange will continue to try delivering the message on your behalf.
Delivery of this message will be attempted until 9/29/2007 2:52:46 PM (GMT-05:00) Eastern Time (US & Canada). Microsoft Exchange will notify you if the message can't be delivered by that time.
_____
Sent by Microsoft Exchange Server 2007
Any ideas here?
Identity: appliedexch\284\787
Subject: n301 unique CRF sign off
Internet Message ID: <A8B2DC685B43F848BF0EC9A46
From Address: someone@ourcompany.com
Status: Ready
Size (KB): 35
Message Source Name: FromLocal
Source IP: 255.255.255.255
SCL: -1
Date Received: 9/27/2007 4:12:32 PM
Expiration Time: 9/29/2007 4:12:32 PM
Last Error: 421 Timeout reading data
Queue ID: appliedexch\284
Recipients: someone@somewhere.net
And one of the NDRs
Delivery is delayed to these recipients or distribution lists:
Myname
Subject: Something - resend with attachment
This message has not yet been delivered. Microsoft Exchange will continue to try delivering the message on your behalf.
Delivery of this message will be attempted until 9/29/2007 2:52:46 PM (GMT-05:00) Eastern Time (US & Canada). Microsoft Exchange will notify you if the message can't be delivered by that time.
_____
Sent by Microsoft Exchange Server 2007
Any ideas here?
ASKER
I verified that the our Exchange server can contact the server vis nslookup. All seems OK there... the first cut and paste above is from Queue Viewer and that's all the info it gives.
In most of the domains that are a problem, under "Last Error" I am getting:
451 4.4.0 Primary Target IP Address Responded with: "421 mail.server.name.here Error: timeout exceeded. Attempted Failover to alternate host but that did not succeed."
or
451 4.4.0 Primary Target IP Address Responded with: "421 4.4.2 Connection Dropped. Error: timeout exceeded. Attempted Failover to alternate host but that did not succeed."
Any ideas? I'd like to try increasing the time that our SMTP server waits but I can't find that setting in ESM...
In most of the domains that are a problem, under "Last Error" I am getting:
451 4.4.0 Primary Target IP Address Responded with: "421 mail.server.name.here Error: timeout exceeded. Attempted Failover to alternate host but that did not succeed."
or
451 4.4.0 Primary Target IP Address Responded with: "421 4.4.2 Connection Dropped. Error: timeout exceeded. Attempted Failover to alternate host but that did not succeed."
Any ideas? I'd like to try increasing the time that our SMTP server waits but I can't find that setting in ESM...
Adjusting timeouts should not be necessary.
Both of those are temporary errors.
Nslookup just proves the DNS lookup. What about the connection to the host?
Exchange looks like it is giving the same error for both problems - even though the SMTP error is slightly different. The second part of the error basically means it is looking for an additional MX record and either there isn't one or it doesn't work either.
Simon.
Both of those are temporary errors.
Nslookup just proves the DNS lookup. What about the connection to the host?
Exchange looks like it is giving the same error for both problems - even though the SMTP error is slightly different. The second part of the error basically means it is looking for an additional MX record and either there isn't one or it doesn't work either.
Simon.
ASKER
Sounds right on.. the issues seems to have abated on it's own over the weekend... how would I check the host connection?
ASKER
I am getting these problems again this morning... any ideas from anyone?? I need to know what might cause this problem when the domains exist and are ready receive our mail.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Sembee -- funny you should say that I'm on hold with them at the moment. I've been able to connect to the MX records via NSLOOKUP, haven't tried telnet yet. Will try that now.
ASKER
Telnet to 25 seems to work fine for our clients... I get a ready message from them
Is there any pattern on the domains that you cannot send to?
Same route on a tracert to their mail server, same ISP etc?
Simon.
Same route on a tracert to their mail server, same ISP etc?
Simon.
ASKER
Well so here is the solution to our problem...
The issue seems that it was a reverse lookup that was being done by some of our clients and our MX record in our ISPs DNS server was pointing to their mail server, not ours. So when a mail server tried to match names to numbers they could not and they would drop the connection, assuming we were trying to spoof a mail server.
Once DNS was fixed, I also pointed our Exchange server to our Barracuda as a Smart Host to enable it to send mail instead of the Exchange server that way all IPs and name matched. Now mail is flowing perfectly... what a nightmare this was.
The issue seems that it was a reverse lookup that was being done by some of our clients and our MX record in our ISPs DNS server was pointing to their mail server, not ours. So when a mail server tried to match names to numbers they could not and they would drop the connection, assuming we were trying to spoof a mail server.
Once DNS was fixed, I also pointed our Exchange server to our Barracuda as a Smart Host to enable it to send mail instead of the Exchange server that way all IPs and name matched. Now mail is flowing perfectly... what a nightmare this was.
Had similar problem one time. Was getting the similar "451 4.4.0 primary target IP address responded with 421 4.4.2 connection dropped" messages. Worked for several hours on it, and tried a lot of the suggestions listed on this forum. Found out it was our anti-virus software on the server. An update had been pushed out to it the day before, and something with that update was causing the problem. As soon as we paused the anti-virus software service, the e-mail flowed out to the world without problem.
I know this is a bit old but for me the issue was related to some of the domains requiring HELO instead of EHLO --- details are here http://networkadminsecrets.blogspot.com/2010/04/421-and-451-exchange-2007-errors.html
You need to look at the server itself and see what the reason is using Queue Viewer. Verify that the server is able to find the MX records for the domain and telnet to the server server listed on the MX records on port 25.
Simon.