?
Solved

Exchange 2007 Server Queuing Mail and timing out to a perfectly good recipient

Posted on 2007-09-28
12
Medium Priority
?
3,221 Views
Last Modified: 2011-02-15
Out new Exchange 2007 server is having some issues with sending mail... we have multiple domains that we are having trouble getting mail out to.. here is the info in the message queue from one of the msgs:

Identity: appliedexch\284\787
Subject: n301 unique CRF sign off
Internet Message ID: <A8B2DC685B43F848BF0EC9A46F5D681D057651@exchange.ourdomain>
From Address: someone@ourcompany.com
Status: Ready
Size (KB): 35
Message Source Name: FromLocal
Source IP: 255.255.255.255
SCL: -1
Date Received: 9/27/2007 4:12:32 PM
Expiration Time: 9/29/2007 4:12:32 PM
Last Error: 421 Timeout reading data
Queue ID: appliedexch\284
Recipients:  someone@somewhere.net

And one of the NDRs

Delivery is delayed to these recipients or distribution lists:

Myname

Subject: Something - resend with attachment

This message has not yet been delivered. Microsoft Exchange will continue to try delivering the message on your behalf.

Delivery of this message will be attempted until 9/29/2007 2:52:46 PM (GMT-05:00) Eastern Time (US & Canada). Microsoft Exchange will notify you if the message can't be delivered by that time.

  _____  

Sent by Microsoft Exchange Server 2007

Any ideas here?  
0
Comment
Question by:ParadiseITS
12 Comments
 
LVL 104

Expert Comment

by:Sembee
ID: 19981669
That is a delay message. Unfortunately it doesn't tell you anything of use.
You need to look at the server itself and see what the reason is using Queue Viewer. Verify that the server is able to find the MX records for the domain and telnet to the server server listed on the MX records on port 25.

Simon.
0
 
LVL 9

Author Comment

by:ParadiseITS
ID: 19981747
I verified that the our Exchange server can contact the server vis nslookup.  All seems OK there...   the first cut and paste above is from Queue Viewer and that's all the info it gives.

In most of the domains that are a problem, under "Last Error" I am getting:

451 4.4.0 Primary Target IP Address Responded with: "421 mail.server.name.here Error: timeout exceeded.  Attempted Failover to alternate host but that did not succeed."

or

451 4.4.0 Primary Target IP Address Responded with: "421 4.4.2 Connection Dropped. Error: timeout exceeded.  Attempted Failover to alternate host but that did not succeed."


Any ideas?  I'd like to try increasing the time that our SMTP server waits but I can't find that setting in ESM...
0
 
LVL 104

Expert Comment

by:Sembee
ID: 19982565
Adjusting timeouts should not be necessary.
Both of those are temporary errors.
Nslookup just proves the DNS lookup. What about the connection to the host?

Exchange looks like it is giving the same error for both problems - even though the SMTP error is slightly different. The second part of the error basically means it is looking for an additional MX record and either there isn't one or it doesn't work either.

Simon.
0
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

 
LVL 9

Author Comment

by:ParadiseITS
ID: 19991164
Sounds right on.. the issues seems to have abated on it's own over the weekend... how would I check the host connection?
0
 
LVL 9

Author Comment

by:ParadiseITS
ID: 19999007
I am getting these problems again this morning... any ideas from anyone??  I need to know what might cause this problem when the domains exist and are ready receive our mail.
0
 
LVL 104

Accepted Solution

by:
Sembee earned 1500 total points
ID: 19999453
I would be looking at the ISP as having routing issues.
Of course there is no point in calling the ISP, they will not admit it. I have been on the phone to ISPs tech support with the fire alarm going off in the background and been told there was nothing wrong.

You have to continue with what I outlined above.
NSLOOKUP on the MX records, confirm they are correct then attempt to connect to the MX records on port 25 using telnet.

Simon.
0
 
LVL 9

Author Comment

by:ParadiseITS
ID: 19999780
Sembee -- funny you should say that I'm on hold with them at the moment.  I've been able to connect to the MX records via NSLOOKUP, haven't tried telnet yet.  Will try that now.


0
 
LVL 9

Author Comment

by:ParadiseITS
ID: 20000043
Telnet to 25 seems to work fine for our clients...  I get a ready message from them
0
 
LVL 104

Expert Comment

by:Sembee
ID: 20009308
Is there any pattern on the domains that you cannot send to?
Same route on a tracert to their mail server, same ISP etc?

Simon.
0
 
LVL 9

Author Comment

by:ParadiseITS
ID: 20009563
Well so here is the solution to our problem...

The issue seems that it was a reverse lookup that was being done by some of our clients and our MX record in our ISPs DNS server was pointing to their mail server, not ours.  So when a mail server tried to match names to numbers they could not and they would drop the connection, assuming we were trying to spoof a mail server.

Once DNS was fixed, I also pointed our Exchange server to our Barracuda as a Smart Host to enable it to send mail instead of the Exchange server that way all IPs and name matched.  Now mail is flowing perfectly... what a nightmare this was.
0
 
LVL 1

Expert Comment

by:coolvette
ID: 23692137
Had similar problem one time. Was getting the similar "451 4.4.0 primary target IP address responded with 421 4.4.2 connection dropped" messages. Worked for several hours on it, and tried a lot of the suggestions listed on this forum. Found out it was our anti-virus software on the server. An update had been pushed out to it the day before, and something with that update was causing the problem. As soon as we paused the anti-virus software service, the e-mail flowed out to the world without problem.
0
 

Expert Comment

by:cd1zz
ID: 34903934
I know this is a bit old but for me the issue was related to some of the domains requiring HELO instead of EHLO --- details are here http://networkadminsecrets.blogspot.com/2010/04/421-and-451-exchange-2007-errors.html
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Steps to fix “Unable to mount database. (hr=0x80004005, ec=1108)”.
If you have come across a situation where you need to find some EDB mailbox recovery techniques, then here you will find the same. In this article, we will take you through three techniques using which you will be able to perform EDB recovery. You …
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…
This video shows how to quickly and easily deploy an email signature for all users in Office 365 and prevent it from being added to replies and forwards. (the resulting signature is applied on the server level in Exchange Online) The email signat…
Suggested Courses

807 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question