Messages with attachments go through but not if they have attachments

Depends on the attachment, there are some file extensions that Exchange blocks by default.

Level 1 file types blocked by Outlook

ade Access Project Extension (Microsoft)
.adp Access Project (Microsoft)
.app Executable Application
.asp Active Server Page
.bas BASIC Source Code
.bat Batch Processing
.cer Internet Security Certificate File
.chm Compiled HTML Help
.cmd DOS CP/M Command File, Command File for Windows NT  
.com Command
.cpl Windows Control Panel Extension (Microsoft)
.crt Certificate File
.csh csh Script
.exe Executable File
.fxp FoxPro Compiled Source (Microsoft)
.hlp Windows Help File
.hta Hypertext Application
.inf Information or Setup File
.ins IIS Internet Communications Settings (Microsoft)
.isp IIS Internet Service Provider Settings (Microsoft)
.its Internet Document Set, Internation Translation
.js JavaScript Source Code
.jse JScript Encoded Script File
.ksh UNIX Shell Script
.lnk Windows Shortcut File
.mad Access Module Shortcut (Microsoft)
.maf Access (Microsoft)
.mag Access Diagram Shortcut (Microsoft)
.mam Access Macro Shortcut (Microsoft)
.maq Access Query Shortcut (Microsoft)
.mar Access Report Shortcut (Microsoft)
.mas Access Stored Procedures (Microsoft)
.mat Access Table Shortcut (Microsoft)
.mau Media Attachment Unit
.mav Access View Shortcut (Microsoft)
.maw Access Data Access Page (Microsoft)
.mda Access Add-in (Microsoft), MDA Access 2 Workgroup (Microsoft)
.mdb Access Application (Microsoft), MDB Access Database (Microsoft)
.mde Access MDE Database File (Microsoft)
.mdt Access Add-in Data (Microsoft)
.mdw Access Workgroup Information (Microsoft)
.mdz Access Wizard Template (Microsoft)
.msc Microsoft Management Console Snap-in Control File (Microsoft)
.msi Windows Installer File (Microsoft)
.msp Windows Installer Patch
.mst Windows SDK Setup Transform Script
.ops Office Profile Settings File
.pcd Visual Test (Microsoft)
.pif Windows Program Information File (Microsoft)
.prf Windows System File
.prg Program File
.pst MS Exchange Address Book File, Outlook Personal Folder File (Microsoft)  
.reg Registration Information/Key for W95/98, Registry Data File  
.scf Windows Explorer Command
.scr Windows Screen Saver
.sct Windows Script Component, Foxpro Screen (Microsoft)
.shb Windows Shortcut into a Document
.shs Shell Scrap Object File
.tmp Temporary File/Folder
.url Internet Location
.vb VBScript File or Any VisualBasic Source
.vbe VBScript Encoded Script File
.vbs VBScript Script File, Visual Basic for Applications Script
.vsmacros Visual Studio .NET Binary-based Macro Project (Microsoft)
.vss Visio Stencil (Microsoft)
.vst Visio Template (Microsoft)
.vsw Visio Workspace File (Microsoft)
.ws Windows Script File
.wsc Windows Script Component
.wsf Windows Script File
.wsh Windows Script Host Settings File

As an administrator, you can add or remove attachment types from the list of Level 2 file types through the Outlook Security Settings tab of the Outlook Security form. Also, you can demote attachment file types from Level 1 to Level 2 by using the Level1Remove registry key.

http://office.microsoft.com/en-us/ork2003/HA011402971033.aspx

Old messages getting NDRs is a classic sign of AV interference. I would suspect that is happening here. Ensure that any file level AV is not scanning the Exchange directories.

Simon.

I'm using SAV and Antigen for Exchange. I checked in SAV and made sure that the entire Program Files\Exchsrvr\Mailroot folder was listed as an exclusion. Any other folders I should include in the exclusions? I'm not sure how to check in Antigen for Exchange but I'll keep trying.

I'm getting a lot of "Could not scan <number> files inside <path to file> due to extraction errors encountered by the Decomposer Engines." from within SAV. Could this be related?

There are plenty of files/folders that need to be excluded from AV programs.

Review these articles to assist you:
http://support.microsoft.com/kb/823166
http://www.sbsfaq.com/Lists/FAQs/DispForm.aspx?ID=137

Jeff
TechSoEasy

I implemented the exclusion suggested in the articles Jeff and restarted the server for good measure. I noticed the queues emptied out but the messages were not received and a I didn't get a NDR for the messages with attachments I sent. Where did they go?

Hopefully after you configured the exclusions, your decomposer errors stopped.

As for where the messages went?  You'll need to look in the Message Tracking Center to find out.  If you don't have Message Tracking enabled, then you should enable it, but that won't help for the ones that are already gone.

Jeff
TechSoEasy

An interesting development:
I did a few tests and found the following:
1. Sent email (no attchmt) to the domain and cc'd my gmail acc. Emails went thru instantaneously.
2. Sent email (64kb attchmt) to same recipients. Email went through instantaneously.
3. Repeated test with 112kb, 352kb and 820kb. Emails went through.
4. Repeated test with 1.8mb attachment. Nothing came thru and no email showed up in queues. No NDRs were generated either.

I checked the outbound filters and they looked fine (5120kb both ways).  Could it be the ISP?

Could be... it could also be your AV balking.  I'd check to make sure that there aren't any specific filters in that which could be causing the problem.  Usually, 1.8mb isn't beyond size limits for ISP's.

Jeff
TechSoEasy

Have you got message tracking enabled?
If not, enable it. That will show what Exchange does with the message. If it was enabled, then track the messages. That will show if the message was delivered to another host - if it was then it is not a problem with your Exchange server.

Simon.

--
If your question has been answered, pleased remember to accept the answer and close the question.

Oh yeah, that too, which I mentioned above.

Jeff
TechSoEasy

Message tracking was on. I sent an email to our HQ domain via our secure connector (the one experiencing issues) and cc'ed my gmail acc. I found it in message tracking and the only 2 entries there are shown below:

10/5/2007 8:13 AM  SMTP: Started Outbound Transfer of Message
10/5/2007 10:00 AM Message transferred to mx.google.com through SMTP

That's all the message history displays, no sign of any mail being processed to our HQ domain. Another  email sent to HQ (and cc'ed to gmail) with a smaller attachment (352Kb) had the following message history: (Note: no mention of gmail in the message history)

10/5/2007 7:46 PM SMTP Store Driver: Message Submitted from Store
10/5/2007 7:46 PM SMTP: Message Submitted to Advanced Queuing
10/5/2007 7:46 PM SMTP: Started Message Submission to Advanced Queue
10/5/2007 7:46 PM SMTP: Message Submitted to Categorizer
10/5/2007 7:46 PM SMTP: Message Categorized and Queued for Routing
10/5/2007 7:46 PM SMTP: Started Outbound Transfer of Message
10/5/2007 7:52 PM SMTP: Message transferred to hqmx.hqdomain.xxx through SMTP

What is going on here?

Well, wait a minute... where in all of your description of this issue did you ever mention that you have more than one SMTP Connector configured on your server?

I guess the first thing to ask is for you to confirm that this is in fact a Small Business Server.

Then, how did you create this second SMTP Connector?  What settings did you give it?  

Jeff
TechSoEasy

Sorry for the confusion Jeff. I am running a SBS. I have 2 connectors set up; one is the Internet Mail SMTP Connector and the other one is the HQ Secure Connector which is set up to send mail from my server to HQ with TLS encryption. Those are the only 2 connectors.

If you've set those up, then you couldn't possibly have completed running the Configure Email and Internet Connection Wizard (CEICW -- linked as "Connect to the Internet on the To-Do list in the Server Management Console) successfully.

The CEICW is critical to your SBS being configured properly for Exchange, IIS, RRAS, DNS, DHCP and general network connectivity.

I'm not saying that you cannot customize things after getting things set up, but you need to configure the SBS in the manner in which it was designed FIRST.  Otherwise there is no easy way to find out what the problems are.

If you then want to enable TLS, you should probably follow the steps outlined in http://support.microsoft.com/kb/324285

Delete both SMTP Connectors and run the CEICW to get things configured to the default settings so you know where you are starting from.

Jeff
TechSoEasy

I appreciate the advice but I am not willing to delete the connectors and run the wizard at this stage because at one stage everything was working fine and now it's not. FYI, my server is part of a global server network which is supposed to have the same configurations in all of our 60+ offices. I agree with your assessment that the wizard should have been used in the beginning (and actually it may have been) but I don't know for sure as my server was ghosted with our agency's standard server image and not set up from scratch.

Well, SBS is definitely not supported in the role of a branch office server as you're using it.  

I'm sorry, but I really can't help you further at this point.

Jeff
TechSoEasy

No problem Jeff, thanks for your help so far. Our offices are not really "branch offices" but true stand alone SBS servers with the exception that mail going between HQ and our office is encrypted with TLS. All mail going elsewhere is not encrypted.

Actually, you may want to review our conversation in this question:  http:Q_22885943.html

Jeff
TechSoEasy

New discovery today:
From the server application log and from the server performance report too. Maybe it's realed to all our issues:
---------------------
Source                                          Event ID          Last Occurrence      Total Occurrences
MSExchangeIS Mailbox Store        9690           10/15/2007 5:00 AM          1
Exchange store 'First Storage Group\Mailbox Store (SERVER)': The logical size of this database (the logical size equals the physical size of the .edb file and the .stm file minus the logical free space in each) is 18 GB. This database size has exceeded the size limit of 18 GB. This database will be dismounted immediately. For more information, click http://www.microsoft.com/contentredirect.asp.
---------------------

I did some digging and sure enough my priv1.edb and priv1.stm files combine to exceed 18gb. Could this be related to my attachment issue? Should I try to have my users start archiving like crazy or increase the store limit to something like 50gb via a registry addition?

Well, of course it can be related to the attachment issue... because SENT attachments are stored in your Exchange database.  Archiving won't necessarily fix the problem right away because of Deleted Item Recovery.

You need to increase the size limit of your Exchange DB, but I think 50GB is a bit large, unless you're prepared to backup that size database each night.  Start with something like 28GB and then also implement a better archiving policy.

Jeff
TechSoEasy

I increased the limits to 30gb, restarted the information store service (and restarted the server for good measure) but the issue remains. Attachments under 2mb go through fine but anything over 2mb gets transferred successfully (according to message tracking) but is never received.

I've asked the exchange admin on the receiving server to see if his spam firewall (Baraccuda) is blocking messages from my server for messages >2mb.

New discovery:
When TLS encryption is turned off, all messages go through. With it on, only the large ones don't make it through. I have replaced the certificates on both ends but it didn't make a difference. Our HQ exchange admin tells me that messages from my server reach the HQ Baraccuda but at some point in the transmission of a message, the sending server is failing to reply to a TCP ACK from the Barracuda. The Barracuda retries the ACK eight times, and then DROPS the connection.

All of my tests seem to point to my slow upload speed to the INternet as the cause of the problems. The speed tests I ran yesterday indicate that on average, I have 480+ kpbs download and 15 kpbs upload. I doubt running a mail server off of a 15kpbs upload connection is a good idea. I've spoken to my ISP about this and they claim that they are providing me with more upload speed than that and tell me that the tools I used are not reporting accurate information. Either way, I see what I see. I'll talk to my ISP about increasing the upload speeds and see if that makes a difference.

What do you get when testing at www.speedtest.net?

Jeff
TechSoEasy