Exchange 2003 Problem

We have changed the time on all our servers yesterday

I don't believe this has caused the problem but I thought I should mention it just incase it has

Now we are seeing all our exchange servers going from available to unavailable constantly

The message queues don't seem to be going down and when I do a telnet test it just tells me its been queued - is there a way I can test the link either through exchange or telnet or something else?

Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

24playAuthor Commented:
Bit more info

We use SMTP and as a result we have always had off IMAP and POP3 services

I shouldn't say all other exchange servers but its a good amount that are doing this and the messages go from their original servers to 'messages with an unreachable destination'
see if  you  run "Gpupdate/force" on all servers will solve the problem to you or not
24playAuthor Commented:
I've just telnet into another server thats unavailable and sent an e-mail and its told me its queued as well
Active Protection takes the fight to cryptojacking

While there were several headline-grabbing ransomware attacks during in 2017, another big threat started appearing at the same time that didn’t get the same coverage – illicit cryptomining.

24playAuthor Commented:
ok will try that now
it might be the timing sycn  is not updated  yet so there is drop from  just do  first the  gpupdate/force on servers if there  is no success then we will look up in another solutions
Hi 24play,

What are the errors in the event viewers of the exchange servers?

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
if the  gpupdate failed  run on a  server that says it is unavailable
24playAuthor Commented:
the timing was done yesterday and the clocks are all the same but I will force the update on all incase

Jo I will have to remote onto one to check - its all via satellite to each one so its slow going will post when I have the details
Cool. Let me know.
24playAuthor Commented:

Is there any particular part you want? Application/system/replication etc?
Hhhhmmm... Application and system should be sufficient.
24playAuthor Commented:
This is from 1 going from available to not available

All exchange servers communicate to the main one where I am located (its in the next room) unless its to an external source then they go straight out via their own satellites or its local to them.


Process MAD.EXE (PID=3736). The Domain Controller xxxxx.local is running (Unknown Operating System) (Unknown Service Pack). DSAccess requires that  Domain Controllers that run Windows 2000 have at least Service Pack 3 installed.

Process MAD.EXE (PID=3736). Exchange Server xxxxx.local does not have Audit Security Privilege on  Domain Controller xxxxx.local. This Domain Controller will not be used by DSAccess.

tcpsvcs (2704) The backup has been stopped because it was halted by the client or the connection with the client failed.

Security policy in the Group policy objects has been applied successfully.

The Group Policy client-side extension Folder Redirection failed to execute. Please look for any errors reported earlier by that extension.

The Unsolicited Commercial Email default filter level has been updated. The new value is 5.


The WinHTTP Web Proxy Auto-Discovery Service suspended operation.

The WinHTTP Web Proxy Auto-Discovery Service has been idle for 15 minutes, it will be shut down.

The WinHTTP Web Proxy Auto-Discovery Service suspended operation.

The DHCP service encountered the following error while cleaning  up the database:
An error occurred while accessing the DHCP database. Look at the
DHCP server event log for more information on this error.

The DHCP service encountered the following error when  backing up the database:
An error occurred while accessing the DHCP database. Look at the
DHCP server event log for more information on this error.

The following problem occurred with the Jet database -1032:  Jet database read or write operations failed. If the computer  or database has just been upgraded, then this message can be  safely ignored. If this message appears frequently, either there  is not enough disk space to complete the operation or the database  or backup database may be corrupt.  To correct this problem,  either free additional space on your hard disk or restore the  database. After you restore the database, ensure that conflict  detection is enabled in DHCP server properties. For information  about restoring the database, see Help and Support Center.  Additional Debug Information: JetBackup.
24playAuthor Commented:
I'm going to post the ones from our exchange here

as it seems the mail gets to us but then refuses to be sent out
24playAuthor Commented:
An error occurred while Microsoft Exchange Intelligent Message Filter attempted to filter a message with ID  <8D872BCB3A1EF4408FD0C9D4546425D97C6030@xxxxx.local>, P1 From and Subject  FW: xxxxxxxxxx 4. This message will not be filtered. The error code is 0x800710f0.

This is from our exchange server that is the portal for all mail bar external and local to the other exchanges

Process INETINFO.EXE (PID=1908). The Domain Controller xxxxxxxh.xxxxxxxxq.local is running (Unknown Operating System) (Unknown Service Pack). DSAccess requires that  Domain Controllers that run Windows 2000 have at least Service Pack 3 installed.

Process INETINFO.EXE (PID=1908). Exchange Server xxxxxx.xxxxx.local does not have Audit Security Privilege on  Domain Controller xxxxxxxx.xxxxxxxxxxx.local. This Domain Controller will not be used by DSAccess.

An error occurred while Microsoft Exchange Intelligent Message Filter attempted to filter a message with ID <xxxxxxxxxxxQ03O3jVfX3u00000005@xxxxxxxxx.xxxxxxxxxx.local>, P1 From and Subject  . This message will not be filtered. The error code is 0x800710f0.

An error occurred while Microsoft Exchange Intelligent Message Filter attempted to filter a message with ID  <BLU111-W132BC27D1F82BE96AB8920CA170@xxxxxx>, P1 From and Subject  FW: xxxxxxxxxxxxx..... This message will not be filtered. The error code is 0x800710f0.
Hhhhmmm... Exchange 2003 on server 2000? Wonder why it will moan about service packs. Yeah, post it so we can have a look at it...
Ok... says the filtering issue can be ignored safely...

Have a look at :
24playAuthor Commented:
will have a read through now

despite that moan from the event viewer with the 2000 ref - all machines are 2003 server
24playAuthor Commented:
I can't find policytest.exe on either the exchange 2003 disk or the exchange machine

am I blind or just stupid? I've searched like crazy
Support\Utils\i386 folder on the Exchange CD-ROM
24playAuthor Commented:
i don't have the utils folder on the

MS Exchange 2003 Server Standard

24playAuthor Commented:
my word this is making me go nuts !

It might be under the Support\ExDeploy folder.
24playAuthor Commented:
oh man Jo I love you lol

I'm on stage 3

this is a *&**

Nearly fell off of my chair there!

It might take a little while and I'm leaving the office in the next 5  minutes.

Let me know and I'll check it in the morning.
24playAuthor Commented:
oh man trying to find setup/ domainprep

you should do overtime tonight! lol
24playAuthor Commented:
ok, bit of an update

one of the IT guys here took our spare exchange server that can be used for the out bound and then added it to each of the remote exchange servers as a remote bridgehead along with the normal one

this has enabled all remotes to come back to 'available again'

but still the mail is NOT leaving

the secondary master we put as the other bridgehead is taking on board no mail just for info
Hhhhmmm... Do your Exchange servers use a forwarder?
24playAuthor Commented:

I found this

but not a great person with DNS records

its also been 5 years give or take since I've done this job and this has been one hell of a learning curve for day 2!

So please try and dumb it down for me :D
24playAuthor Commented:
in my logging I see this if it helps

2008-11-14 09:00:03 SMTPSVC1 xxxxxxxxx03 0 MAIL - +FROM:<> 250 0 48 45 0 SMTP - - - -
2008-11-14 09:00:03 SMTPSVC1 xxxxxxxxxxxx03 0 RCPT - +TO:<> 250 0 34 31 0 SMTP - - - -
2008-11-14 09:00:03 SMTPSVC1 xxx03 10.x.x.x 0 QUIT - 240 47 0 4 0 SMTP - - - -

2008-11-14 09:00:13 OutboundConnectionResponse SMTPSVC1 xxxxxxxxQ03 - 25 - - 220+xxxxxxxxxxx-xxxxxxxxxxxx.xxxxxxxxxxxxx.local+Microsoft+ESMTP+MAIL+Service,+Version:+6.0.3790.3959+ready+at++Fri,+14+Nov+2008+12:00:12++0300+ 0 0 128 0 3250 SMTP - - - -
2008-11-14 09:00:13 OutboundConnectionCommand SMTPSVC1 xxxxxxxxxxxx - 25 EHLO - xxxxxxxxxxxxx03.xxxxxxxxxxxxxxxx.local 0 0 4 0 3250 SMTP - - - -
2008-11-14 09:00:13 OutboundConnectionResponse SMTPSVC1 xxxxxxxxxxxxxxxx03 - 25 - - 220+xxxxxxx-xxxxxxxxxxxx.xxxxxxxxxxxxxx.local+Microsoft+ESMTP+MAIL+Service,+Version:+6.0.3790.3959+ready+at++Fri,+14+Nov+2008+12:00:12++0300+ 0 0 128 0 3328 SMTP - - - -
2008-11-14 09:00:13 OutboundConnectionCommand SMTPSVC1 xxxxxxxxxxx03 - 25 EHLO - xxxxxxxxxxx.xxxxxxxxxxxxxxx.local 0 0 4 0 3328 SMTP - - - -
2008-11-14 09:00:13 OutboundConnectionResponse SMTPSVC1 xxxxxxxxxxxxxx - 25 - - 220+xxxxxxxxx-xxxxxxxxxxx.xxxxxxxxxxxx.local+Microsoft+ESMTP+MAIL+Service,+Version:+6.0.3790.3959+ready+at++Fri,+14+Nov+2008+12:00:12++0300+ 0 0 128 0 3328 SMTP - - - -
2008-11-14 09:00:13 OutboundConnectionCommand SMTPSVC1 xxxxxxxxxxxxxx03 - 25 EHLO - xxxxxxxxxxx03.xxxxxxxxxxxxxxx.local 0 0 4 0 3328 SMTP - - - -
2008-11-14 09:00:14 OutboundConnectionResponse SMTPSVC1 xxxxxxxxxxxx03 - 25 - - 250-SRROC-xxxxxxxx.xxxxxxxxxxxx.local+Hello+[] 0 0 51 0 5047 SMTP - - - -
2008-11-14 09:00:14 OutboundConnectionResponse SMTPSVC1 xxxxxxxxxx03 - 25 - - 250-SRROC-xxxxxxxxxx.xxxxxxxxx.local+Hello+[] 0 0 51 0 5156 SMTP - - - -
2008-11-14 09:00:14 OutboundConnectionResponse SMTPSVC1 xxxxxxxxxx03 - 25 - - 250-SRROC-xxxxxxxxxx.xxxxxxx.local+Hello+[] 0 0 51 0 5250 SMTP - - - -
24playAuthor Commented:
running netdiag on my DNS server I get

    Computer Name: xxxx
    DNS Host Name: xxxx.xxxxx.local
    System info : Microsoft Windows Server 2003 R2 (Build 3790)
    Processor : x86 Family 6 Model 15 Stepping 11, GenuineIntel
    List of installed hotfixes :

Netcard queries test . . . . . . . : Passed

Per interface results:

    Adapter : Local Area Connection 3

        Netcard queries test . . . : Passed

        Host Name. . . . . . . . . : xxxx
        IP Address . . . . . . . . : xx.xx.xx.xx
        Subnet Mask. . . . . . . . :
        Default Gateway. . . . . . : xx.xx.xx.xx
        Primary WINS Server. . . . : x1.x1.x1.x1
        Dns Servers. . . . . . . . : x1.x1.x1.x1

        AutoConfiguration results. . . . . . : Passed

        Default gateway test . . . : Passed

        NetBT name test. . . . . . : Passed
        [WARNING] At least one of the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names is missing.

        WINS service test. . . . . : Passed

Global results:

Domain membership test . . . . . . : Passed

NetBT transports test. . . . . . . : Passed
    List of NetBt transports currently configured:
    1 NetBt transport currently configured.

Autonet address test . . . . . . . : Passed

IP loopback ping test. . . . . . . : Passed

Default gateway test . . . . . . . : Passed

NetBT name test. . . . . . . . . . : Passed
    [WARNING] You don't have a single interface with the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names defined.

Winsock test . . . . . . . . . . . : Passed

DNS test . . . . . . . . . . . . . : Passed
    PASS - All the DNS entries for DC are registered on DNS server 'xx.xx.x.x' and other DCs also have some of the names registered.
    [WARNING] The DNS entries for this DC are not registered correctly on DNS server 'xx.xx.xx.xx.xx' .Please wait for 30 minutes for DNS server replication.

Redir and Browser test . . . . . . : Passed
    List of NetBt transports currently bound to the Redir
    The redir is bound to 1 NetBt transport.

    List of NetBt transports currently bound to the browser
    The browser is bound to 1 NetBt transport.

DC discovery test. . . . . . . . . : Passed

DC list test . . . . . . . . . . . : Passed

Trust relationship test. . . . . . : Skipped

Kerberos test. . . . . . . . . . . : Passed

LDAP test. . . . . . . . . . . . . : Passed
    [WARNING] Failed to query SPN registration on DC 'xxxxxxxxx.xxxxxx.local'.

Bindings test. . . . . . . . . . . : Passed

WAN configuration test . . . . . . : Skipped
    No active remote access connections.

Modem diagnostics test . . . . . . : Passed

IP Security test . . . . . . . . . : Skipped

    Note: run "netsh ipsec dynamic show /?" for more detailed information

The command completed successfully
I've been reading through everything we have discussed so far...

1. Download and run Exchange Analyzer:

2. Test if you have an Internet connection on the Exchange servers.

3. Check your DNS settings in the NIC properties.

4. Let me know!
24playAuthor Commented:

Further to this I have discovered something else

our out station exchanges can e-mail to my location no problem at all - if we try and reply it just queues

we can send e-mail internally here and out to e-mails like hotmail etc and rx

we can also send from an external like hotmail and get a reply

But if the out stations send from their external, it comes back from the satellite to our exchange and queues

so nothing from the exchange in my location which everyone routes to - will send out to the outstation exchanges but we can get stuff in from them

I ran that tool last night - will run again on my exchange here

I must have a connection as we can rc but not transmit to the out station - poss routing groups?

Every outstation runs on its on VSAT

24playAuthor Commented:
analyzer run on the exchange server here - no critical errors just informational items about it finding the others in the directory

Tell me if I'm wrong:

All "sub" branches send mail via the main exchange?
You can send and receive to all domain ok.
Only the "subs" cannot send mail, it gets queued?
24playAuthor Commented:
sub branches can send mail to me the main branch and to users that are local to me

I can send to my local users connected to my exchange on my LAN

sub branches can mail within their LANS

me - the main branch can not e-mail the sub branches the e-mails that are out bound to them are sat in their routing group connectors in my exchange system manager Queue drop down under my exchange

So basically there must ne something wrong with the connector, cause that is the real issue? Sorry, I've been misreading the whole situation!
24playAuthor Commented:
has to be

how do I trouble shoot it though?
Use winroute to check the status of your connectors:

I hope THIS helps! Sorry for reading like an @$$!!!
24playAuthor Commented:
hehe no problem

another tool to learn WHOOOO!
24playAuthor Commented:
the local bridehead servers has connection not available to my master exchange from all the sub branches

this is all I have spotted so far
Hhhhmmm... Let it complete and let's see what it says...
24playAuthor Commented:
thats only from my exchange though to all the others

all the others say they can see mine fine
Ok... Now, when it's done, I would suggest making THOROUGH note of one of these connectors. Right click on a connector, click properties. See if you can use the Forward all mail through this connector to the following smart hosts and select the IP address of your main exchange server.

If you can get the queues empty, you can delete the connector and recreate it...
24playAuthor Commented:
hmm apologies

what do you mean by finished?

I fired it up and it listed the connectors

I can see that all the sub branches have connected to me fine via the bridgehead

yet when I check my connectors from the main exchange, it says my brighead connection to them has failed, siting my exchange as the one that has connection not available

whilst your pondering this I'll be gluing my hair back in ;)
24playAuthor Commented:
ok ref your above will do that now
Ok... So what does the General page look like on a connector?
24playAuthor Commented:
are you talking about through the winroute interface?

as I have tried to right click everything and anything but to no avail
LOL! Sorry, no you have to go through Exchange System Manager:

Administrative groups -> First storage group -> Routing Groups -> (Your_name) -> Connectors
24playAuthor Commented:
I've attached what I see on opening winrte

the bold numbers you can see in the list is my exchange
24playAuthor Commented:
Ok, I'm off... Have to go pic up my little girl from the day-mother. Hope you have a good weekend... I might be able to login sometime to check on your progress...
24playAuthor Commented:
once I goto that connectors page it just shows me all 18 of my connectors from my location to the sub branches
Right click on one of them...
24playAuthor Commented:
ok did that - reset the connectors (apologies for being a mong this is starting to kill brain cells lol)

I still have mail not moving

on a plus side after tinkering all my connectors out bound are now showing green
24playAuthor Commented:
ok this morning all my outbound bridgeheads are down again :(
24playAuthor Commented:
and up again

going to run some tools this morning for more tests
24playAuthor Commented:
ok so

connectors connectors connectors

I have the majority showing down - when I expand

main -> sub branch 1
main -> sub branch 2

etc it shows that the local bridghead (main) is conn not available

a few (2 or 3) show that they are up both in and out


sub branch -> main are up and green
24playAuthor Commented:
SMTPdiag gives me the following results when I use the command with my e-mail from main to an e-mail to a sub branch

at the bottom of the image where it says checking MX servers it is attempting to check the sub branch

where it says mail2 at the bottom that is our idirect box at the main branch

so is it not actually leaving my location at all is the question?

I chose this particular sub branch as it had both in and outbound bridgeheads as connection avail in winrte
24playAuthor Commented:
we're going to put a new exchange on the system and cross fingers and toes
cool i see  stmpdiag helped a bit, i hope also exchange analyzer helped a bit
24playAuthor Commented:
It ended up a DNS issue after all this trouble shooting

but on a plus side I have learnt a hell of alot and been shown some fantastic tools

we also spotted in the process that we were routing all the sub branches out bound e-mail to hotmail etc when they have the ability to send it themselves

3 days into the job - ooh so lucky

Jo - you've been a star throughout so thankyou for that

thankyou also sensored2008
Wow!!! You had a busy weekend!

Glad it's resolved and I could help a bit!

we  are all here to help and  learn from each  other, and so i am glad to help and to learn more about a  particluar  case  from Jowickerman
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2003

From novice to tech pro — start learning today.