[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

SBS 2003 Exchange server holding all mail

Posted on 2009-05-01
20
Medium Priority
?
622 Views
Last Modified: 2013-02-26
I have a SBS 2003 server that I hate. This thing is a real piece of crap.

I have it all setup to for e-mail/exchange services. I have the right DNS settings. I have a MX record setting. I was previously running this client's email on a really nice Linux based Zimbra server with no issues. The client wanted his mail moved in house. I moved it in house. Now I'm having a migraine.

The Exchange server is holding all mail up. It is sitting in the outgoing mail queues and I don't know why. I do not know anything about Exchange. The client is getting NDR's and handing me my ass. He has a business to run and the mail is not flowing.

So, I need a little help. I have no need to use the SBS POP3 connector. All mail comes here and leaves here. The client owns the domain name. I have looked in the queues. I am holding mail up for everybody: Hotmail, yahoo, etc.. I can telnet from the server to the hotmail mail servers just fine so I know its not a connectivity issue. Its just sitting there. I can select force connection, but it does nothing. With Linux I could figure it out with logs. The logs for this thing are a joke.

The only thing I did was add another port to the SMTP Virtual server. The client has Comcast at home. Comcast is blocking all port 25 traffic from his connection. I have setup an alternate port (2525) in the SMTP server settings. I left the default port 25 there and added the extra.

Can someone help me with this? I'm really hating exchange right now.


0
Comment
Question by:icepick94
  • 10
  • 8
  • 2
20 Comments
 
LVL 65

Expert Comment

by:Mestha
ID: 24281156
When the messages are in the queues, it will give you a reason code. I suspect it might have something to do with that additional port you put in. Remove that.
Did you run the Configure Internet and Email wizard to setup the server?

Was the additional port so that the user could send email from home? If so, then may as well configure them to use the SMTP server of their ISP. It makes no difference. The sent item will not be stored in the mailbox. If you want the mail to be stored in their mailbox in the office then you need to use Outlook over the Internet - that is enabled in the same wizard as above and setup instructions are in the Remote Web Workplace site.

Simon.
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 24281205
You need to make sure that port 25 outgoing on the router is not blocked for some reason.  It's possible that someone blocked this on the router at some point in the past (possibly as a spam preventive measure). I would remove the additional port, since it is not doing anything at this point anyway.
Also, in the properties of the SMTP virtual server, go to the Delivery tab/Advanced button and make sure that there is not a smart host or external DNS servers set up. If there is an SMTP connector set up (under Connectors in the Exchange System Manager) also make sure that it is not set to use an external host. If it is, there may be a problem connecting and/or authenticating to that host.  You can at least temporarily disable the SMTP connector and test outoing email without it.  Using an SMTP connector on SBS is not strictly necessary, although it is the standard configuration.
Is the incoming mail working?  
In terms of logging, you need to enable SMTP logging in the properties of the virtual server as well - this is on the General tab.  Once you do this, you will be able to check the SMTP logs, which will give you a very clear picture of exactly what's going on with the SMTP gateway.
0
 

Author Comment

by:icepick94
ID: 24281413
Incoming mail is working just fine.
The first thing I did was remove the alternate port config. No difference.

I checked the SMTP Virtual server - Delivery Tab - Advanced. I do not have a smart host set there. I did have a DNS server set there but it was the local DNS server (192.168.0.5). I removed it to see what happens.

Here is an example of the log:
#Software: Microsoft Internet Information Services 6.0
#Version: 1.0
#Date: 2009-04-29 12:45:39
#Fields: date time c-ip cs-username s-sitename s-computername s-ip s-port cs-method sc-status cs-version cs-host
2009-04-29 12:45:39 65.55.37.104 OutboundConnectionCommand SMTPSVC1 SERVER - 25 EHLO 0 SMTP -
2009-04-29 12:45:39 65.55.37.104 OutboundConnectionResponse SMTPSVC1 SERVER - 25 - 0 SMTP -
2009-04-29 12:45:39 65.55.37.104 OutboundConnectionCommand SMTPSVC1 SERVER - 25 MAIL 0 SMTP -
2009-04-29 12:45:39 65.55.37.104 OutboundConnectionResponse SMTPSVC1 SERVER - 25 - 0 SMTP -
2009-04-29 12:45:39 65.55.37.104 OutboundConnectionCommand SMTPSVC1 SERVER - 25 RCPT 0 SMTP -
2009-04-29 12:45:39 65.55.37.104 OutboundConnectionResponse SMTPSVC1 SERVER - 25 - 0 SMTP -
2009-04-29 12:45:39 65.55.37.104 OutboundConnectionCommand SMTPSVC1 SERVER - 25 BDAT 0 SMTP -
2009-04-29 12:46:43 65.55.37.120 OutboundConnectionResponse SMTPSVC1 SERVER - 25 - 0 SMTP -
2009-04-29 12:46:43 65.55.37.120 OutboundConnectionCommand SMTPSVC1 SERVER - 25 EHLO 0 SMTP -
2009-04-29 12:46:43 65.55.37.120 OutboundConnectionResponse SMTPSVC1 SERVER - 25 - 0 SMTP -
2009-04-29 12:46:43 65.55.37.120 OutboundConnectionCommand SMTPSVC1 SERVER - 25 MAIL 0 SMTP -
2009-04-29 12:46:43 65.55.37.120 OutboundConnectionResponse SMTPSVC1 SERVER - 25 - 0 SMTP -
2009-04-29 12:46:43 65.55.37.120 OutboundConnectionCommand SMTPSVC1 SERVER - 25 RCPT 0 SMTP -
2009-04-29 12:46:43 65.55.37.120 OutboundConnectionResponse SMTPSVC1 SERVER - 25 - 0 SMTP -
2009-04-29 12:46:43 65.55.37.120 OutboundConnectionCommand SMTPSVC1 SERVER - 25 BDAT 0 SMTP -
2009-04-29 12:47:17 166.135.160.2 [10.13.252.139] SMTPSVC1 SERVER 192.168.1.5 0 EHLO 250 SMTP -
2009-04-29 12:47:17 166.135.160.2 [10.13.252.139] SMTPSVC1 SERVER 192.168.1.5 0 STARTTLS 220 SMTP -
2009-04-29 12:47:17 166.135.160.2 [10.13.252.139] SMTPSVC1 SERVER 192.168.1.5 0 STARTTLS 220 SMTP -
2009-04-29 12:47:20 166.135.160.2 [10.13.252.139] SMTPSVC1 SERVER 192.168.1.5 0 EHLO 250 SMTP -
2009-04-29 12:47:27 166.135.160.2 [10.13.252.139] SMTPSVC1 SERVER 192.168.1.5 0 QUIT 240 SMTP -
2009-04-29 12:47:29 67.220.166.158 [192.168.25.184] SMTPSVC1 SERVER 192.168.1.5 0 EHLO 250 SMTP -
2009-04-29 12:47:29 67.220.166.158 [192.168.25.184] SMTPSVC1 SERVER 192.168.1.5 0 STARTTLS 220 SMTP -
2009-04-29 12:47:29 67.220.166.158 [192.168.25.184] SMTPSVC1 SERVER 192.168.1.5 0 STARTTLS 220 SMTP -
2009-04-29 12:47:29 67.220.166.158 [192.168.25.184] SMTPSVC1 SERVER 192.168.1.5 0 EHLO 250 SMTP -
2009-04-29 12:47:35 67.220.166.158 [192.168.25.184] SMTPSVC1 SERVER 192.168.1.5 0 QUIT 240 SMTP -

That is the whole log. About 40 pages of that with different times and IP addresses. This is not a clear picture. What is this? This doesn't tell me much about the SMTP server does it?

I really appreciate the help. I'm a bit aggravated and frustrated. I'm running blind here because Exchange is not giving me the level of logging I'm used to in Linux. I cannot see what is going on. All I can do is click the nice little GUI buttons and hope that Exchange is doing the right thing.



0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 
LVL 65

Expert Comment

by:Mestha
ID: 24281709
"STARTTLS". That would cause a problem.
Have you attempted to enable something on the SMTP connector or the SMTP virtual server to use TLS or SSL? If so that will stop email from flowing for most sites.

What is between Exchange and the internet? A firewall of some kind? Any SMTP scanning functionality on that?

The SMTP logging can be changed on the properties of the SMTP virtual server in ESM.

Simon.
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 24281807
Just agreeing with Simon - it looks like you have your system set up to use TLS or SSL. The reason you're seeing that lack of detail in your logs is because your email isn't going anywhere.
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 24281878
What you should be seeing in your logs is something more like this. I've changed all relevant IP address and domain name information. Also, I have my logs set to use NSA format, which I personally think is a bit easier to read, instead of the default:
987.654.321.1 - OutboundConnectionResponse [01/May/2009:09:35:17 -0500] "- -?220 mail.recipientdomain.com Microsoft ESMTP MAIL Service, Version: 6.0.3790.3959 ready at  Fri, 1 May 2009 09:35:17 -0400  SMTP" 0 125
987.654.321.1 - OutboundConnectionCommand [01/May/2009:09:35:17 -0500] "EHLO -?myserver.mydomain.com SMTP" 0 4
987.654.321.1 - OutboundConnectionResponse [01/May/2009:09:35:17 -0500] "- -?250-mail.recipientdomain.com Hello [123.456.789.1] SMTP" 0 53
987.654.321.1 - OutboundConnectionCommand [01/May/2009:09:35:17 -0500] "MAIL -?FROM:<me@mydomain.com> SMTP" 0 4
987.654.321.1 - OutboundConnectionResponse [01/May/2009:09:35:17 -0500] "- -?250 2.1.0 me@mydomain.com....Sender OK SMTP" 0 48
987.654.321.1 - OutboundConnectionCommand [01/May/2009:09:35:17 -0500] "RCPT -?TO:<recipient@recipientdomain.com> SMTP" 0 4
987.654.321.1 - OutboundConnectionResponse [01/May/2009:09:35:17 -0500] "- -?250 2.1.5 recipient@recipientdomain.com  SMTP" 0 40
987.654.321.1 - OutboundConnectionCommand [01/May/2009:09:35:17 -0500] "XEXCH50 -?2516 2 SMTP" 0 7
0
 

Author Comment

by:icepick94
ID: 24281927
I have checked the SMTP Virtual server. I do have a certificate generated for the SMTP virtual server. I have checked the Access/Authentication area and TLS is not checked. I have also checked the Secure CommunicationCommunicaton area and the box is not checked for "require secure channel".

I have checked the SmallBusiness SMTP connector properties. I have checked the Advanced/Outbound security and the TLS encryption box is not checked.

Where else would I check this?

0
 

Author Comment

by:icepick94
ID: 24282002
Should the SMTP Virtual server be set to an IP or can I leave it "all unassigned"?

Maybe what I'm missing is some basic config options. I ran the ceicw wizard. I read that this will setup everything in a basic fashion. I'm not doing much with this server. I'm only servicing one domain and all the basic config options should  work for me. I did enable the IMF on it for  spam control.



0
 

Author Comment

by:icepick94
ID: 24282061
The SBS server is multi-homed. The only firewall is the built in one and I have all the ports that need to be open, open on it.
I do have a basic router/nat device connecting the server to the internet. All ports are forwarded on this as well. I couldn't get Comcast to turn NAT off on their modem so I'm double nat'ed. But all relevant ports are open. I can also connect via telnet to port 25 of all of the servers that the mail is queued for from the SBS server. Its not a connection problem. I have verified connectivity. I am recieving mail just fine.





0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 24282261
This is not something that would normally happen, but if you go into the ESM, expand down to the Server name and then click on the Queues object.  There is a button in this view that says "Disable Outbound Mail." Or, if you have it disabled, it says "Enable Outbound Mail."  Just in case, check here to be sure outbound mail is not disabled.
0
 

Author Comment

by:icepick94
ID: 24282335
Outbound mail is not disabled.
What services would I stop/start to restart the exchange server without rebooting the whole server?

Any more ideas? I'm stumped on this one.

Thanks!
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 24282517
You could try restarting the SMTP service. If you run it from the Services console and it hangs, then open a command prompt and run IISRESET. The other Exchange services would not need to be restarted.
Another question that could be silly, but I'm grasping at straws here - Can you browse the Internet from this server? Are you seeing any issues with DNS resolution, either internally or externally? Are both your NICs (internal and external) pointing to the internal DNS server for name resolution?
Also, on the NDRs that your users are getting, is there a reason code?  This would be the numerical code - something like 5.5.0, etc.
Another question - when you say you have a certificate generated for the SMTP server - what exactly do you mean by this? Are you referring to an SSL certificate that is installed on the SBS default web site? This would not affect the SMTP virtual server, but I'm just trying to be sure about this.
0
 

Author Comment

by:icepick94
ID: 24282721
I can browse the internet just fine. DNS resolution seems to be working just fine. I can resolve from the command prompt as well as in IE.

In the SMTP Virutal server/Acces/Secure Communcation tab there is an option to use a cert with this sever. I just told it to use the same cert that was created on the SBS Server when it was installed. I did not generate a new cert.


I restarted the server and all the mail in the queues went out. Now, its backing up again. Weird. I am really stumped on this one.

This is the NDR message. It does not really tell me anything:
This is an automatically generated Delivery Status Notification.

THIS IS A WARNING MESSAGE ONLY.

YOU DO NOT NEED TO RESEND YOUR MESSAGE.

Delivery to the following recipients has been delayed.
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 24282751
Remove the certificate from the SMTP virtual server. You don't need it and it shouldn't be applied to the SMTP virtual server. Then restart the SMTP service and see what happens.
What you posted is a delivery delay message, not an NDR.  The NDR only gets generated after the retry period on the message has expired and the server has stopped trying to deliver it.  That usually takes a couple of days.
0
 

Author Comment

by:icepick94
ID: 24284530
Rebooted the server. Now all the mail is out of the queues. Go figure! The only message that is not being delivered is one that I cannot connect to the delivery server.

I'm gonna leave this queston open for a few days! This is not making me feel all fuzzy inside. I'm sure that this problem will come up again..

Thanks for the help so far!
0
 

Author Comment

by:icepick94
ID: 24299786
Ok. I am back to the server holding all the mail in the queues. If I reboot the server, it will send out the mail. What the hell?

What am I missing with this server. Any ideas?


0
 
LVL 38

Accepted Solution

by:
Hypercat (Deb) earned 2000 total points
ID: 24304671
Is there an SMTP connector set up on this server? If so, look at the properties of that connector, on the Delivery Options tab and make sure it is set to "Always run".  Also in the properties of the SMTP virtual server, on the General tab, change the logging format "NCSA common log file format." Then compare your log against my example above.  Is your server even sending a header greeting (i.e., "EHLO -?myserver.mydomain.com SMTP")?
You said that you can connect via telnet to port 25 on external email server(s). Have you actually tested sending an email that way?  It doesn't seem to be a connection problem, but a problem of what information (or lack thereof) is being sent by your server after the initial connection.
0
 

Author Comment

by:icepick94
ID: 24307292
I did send test messages via telnet to port 25. It worked just fine.


I think I found the solution. It is a known problem with Exchange 2003 SP2. Here is the link:
http://support.microsoft.com/kb/950757. It has something to do with mismatched time stamps.

I ran the hotfix and the mail seems to be flowing. It is not getting hung up in the queues anymore.

I'm keeping my fingers crossed.
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 24307544
Sounds good - we didn't get any event error information from you - probably something we should have checked earlier.  Hope that fix does the trick!
0
 

Author Comment

by:icepick94
ID: 24311459
Looks like it did the trick! This error would not have shown up in the event logs. I had to actually download the mfcmapi.exe application and look at the actual mail files in the store. It was a pain in the butt!

All this because I installed SP2. I wish MS would make a stable product!

Thanks a million guys!!!
0

Featured Post

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If something goes wrong with Exchange, your IT resources are in trouble.All Exchange server migration processes are not designed to be identical and though migrating email from on-premises Exchange mailbox to Cloud’s Office 365 is relatively simple…
In this post, I will showcase the steps for how to create groups in Office 365. Office 365 groups allow for ease of flexibility and collaboration between staff members.
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…
Suggested Courses

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question