Emails are getting delayed with the following response

lukeglazebrook
lukeglazebrook used Ask the Experts™
on
Hi I hope someone can assist me with this its much appreciated as always.  My users including myself are getting mail delivery delays and at this point I am not confident emails are arriving.  The mail server has been functioning flawlessly for months it’s a Exchange 2010 box, only I have access and I have changed nothing since.

Users are receiving the following delayed response ...

“From: postmaster@mydomain.homeip.net [postmaster@mydomain.homeip.net]
Sent: 21 January 2010 14:25
To: Simon Joiner (testuser@targetdomain.com)
Subject: Delivery delayed:
Delivery is delayed to these recipients or groups:
Simon Joiner (testuser@targetdomain.com) (testuser@targetdomain.com)
Subject:
This message hasn't been delivered yet. Delivery will continue to be attempted.
The server will keep trying to deliver this message for the next 1 days, 19 hours and 52 minutes. You'll be notified if the message can't be delivered by that time.


421 4. 4.2 Connection dropped due to connection”

In addition the MS Exchange qeue viewer within the management console shows the last error for these messeges being ....

"421 4. 4.2 Connection dropped due to connectionAborted"

Any idea's what typically causes this, or how to go about troubleshooting it within the management console?
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®

Author

Commented:
Should I try to Telnet to a sample domain as a test?

Commented:
I would start to run the the Best Practices Analyzer on the exchange server through exchange management console, how are your emails going out via a smart host or DNS? If DNS attempt to resolve the domain name from the exchange server or last point of exit from your network to make sure lookups are being performing correctly, also try the Microsoft Exchange Server Remote Connectivity Analyzer for outbound and inbound email:

https://www.testexchangeconnectivity.com/

Post back results the above should get you started

Commented:
I will take a look in the morning on the way to work if the above did not help you resolve the issue as its late here in London now unless its urgent and another expert can assist
Should you be charging more for IT Services?

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

Mark DamenERP System Manager

Commented:
Yep, try a telnet connection to another domain first.  Also, check your internet connection - is web browsing working at the expected speed, is there something saturating your connection?

Is this happening with all domains, or just some?  If you have the option, a short term measure could be to utilize your ISPs SMTP servers to relay mail so that you know it is going to get there.  Whilst you investigate the issues you are having.

To do this, create a new connector, provide the isp server (such as smtp.isp.com) as the server name, and then * for the address space to include everything.

Author

Commented:
I am routing email through smtp.mail2web.com as a smarthost, and using DNS lookup setting on the transport server.  

Mail2web have provided me with a exchange service for several years and I have always routed our email (5 users) via their SMTP server.  I will perform the tests and report back mate, thanks in advance.

Author

Commented:

Just to clarify guys I still need help with this one.  I am still on a regular basis getting emails that are failing to be delivered with error ….

"421 4. 4.2 Connection dropped due to connectionAborted"

I also see the emails simply sitting on the servers Exchange queue viewer sometimes they eventually go after a lengthy period (hours+) sometimes I cancel the transmission on the server.

-      I have tried several different send connectors, no one particular send connector seems more reliable than the other.
-      I have configured all the send connectors I have tried to use “External DNS lookup” so I am pretty sure this is not DNS related.
-      I can see no pattern with regards to the target domain they are being sent to, it can be any.
-      I have ensured that all the send connectors IP’s are not on blacklists.
-      I have checked the up time on the router and it’s been up for weeks, additionally I have noticed no other network related problems.
-      I have noticed that typically this happens far more often when there is an attachment on the email.

I have a best practice question, should I enable all the send connectors for the purposes of redundancy?

Commented:
Hello,

Either you have a smart host or use DNS on your send connectors, redundancy does not come into the question if you are using DNS then specify further DNS forwarders within DNS management or root hints.

Can you run the Exchange Best Practise Analyzer and run a few different tests start with Health etc and post results here please

Author

Commented:
Exchange Health Check ...

All Issues  
Domain: GLAZEBROOKRESID  
 
  Unrecognized Exchange signature Domain: GLAZEBROOKRESID
 Active Directory domain 'GLAZEBROOKRESID' has an unrecognized Exchange signature. Current DomainPrep version: 12639.
  Tell me more about this issue and how to resolve it.  
 
Organization: glazebrookresidence  
 
Admin Group: Exchange Administrative Group (FYDIBOHF23SPDLT)  
 
Server: WILDSRV  
 
  DNS 'Host' record appears to be missing Server: WILDSRV
 The 'Host' (A) record for server WILDSRV.glazebrookresidence.homeip.net cannot be retrieved from DNS server '90.207.238.99'. This can cause message routing delays and other service failures. Verify that the DNS server is online and that the 'Host' record is present.
  Tell me more about this issue and how to resolve it.  
 
  DNS 'Host' record appears to be missing Server: WILDSRV
 The 'Host' (A) record for server WILDSRV.glazebrookresidence.homeip.net cannot be retrieved from DNS server '90.207.238.97'. This can cause message routing delays and other service failures. Verify that the DNS server is online and that the 'Host' record is present.
  Tell me more about this issue and how to resolve it.  
 
  DNS 'Host' record appears to be missing Server: WILDSRV
 The 'Host' (A) record for server WILDSRV.glazebrookresidence.homeip.net cannot be retrieved from DNS server '192.168.0.1'. This can cause message routing delays and other service failures. Verify that the DNS server is online and that the 'Host' record is present.
  Tell me more about this issue and how to resolve it.  
 
  DNS 'Host' record appears to be missing Server: WILDSRV
 The 'Host' (A) record for server WILDSRV.glazebrookresidence.homeip.net cannot be retrieved from DNS server '90.207.238.97'. This can cause message routing delays and other service failures. Verify that the DNS server is online and that the 'Host' record is present.
  Tell me more about this issue and how to resolve it.  
 
  DNS 'Host' record appears to be missing Server: WILDSRV
 The 'Host' (A) record for server WILDSRV.glazebrookresidence.homeip.net cannot be retrieved from DNS server '90.207.238.99'. This can cause message routing delays and other service failures. Verify that the DNS server is online and that the 'Host' record is present.
  Tell me more about this issue and how to resolve it.  
 
  DNS 'Host' record appears to be missing Server: WILDSRV
 The 'Host' (A) record for server WILDSRV.glazebrookresidence.homeip.net cannot be retrieved from DNS server '208.67.220.220'. This can cause message routing delays and other service failures. Verify that the DNS server is online and that the 'Host' record is present.
  Tell me more about this issue and how to resolve it.  
 
  Multiple default gateways detected Server: WILDSRV
 More than one network interface on server WILDSRV.glazebrookresidence.homeip.net has a default IP gateway listed. Communication errors may occur if these network connections link to independent subnets.
  Tell me more about this issue and how to resolve it.  
 
  Network interface is enabled for DHCP Server: WILDSRV
 Network interface '[00000015] Microsoft Virtual Network Switch Adapter' is enabled for DHCP on server WILDSRV.glazebrookresidence.homeip.net. This is supported, but not recommended.
  Tell me more about this issue and how to resolve it.  
 
  Application log size Server: WILDSRV
 As a best practice, the size of the 'Application' log on server WILDSRV.glazebrookresidence.homeip.net should be increased. The current size is 20MB. For servers running Microsoft Exchange, a size of 40MB or more is recommended.
  Tell me more about this setting.  
 
  Exchange resident on global catalog server Server: WILDSRV
 Exchange server WILDSRV.glazebrookresidence.homeip.net is also a global catalog server. This is a supported configuration, but is not recommended.
  Tell me more about this setting.  
 

Author

Commented:
Connectivity

Informational Items  
: Active Directory Servers  
 
  Found Active Directory site Default-First-Site-Name in the directory. : Active Directory Servers
 Found Active Directory site Default-First-Site-Name in the directory.
 
  Found administrative group Exchange Administrative Group (FYDIBOHF23SPDLT) in the directory. :  
 Found administrative group Exchange Administrative Group (FYDIBOHF23SPDLT) in the directory.
 
Server: WILDSRV  
 
  Found Exchange Server WILDSRV in the directory. Server: WILDSRV
 Found Exchange Server WILDSRV in the directory.

Commented:
What is this: WILDSRV.glazebrookresidence.homeip.net?

Could you explain how this box is setup does it have 2 NICS 1 Public, 1 Private etc...Virtual?

How is DNS setup? With Forwarders or Root Hints? If so what roots hints / forwarders do you have setup?

Author

Commented:


- "WILDSRV.glazebrookresidence.homeip.net" is the actual server its self mate.

- There are three NICS in total, two real one virtual.  The NICS are nothing new and have been in place for some time, no config changes.

- From memory I used forwarders to OPENDNS free service...
https://store.opendns.com/setup/operatingsystem/windows-server-2003

I hope this help mate, I am sorry I am still learning.  

Commented:
That's ok could you verify if the domain name
above is an internal domain or external? Where is your exchnage server sitting? Inside your private network or in your dmz?

Also for forwarders use googles dns servers 8.8.8.8 and 8.8.4.4 could you confim the above so I can assist

Author

Commented:
Thanks for your help mate, I hope you are not finding my lack of knowledge too labouring.  Anyway in response to your question.

- Just so you have some background info I have been using successfully (for many years) a free no-ip service (http://www.dyndns.com) with MS Exchange.  

The domain I have with them is glazebrookresidence.homeip.net the router updates the IP to the provider ever few seconds and it works perfect, never had an issue in years.  Now in the past month I have noticed significant delays in email transmission, all with the error below...

"421 4. 4.2 Connection dropped due to connectionAborted"

In response to your question ...

"could you verify if the domain name
above is an internal domain or external?"

The answer is both sort of, when I first created my internal domain I gave it the same name as the external domain name provided by www.dyndns.com (remember I am still learning).

In response to "use googles dns servers 8.8.8.8 and 8.8.4.4 could you confirm the above so I can assist" Are you asking me to configure my DNS forwarders to use Google DNS?  I will do this if you ask, is the Google DNS service good?

Author

Commented:
I should mention mate that small emails under 100k seem to dispatch without any issues.  Anything larger and somtimes they are dispatched after many hours later.

Commented:
Sorry not ignoring you just swamped on a critical project will respond tomorrow now as I will be working most of the night

Author

Commented:
Don’t worry mate you carry on, its intermittent I have somehow TEMPORAILY resolved the problem however I don’t know exactly what I did :(  All of a sudden all my messages left the mail server queue?

One of the below seems to have resolved the issue, probably only temporarily though :(

- Server reboot (although it was only rebooted this morning?) I would have thought unlikely to be the cause.

- Router reboot (although it was working perfectly, never had issues before) I would have thought unlikely to be the cause.

- IP Change as a result of the router reboot (In theory since I am using a mail relay service to relay.dnsexit.com) I would have thought this was irrelevant?
- Logged into the dnsexit.com control panel and added all the alias's mail address's and domains to the dnsexit.com white list of senders.  However if that was the cause of the problem I would not have expected to have received the error "421 4. 4.2 Connection dropped due to connectionAborted"
 
I now know this issue is not related to mail size since I have had 3kb messages sitting in the queue all day with the same aforementioned error.

Author

Commented:
Jesus dam thing happened again, this time I was still assigned the same IP from yesterday which was working yesterday.  

This time I rebooted my router not the server, my IP changed but the existing messages in the queue would not leave (I wonder if the server had still tagged the headers with the old IP?).  Anyhow after I got a new IP emails can now be sent without issue for now at least :(

In addition just before I checked the exchange queue I got this bounce back from a pal I had emailed successfully only minutes before.  (See below)


"Delivery has failed to these recipients or groups:
SJoiner@netbox5.com
Your message wasn't delivered due to a permission or security issue. It may have been rejected by a moderator, the address may only accept e-mail from certain senders, or another restriction may be preventing delivery.


The following organization rejected your message: mail.netbox5.com."

So it seems I am somehow getting on a naughty list, however I am 99.999% sure there are no viruse's spamming out from my network that might do this.  I think somthing has changed either at dyndns.org or my ISP which is BSKYB-BROADBAND

Author

Commented:
Tried to telnet using the server to my yahoo address for testing got the following below, on other occasions I simply get connection to host lost...

"220 box7.911domain.com ESMTP Sendmail 8.13.8/8.13.8; Wed, 17 Feb 2010 14:26:24 -
0500
helo glazebrookresidence.homeip.net
250 box7.911domain.com Hello 5ac559bb.bb.sky.com [90.197.89.187], pleased to mee
t you
mail from: lukeglazebrook@mail2web.com
250 2.1.0 lukeglazebrook@mail2web.com... Sender ok
rcpt to: lukeglazebrook@yahoo.co.uk
550 5.7.1 lukeglazebrook@yahoo.co.uk... Relaying denied. Proper authentication r
equired."

Commented:
Hello,

No problem regarding the knowledge we all start from somewhere and thats what we are here for to help.

So to verify this only happens when your IP changes? Is this for both receiving and sending or just sending?

Google DNS works well I have been using it for a while

Do you have an internal DNS server? If so is the zone called glazebrookresidence.homeip.net? If so does an A / PTR record exist for the below server?

WILDSRV.glazebrookresidence.homeip.net

Author

Commented:
In answer to your questions mate...

So to verify this only happens when your IP changes? Is this for both receiving and sending or just sending?

- Typically after a recent IP change emails leave the server.

Google DNS works well I have been using it for a while

- I have no isssues establishing a telnet connection to my SMTP smarthost provider (relay.dnsexit.com) and then in turn to the target domain (see my attempt below).  So I think we can rule this out DNS.

Do you have an internal DNS server? If so is the zone called glazebrookresidence.homeip.net? If so does an A / PTR record exist for the below server?

- Yes, and yes I believe the zone is glazebrookresidence.homeip.net.  (see me screen shot)
- " If so does an A / PTR record exist for the below server?" Excuse my ignorance again mate, but I am not sure.  I assume yes since email was functioning fine until the last few weeks and under Exchange 2007 it was working fine for yrs.  Its been working fine under the new Exchange 2010 for months (nothing has changed on my server since honest).  However tell me how to confirm this to you and I will mate.

Would you mind taking a look at the transscript below mate, I tried to manually send an email via telnet from the server using my smarthost and got the following.  Could this be related to the issue?  I tried port 26 to exclude my ISP from being the problem?  Note I used the telnet command "mail from: lukeglazebrook@mail2web.com" even though my domain is glazebrookresidence.homeip.net since it is my Alias SMTP address on Exchange.

TELNET ATTEMPT TO WORK EMAIL
===================================================================================
220 box7.911domain.com ESMTP Sendmail 8.13.8/8.13.8; Wed, 17 Feb 2010 17:19:08 -
0500
helo glazebrookresidence.homeip.net
250 box7.911domain.com Hello 5ac559bb.bb.sky.com [90.197.89.187], pleased to mee
t you
mail from: lukeglazebrook@mail2web.com
250 2.1.0 lukeglazebrook@mail2web.com... Sender ok
rcpt to: luke.glazebrook@xchanging.com
550 5.7.1 luke.glazebrook@xchanging.com... Relaying denied. Proper authenticatio
n required.

dns.png

Author

Commented:
I am hoping I have found the cause?  I seem blacklisted on both Spamhaus and SORBS code 10 policy blocklist PBL what ever that means?  :( I wonder how on earth I resolve that

   
 
 



 Connectivity Test Failed
 
 
Test Details  
 

 
 Performing Outbound SMTP Test
  Outbound SMTP Test Failed
   Test Steps
   Attempting reverse DNS lookup for IP 90.201.160.210
  Successfully resolved IP 90.201.160.210 via Reverse-DNS lookup
   Additional Details
  Resolved IP address 90.201.160.210 to host 5ac9a0d2.bb.sky.com  
 
 Performing Real-Time Blackhole List (RBL) Test
  RBL Test Failed; your IP was found on one or more block lists
   Test Steps
   Checking Block List "SpamHaus Block List (SBL)"
  IP not on block list
   Additional Details
  IP 90.201.160.210 was not found on RBL  
 
 Checking Block List "SpamHaus Exploits Block List (XBL)"
  IP not on block list
   Additional Details
  IP 90.201.160.210 was not found on RBL  
 
 Checking Block List "SpamHaus Policy Block List (PBL)"
  IP found on block list
   Additional Details
  The IP 90.201.160.210 was found on the blocklist.
Status Code: 10  
 
 Checking Block List "SpamCop Block List"
  IP not on block list
   Additional Details
  IP 90.201.160.210 was not found on RBL  
 
 Checking Block List "NJABL.ORG Block List"
  IP not on block list
   Additional Details
  IP 90.201.160.210 was not found on RBL  
 
 Checking Block List "SORBS Block List"
  IP found on block list
   Additional Details
  The IP 90.201.160.210 was found on the blocklist.
Status Code: 10  
 
 Checking Block List "MSRBL Combined Block List"
  IP not on block list
   Additional Details
  IP 90.201.160.210 was not found on RBL  
 
 Checking Block List "UCEPROTECT Level 1 Block List"
  IP not on block list
   Additional Details
  IP 90.201.160.210 was not found on RBL  
 
 Checking Block List "AHBL Block List"
  IP not on block list
   Additional Details
  IP 90.201.160.210 was not found on RBL  
 
 
 
 Performing Sender ID validation
  Sender ID validation performed successfully
   Test Steps
   Attempting to find SPF record using DNS TEXT record query
  Failed to find SPF record
   Additional Details
  No Records were found  
 
 
 
 
 
 

 
 
   



© 2009 Microsoft | Forum | Version 1.0 | Feedback | Privacy | Legal
Error  
 
Sys.WebForms.PageRequestManagerServerErrorException: An unknown error occurred while processing the request on the server. The status code returned from the server was: 12030


The entire error report is listed below Show Report  Hide Report  


Copy error details to clipboard   Sys.WebForms.PageRequestManagerServerErrorException: An unknown error occurred while processing the request on the server. The status code returned from the server was: 12030


Close
Outbound Email Address

Enter an email address used to send outbound email. The domain part will be used for SPF record lookup and the entire email address may be using during SPF macro expansion.

Commented:
Blacklisted would only affect outbound email, I can see your not an open relay but you are blacklisted thus why email does not leave your exchange queues your biggest problem is your using a DYNAMIC IP address and this causes issues with sending.

You are better off asking your ISP for a smarthost

The below article from Mestha / Sembee from EE who is an Exchange MVP is def worth a read as it covers what you are trying to do:

http://www.amset.info/exchange/dynamicip.asp

The smarthost would push emails on to your ISP as long as the exchange server can resolve the smarthost.


First contact your ISP and see if you can get a smarthost then set your send connector with this smarthost once correct make sure your whois lookup has a correct email address as when companies believe your spamming they should first try to contact you they would do this by doing a lookup on the domain i.e. glazebrookresidence.homeip.net and will get contact details to get in touch with you incase its an error

You can verify your lookup information from:


http://whois.domaintools.com/

If the information is correct you need to contact whoever hosts your domain to get them to update the details (It is recommended to create a postmaster@company.com email and abuse@company.com and place this in your whois lookup information)


Secondly you then need to contact the relevant companies to unblock yourself do a search first from MXtoolbox to see who is blacklisting you by following the below link

http://www.mxtoolbox.com/blacklists.aspx

MXtoolbox can then help you get unblocked

http://www.mxtoolbox.com/BlacklistSuggestions.aspx

Remember if you get a smarthost from your ISP it means the emails leave from your ISP's smarthost which is more then likely not black listed, but do the above anyway for your domain to tidy things up

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start Today