Exchange 2003 - Messages stuck in queue
Hello,
I have 450 messages stuck in the queue.
I have went to my server. Went to the default SMTP server > Properties > Delivery tab. And verified that my internal DNS entry is in there. I also stopped and restarted the default SMTP server. The messages still will not flow. A while back I blew some entries out of the forwarders tab in DNS. The only entries I have in there now are for OpenDNS. Should I have anything in the forwarders for my mail server?
Thanks
I have 450 messages stuck in the queue.
I have went to my server. Went to the default SMTP server > Properties > Delivery tab. And verified that my internal DNS entry is in there. I also stopped and restarted the default SMTP server. The messages still will not flow. A while back I blew some entries out of the forwarders tab in DNS. The only entries I have in there now are for OpenDNS. Should I have anything in the forwarders for my mail server?
Thanks
Alan Hardisty
Who are the senders of the messages? Genuine senders on your domain, postmaster or random users not on your domain?
Sometimes undeliverables will stay there for up to 4 days until they are released. You may also check the RBLs to see if you are blacklisted. I had a client recently plauged by this and the email sat in the queue.
Verify that they are legitimate addresses. You could have an infected system on the network that is spamming.
Verify that they are legitimate addresses. You could have an infected system on the network that is spamming.
ASKER
A lot are genuine senders. Some are incoming messages from stuff users signed up for.
ASKER
What should I have in my DNS forwarders. I blew some entries out of there recently and did not pay attention.
May be genuine senders, but are they genuine people the email is sent to? YOu should be able to open some to see if they are spam.
Depends... Are your systems using a local server for DNS or are you passing that outside to something like opendns?
ASKER
I have local DNS servers here. I just point to Opendns for content filtering. I have the IP's for Opendns in my DNS forwarders, nothing else.
ASKER
also this exchange server is just acting as a forwarder to my other domain. All email coming into akroninstitute.com should be forwarded to akr.herzing.edu
Can you send an email through telnet? Find an SMTP server that you would like to connect to and try to telnet.
Also verify that you can resolve akr.herzing.edu froma local system.
Also verify that you can resolve akr.herzing.edu froma local system.
ASKER
I have never sent a email through telnet. Can you please tell me how?
Thanks
Thanks
Telnet (SMTP SERVER) 23
EHLO
MAIL FROM:(your email address)
RCPT TO: (a test email address outside your organization)
DATA
SUBJECT: something
Something
.. (enter)
In telnet, backspace cannot be used, so if you screw up, try again. You should not need to restart the whole thing because you will more than likely error and be able to try again. make sure you are sending to the MX record and then try the IP.
EHLO
MAIL FROM:(your email address)
RCPT TO: (a test email address outside your organization)
DATA
SUBJECT: something
Something
.. (enter)
In telnet, backspace cannot be used, so if you screw up, try again. You should not need to restart the whole thing because you will more than likely error and be able to try again. make sure you are sending to the MX record and then try the IP.
Sorry to butt in but here also is an excellent how-to on testing smtp with telnet:
http://exchangeguy.blogspot.com/2007/06/using-telnet-to-simulate-server.html
http://exchangeguy.blogspot.com/2007/06/using-telnet-to-simulate-server.html
Also the 23 should be 25 8)
ASKER
220 mail.akroninstitute.com Microsoft ESMTP MAIL Service, Version: 6.0.3790.4675 ready at Fri, 18 Feb 2011 12:36:39 -05
00
ehlo
250-mail.akroninstitute.co
250-TURN
250-SIZE
250-ETRN
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-8bitmime
250-BINARYMIME
250-CHUNKING
250-VRFY
250-X-EXPS GSSAPI NTLM LOGIN
250-X-EXPS=LOGIN
250-AUTH GSSAPI NTLM LOGIN
250-AUTH=LOGIN
250-X-LINK2STATE
250-XEXCH50
250 OK
mail from:sendres@akroninstitut
250 2.1.0 sendres@akroninstitute.com
rcpt to:sendres542@gmail.com
550 5.7.1 Unable to relay for sendres542@gmail.com
data
00
ehlo
250-mail.akroninstitute.co
250-TURN
250-SIZE
250-ETRN
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-8bitmime
250-BINARYMIME
250-CHUNKING
250-VRFY
250-X-EXPS GSSAPI NTLM LOGIN
250-X-EXPS=LOGIN
250-AUTH GSSAPI NTLM LOGIN
250-AUTH=LOGIN
250-X-LINK2STATE
250-XEXCH50
250 OK
mail from:sendres@akroninstitut
250 2.1.0 sendres@akroninstitute.com
rcpt to:sendres542@gmail.com
550 5.7.1 Unable to relay for sendres542@gmail.com
data
ASKER
Does that tell you anything?
Yep...
5.7.1 Unable to relay
That looks like either you have a DNS issue or are blacklisted. Since you recently made changes to your DNS server, I would start with the former.
Blacklists though are easy to check, a pain to get off... http://www.mxtoolbox.com/blacklists.aspx That will search them. You will need your domain's MX ip address to check.
Concerning DNS, do an NSlookup of you MX records and verify that it is connecting to the correct IP address.
5.7.1 Unable to relay
That looks like either you have a DNS issue or are blacklisted. Since you recently made changes to your DNS server, I would start with the former.
Blacklists though are easy to check, a pain to get off... http://www.mxtoolbox.com/blacklists.aspx That will search them. You will need your domain's MX ip address to check.
Concerning DNS, do an NSlookup of you MX records and verify that it is connecting to the correct IP address.
I checked your MX and both resolve fine to the .edu address, but that is through Comcast. If you NS lookup fails, then it could be your forwarders.
ASKER
The was following the steps that sys and you provided above. The relay fails when inputing the receiptent address. The 2 IP address's I currently have in DNS forwarders are those of OpenDNS for content filtering for my network 208.67.220.220 and 208.67.222.222
What should I have in my DNS forwarders?
What should I have in my DNS forwarders?
Thanks sysreg... I mistyped that... 23 is standard telnet. 25 is smtp.
I checked and you do not appear to be blacklisted.
I checked and you do not appear to be blacklisted.
ASKER
Sys, our ISP onecommunications handles our MX records.
Test your MX from the office.
Open a command line. type nslookup (enter) type set query=mx (enter) type akroninstitute.com(enter)
What do you get?
Open a command line. type nslookup (enter) type set query=mx (enter) type akroninstitute.com(enter)
What do you get?
Then you may want to put in forwarders to your ISP's DNS servers.
ASKER
> set query=mx
> akroninstitute.com
Server: 303-instructor.ai.com
Address: 10.70.63.237
akroninstitute.com
primary name server = 303-instructor.ai.com
responsible mail addr = hostmaster.ai.com
serial = 29
refresh = 900 (15 mins)
retry = 600 (10 mins)
expire = 86400 (1 day)
default TTL = 3600 (1 hour)
>
> akroninstitute.com
Server: 303-instructor.ai.com
Address: 10.70.63.237
akroninstitute.com
primary name server = 303-instructor.ai.com
responsible mail addr = hostmaster.ai.com
serial = 29
refresh = 900 (15 mins)
retry = 600 (10 mins)
expire = 86400 (1 day)
default TTL = 3600 (1 hour)
>
You didn't make any other changes to your DNS other than removing some forwards correct?
It does not even appear that you are forwarding the request. Your server is responding. Do you have a zone on your DNS for akroninstitute.com?
It does not even appear that you are forwarding the request. Your server is responding. Do you have a zone on your DNS for akroninstitute.com?
ASKER
I cleared the cache. I believe I clicked scavenge stale resource records.
I have akroninstitute.com under forward lookup zones.
I have akroninstitute.com under forward lookup zones.
Try adding an mx record under that zone that will point to fm400.herzing.edu
ASKER
My ISP has those records that point to fm400 amd fm401. That is the barracuda spam system at our corporate office.
I understand. What is happening is your DNS server is responding to these rather than forwarding the request. I am sure there is probably an A record for www in there that is to your company's website, else it would try to resolve locally.
With these changes, I need to ask... why did you make changes to the DNS? Typically should not need to make any changes to your DNS unless it is erroring or taking awhile to change. You may overall be better off restoring your DNS from a backup from before the changes.
ASKER
I have 2 A records tor the mail server
exchserv.akroninstitute.co
exchserv.akroninstitute.co
ASKER
These are old systems that are still in place. They man here still wants that mail server to forward messages. I have since moved us to google apps. I would love to just shut that thing off, but I can't.
ASKER
One of my messages finally came through but it has been delayed big time.
It finally resolved. You cam set an external dns server on the exchange management that will look there for resolving dns.
ASKER
Under my default SMTP server, in current sessions I see 7 sessions
bc.herzing.edu
174.47.123.6
bc.herzing.edu
174.47.123.6
This use to be 400?
Use the MXtoolbox.com and use the diag tools there
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
It's your question - it's up to you to close it how you see fit. If experts helped you to solve the problem, you should accept the comments that helped you, or if you fixed your own problem and posted how you fixed it, you should accept your own answer as the solution.
This question has been classified as abandoned and is being closed as part of the Cleanup Program. See my comment at the end of the question for more details.