Solved

Exchange 2003 - Messages stuck in queue

Posted on 2011-02-18
40
518 Views
Last Modified: 2012-06-27
Hello,

I have 450 messages stuck in the queue.

I have went to my server. Went to the default SMTP server > Properties > Delivery tab. And verified that my internal DNS entry is in there. I also stopped and restarted the default SMTP server. The messages still will not flow. A while back I blew some entries out of the forwarders tab in DNS. The only entries I have in there now are for OpenDNS. Should I have anything in the forwarders for my mail server?

Thanks
0
Comment
Question by:sethendres
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 17
  • 16
  • 2
  • +3
40 Comments
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 34928002
Who are the senders of the messages?  Genuine senders on your domain, postmaster or random users not on your domain?
0
 
LVL 9

Expert Comment

by:snurker
ID: 34928058
Sometimes undeliverables will stay there for up to 4 days until they are released. You may also check the RBLs to see if you are blacklisted. I had a client recently plauged by this and the email sat in the queue.

Verify that they are legitimate addresses. You could have an infected system on the network that is spamming.
0
 

Author Comment

by:sethendres
ID: 34928061
A lot are genuine senders. Some are incoming messages from stuff users signed up for.
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 

Author Comment

by:sethendres
ID: 34928078
What should I have in my DNS forwarders. I blew some entries out of there recently and did not pay attention.
0
 
LVL 9

Expert Comment

by:snurker
ID: 34928084
May be genuine senders, but are they genuine people the email is sent to? YOu should be able to open some to see if they are spam.
0
 
LVL 9

Expert Comment

by:snurker
ID: 34928096
Depends... Are your systems using a local server for DNS or are you passing that outside to something like opendns?
0
 

Author Comment

by:sethendres
ID: 34928126
I have local DNS servers here. I just point to Opendns for content filtering. I have the IP's for Opendns in my DNS forwarders, nothing else.
0
 

Author Comment

by:sethendres
ID: 34928185
also this exchange server is just acting as a forwarder to my other domain. All email coming into akroninstitute.com should be forwarded to akr.herzing.edu
0
 
LVL 9

Expert Comment

by:snurker
ID: 34928250
Can you send an email through telnet? Find an SMTP server that you would like to connect to and try to telnet.

Also verify that you can resolve akr.herzing.edu froma  local system.
0
 

Author Comment

by:sethendres
ID: 34928276
I have never sent a email through telnet. Can you please tell me how?

Thanks
0
 
LVL 9

Expert Comment

by:snurker
ID: 34928380
Telnet (SMTP SERVER) 23
EHLO
MAIL FROM:(your email address)
RCPT TO: (a test email address outside your organization)
DATA
SUBJECT: something
Something
.. (enter)

In telnet, backspace cannot be used, so if you screw up, try again. You should not need to restart the whole thing because you will more than likely error and be able to try again. make sure you are sending to the MX record and then try the IP.
0
 
LVL 11

Expert Comment

by:sysreq2000
ID: 34928405
Sorry to butt in but here also is an excellent how-to on testing smtp with telnet:

http://exchangeguy.blogspot.com/2007/06/using-telnet-to-simulate-server.html
0
 
LVL 11

Expert Comment

by:sysreq2000
ID: 34928426
Also the 23 should be 25   8)
0
 

Author Comment

by:sethendres
ID: 34928494
220 mail.akroninstitute.com Microsoft ESMTP MAIL Service, Version: 6.0.3790.4675 ready at  Fri, 18 Feb 2011 12:36:39 -05
00
ehlo
250-mail.akroninstitute.com Hello [10.70.63.222]
250-TURN
250-SIZE
250-ETRN
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-8bitmime
250-BINARYMIME
250-CHUNKING
250-VRFY
250-X-EXPS GSSAPI NTLM LOGIN
250-X-EXPS=LOGIN
250-AUTH GSSAPI NTLM LOGIN
250-AUTH=LOGIN
250-X-LINK2STATE
250-XEXCH50
250 OK
mail from:sendres@akroninstitute.com
250 2.1.0 sendres@akroninstitute.com....Sender OK
rcpt to:sendres542@gmail.com
550 5.7.1 Unable to relay for sendres542@gmail.com
data
0
 

Author Comment

by:sethendres
ID: 34928498
Does that tell you anything?
0
 
LVL 9

Expert Comment

by:snurker
ID: 34928561
Yep...

5.7.1 Unable to relay

That looks like either you have a DNS issue or are blacklisted. Since you recently made changes to your DNS server, I would start with the former.

Blacklists though are easy to check, a pain to get off... http://www.mxtoolbox.com/blacklists.aspx That will search them. You will need your domain's MX ip address to check.

Concerning DNS, do an NSlookup of you MX records and verify that it is connecting to the correct IP address.
0
 
LVL 9

Expert Comment

by:snurker
ID: 34928578
I checked your MX and both resolve fine to the .edu address, but that is through Comcast. If you NS lookup fails, then it could be your forwarders.
0
 

Author Comment

by:sethendres
ID: 34928623
The was following the steps that sys and you provided above. The relay fails when inputing the receiptent address. The 2 IP address's I currently have in DNS forwarders are those of OpenDNS for content filtering for my network 208.67.220.220 and 208.67.222.222

What should I have in my DNS forwarders?
0
 
LVL 9

Expert Comment

by:snurker
ID: 34928625
Thanks sysreg... I mistyped that... 23 is standard telnet. 25 is smtp.

I checked and you do not appear to be blacklisted.
0
 

Author Comment

by:sethendres
ID: 34928666
Sys, our ISP onecommunications handles our MX records.
0
 
LVL 9

Expert Comment

by:snurker
ID: 34928672
Test your MX from the office.

Open a command line. type nslookup (enter) type set query=mx (enter) type akroninstitute.com(enter)

What do you get?
0
 
LVL 9

Expert Comment

by:snurker
ID: 34928687
Then you may want to put in forwarders to your ISP's DNS servers.
0
 

Author Comment

by:sethendres
ID: 34928728
> set query=mx
> akroninstitute.com
Server:  303-instructor.ai.com
Address:  10.70.63.237

akroninstitute.com
        primary name server = 303-instructor.ai.com
        responsible mail addr = hostmaster.ai.com
        serial  = 29
        refresh = 900 (15 mins)
        retry   = 600 (10 mins)
        expire  = 86400 (1 day)
        default TTL = 3600 (1 hour)
>
0
 
LVL 9

Expert Comment

by:snurker
ID: 34928835
You didn't make any other changes to your DNS other than removing some forwards correct?

It does not even appear that you are forwarding the request. Your server is responding. Do you have a zone on your DNS for akroninstitute.com?
0
 

Author Comment

by:sethendres
ID: 34928872
I cleared the cache. I believe I clicked scavenge stale resource records.

I have akroninstitute.com under forward lookup zones.
0
 
LVL 9

Expert Comment

by:snurker
ID: 34928928
Try adding an mx record under that zone that will point to fm400.herzing.edu
0
 

Author Comment

by:sethendres
ID: 34928951
My ISP has those records that point to fm400 amd fm401. That is the barracuda spam system at our corporate office.
0
 
LVL 9

Expert Comment

by:snurker
ID: 34929011
I understand. What is happening is your DNS server is responding to these rather than forwarding the request. I am sure there is probably an A record for www in there that is to your company's website, else it would try to resolve locally.
0
 
LVL 9

Expert Comment

by:snurker
ID: 34929038
With these changes, I need to ask... why did you make changes to the DNS? Typically should not need to make any changes to your DNS unless it is erroring or taking awhile to change. You may overall be better off restoring your DNS from a backup from before the changes.
0
 

Author Comment

by:sethendres
ID: 34929067
I have 2 A records tor the mail server

exchserv.akroninstitute.com that points to 10.70.63.222 the mail server internal IP and mail.akroninstitute.com which does the same.
0
 

Author Comment

by:sethendres
ID: 34929087
These are old systems that are still in place. They man here still wants that mail server to forward messages. I have since moved us to google apps. I would love to just shut that thing off, but I can't.
0
 

Author Comment

by:sethendres
ID: 34929149
One of my messages finally came through but it has been delayed big time.
0
 
LVL 9

Expert Comment

by:snurker
ID: 34929167
It finally resolved. You cam set an external dns server on the exchange management that will look there for resolving dns.
0
 

Author Comment

by:sethendres
ID: 34929171
Under my default SMTP server, in current sessions I see 7 sessions

bc.herzing.edu
174.47.123.6
0
 
LVL 9

Expert Comment

by:snurker
ID: 34929207
This use to be 400?
0
 
LVL 2

Expert Comment

by:DezzyMelb
ID: 34956585
Use the MXtoolbox.com and use the diag tools there
0
 

Accepted Solution

by:
sethendres earned 0 total points
ID: 35086362
There was a setting on our Cisco ASA firewall that was not allowing mail to flow properly. Once that was removed messages started to flow properly. This question can now be closed.

Thank you
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 35086407
It's your question - it's up to you to close it how you see fit.  If experts helped you to solve the problem, you should accept the comments that helped you, or if you fixed your own problem and posted how you fixed it, you should accept your own answer as the solution.
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35321906
This question has been classified as abandoned and is being closed as part of the Cleanup Program. See my comment at the end of the question for more details.
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Find out what you should include to make the best professional email signature for your organization.
Phishing attempts can come in all forms, shapes and sizes. No matter how familiar you think you are with them, always remember to take extra precaution when opening an email with attachments or links.
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question