SBS 2003 outbound email not flowing to some domains/addresses

I have a SBS 2003 server that uses mxlogic inbound and outbound service that is having difficulty sending email.  Over the weekend the server was restarted and shortly after that users recieved NDR for email they had sent on Feb 9, 2011.  That day the server was restarted at about 1:00 am.  It seems some email was not delivered during that time, but no delayed reports were given.  The server is set to give delay notifications after 2 hours and failure reports after 2 days.  When I started checking things this morning, I saw no sign of proplems: nothing in the queues and no failed send attempts in the logs.  But test messages that the users have sent out this morning to various clients/contacts, have not be received.  However, some outbound messages are going out.  But these test messages are not listed in the queues anywhere.  Where are these messages, that have been sent from Outlook, not sent through the SMTP server, but not appearing in the logs?

Server is running TrendMicro Worry-Free Business advanced, but just noticed that the license expired on Jan 27, 2011, but they still have 4 days left in the grace period.  Realtime monitor shows current email activity, but no viruses/spam...
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

Alan HardistyConnect With a Mentor Co-OwnerCommented:
You are suffering from the Greylisting Bug (as it is affectionately known).  Please download and install the following patch:
SterlingMcClungAuthor Commented:
The article mentions that "the messages are not delivered to the next hop on the first try because a remote SMTP host has "Greylisting" enabled. In this case, the SMTP host sends a Temporary Error (4.7.1) message back to the sender that indicates that the sender should retry the transmission of a message in a few minutes."  This seems to indicate that this 4.7.1 should be seen in my SMTP logs when the server originally tried to send the message.  This is not the case.  I see no indication of the emails these emails in the logs, queues.

Other than that this seems to fit.  I will contact MS, but can you confirm that the 4.7.1 message will not be seen in the SMTP logs?
Alan HardistyCo-OwnerCommented:
This problem addresses the issue that you have described where you either restart the server or restart the information store and messages previously sent, but not actually delivered suddenly appear to bounce.

The problem with the lack of the patch is that Exchange 2003 doesn't understand the rejection message and therefore cannot handle the issue - it thinks it has sent them but it hasn't and they don't appear in the queues.  As soon as you apply the patch, Exchange will know how to handle the problems and will continue to re-try the messages and they will remain in the queues until delivery or failure.

As Exchange doesn't know what to do - you won't see the 4.7.1 error in the logs.

Feel free to call Microsoft, but I have seen this problem more often that I have had hot dinners and I know it will resolve your issue.
SterlingMcClungAuthor Commented:
Contacted MS to get the hotfix and I have now applied it.  Just waiting for the server to restart.  Is there any way to prevent this from happening on other installations?  This seems like the Hotfix should be part of the regular updates, as I can't see how we are supposed to prevent this situation, and there is very little that can be done to know it is happening until the server or service is restarted.
Alan HardistyCo-OwnerCommented:
Unfortunately, the hotfix is not part of Windows Update, so I would install it manually on all Exchange 2003 servers that you manage before it appears to be a problem.

I had this only the other day with a server we manage and applied the fix - knowing what the problem was when the customer called and mentioned suddenly getting NDR's for emails sent out months ago!
All Courses

From novice to tech pro — start learning today.