Solved

configure Exchange 2010 to requeue outbound mail to bypass failed upstream gateway

Posted on 2011-02-28
8
2,364 Views
Last Modified: 2012-05-11
I have one Exchange 2010 server with 2 upstream email gateways for antispam/antivirus filtering.  Outbound email can go through either gateway - both have send connectors.  The primary gateway's send connector is configured with a cost of 1, and the secondary with a cost of 3 so that mail goes through the primary when possible.  However when the primary fails mail backs up in it's Exchange queue.  Exchange does not seem to understand that the gateway is down, and refuses to requeue the mail to the secondary send connector.  

The result is that mail backs up until it expires, and it bounces back to the sender - even though there is a completely functional alternate send connector.  How do I configure Exchange to requeue mail through the secondary gateway when the primary's queue is filling up?
0
Comment
Question by:vreiner
  • 4
  • 4
8 Comments
 
LVL 6

Expert Comment

by:J P
ID: 35003791
instead of two send connectors, make one send connector
but have multiple smart hosts in there [eg: the smarthost of connector1 and smarthost of connector2]

quote1: "If a smart hosted SMTP Send Connector has multiple smart hosts defined, load balancing and fault tolerance are accomplished using these smart hosts."
quote2: "Mail will not be load balanced among multiple equal cost connectors."
reference: http://msexchangeteam.com/archive/2007/01/04/432069.aspx (for E2007 but applies to E2010)
0
 

Author Comment

by:vreiner
ID: 35004221
ok, this is a good clarification: I DO want fault tolerance but I do NOT want load balancing.  If I understand this correctly adding a second smart host to a single Send Connector will result in the traffic going to both smart hosts relatively equally.

The functioning of the spam filter software relies on a primary/secondary relationship, which is why I set up 2 send connectors with a higher cost on the secondary.  I want as much traffic as possible going through the primary gateway, and I really only want the secondary to be used if the primary cannot accept new connections (whether because it is at 100% capacity or because it is down).  Can I achieve fault tolerance WITHOUT load balancing using the method you describe, or by another method?
0
 
LVL 6

Expert Comment

by:J P
ID: 35005672
FT without LB is interesting request, i can understand the reasons for which you are asking for it..
off the top of my head, for only FT, it would involve manual intervention with two connectors..

eg: keep the two connectors, when one is down and things start queuing, change the cost of primary connector to be higher then the secondary, restart transport services to engage the second connector and that should allow queue to drain (think answers the very last bit of the original question)

thinking bit outside, there might be something out there that "checks if a smarthost is accepting mail okay, if so then keep its dns entry, if not change its dns entry to another working smarthost" if there is, just one connector and smarthost would suffice, because this "special program" would automatically change the dns associated to the smarthost to another one etc

hope this helps
0
 

Author Comment

by:vreiner
ID: 35012437
this is an interesting approach... but my goal is to make this automated, likely via a scheduled task running a script.  I assume that I could script both the change to the primary send connector's cost and to restart the transport services.  I can do some reading on those things.  

Question is: how would I detect that mail is queuing up? I am new to Ex2010 (was on 2003 before) and while I can write a decent batch file I'm not familiar with what is and is not possible with Exchange Management Shell, or other scripting/programming languages I might use with Exchange.  Is there some way to measure the number of items in the queue, or test if a smarthost has open connections to receive mail?  I'm just trying to think all around this topic.  

0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 6

Assisted Solution

by:J P
J P earned 125 total points
ID: 35033683
not sure if you have scom or not, other options could be perfmon or ems script
here is a ems script which could do the job of "if queue has X mail queued, then change primary connector cost, restart transport service"
this would give the chance for your other connectors to 'takeover' the queued message and attempt to send them
script can be automated to run at scheduled intervals automated

$Queue = Get-TransportServer | Get-Queue | Measure-Object MessageCount -max
if ($Queue.Maximum -gt 88)
{
Set-SendConnector "SendConnector" -AddressSpaces "SMTP:*;100"
Restart-Service MSExchangeTransport
Exit
}

Open in new window


usage notes:
replace 88 with queue thresshold
replace SendConnector with your primary send connector name
0
 

Accepted Solution

by:
vreiner earned 0 total points
ID: 35033898
I've found the solution: use MX records instead of the smarthost IP address or FQDN.  Exchange will check the MX weights and route mail accordingly, immediately moving to the next smarthost if one does not respond.  The solution is detailed here:

http://social.technet.microsoft.com/Forums/en/exchangesvravailabilityandisasterrecovery/thread/7283649b-66e1-4618-a5df-bcd659c0106d

your solution was excellent as well and so I'm going to award you the points for your hard work.
0
 
LVL 6

Expert Comment

by:J P
ID: 35033942
interesting, using mx as smarthost, i learned something here also
thanks mate
0
 

Author Closing Comment

by:vreiner
ID: 35067716
I found a more-effective solution using Microsoft's built-in functions, which work more quickly than the offered scripted solution.  However I felt that the offered solution was also accurate if not as effective or elegant so I awarded the points to that person.
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Resolve DNS query failed errors for Exchange
Easy CSR creation in Exchange 2007,2010 and 2013
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now