Exchange 2010 header -- messages being delayed at delivery to remote host

Posted on 2011-05-06
Last Modified: 2012-05-11
I've recently migrated from Ex 2003 to Ex 2010. I have two Exchange 2010 servers set up.
Server 1:  EXCHANGE2010
Server2: EXCHANGE2010-2
It's been about two weeks or so since the upgrade (the Ex2003 server is gone and removed) and everything was going well.
Then, a few days ago my users started getting "Diagnostic-Code: smtp;400 4.4.7 Message delayed" for messages they sent to AOL.  Then the problem started happening with, then Now it's happening to about half a dozen domains and counting.
I have tried the usual
* Reverse DNS ptr is set up correctly
* My sending transport server (EXCHANGE2010.mydomain.lcl) is not on any blacklists.

Below is an example of one of the headers that were delayed. The only thing I see here that might be a problem is that the Received: line has the Local AD domain name in it and not the actual external domain name. Could that be the problem? If so, how do I change that without having to rebuild my entire Exchange environment from scratch?
This is an emergency. Thanks for any and all help!

Received: from EXCHANGE2010.mydomain.lcl ([]) by
EXCHANGE2010-2.mydomain.lcl ([]) with mapi id
14.01.0270.001; Fri, 6 May 2011 14:07:56 -0400
From: My Name <>
To: "" <>
Subject: Sending from Outlook Web App on Friday at 2pm
Thread-Topic: Sending from Outlook Web App on Friday at 2pm
Thread-Index: AcwMGIZpj5KOST+8QU6xZuBmc50x0Q==
Date: Fri, 6 May 2011 18:07:56 +0000
Message-ID: <239AF6D6EBE7CC4B8909E1A34D7C41A29FEDE5@EXCHANGE2010.mydomain.lcl>
Accept-Language: en-US
Content-Language: en-US
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 04
X-MS-Exchange-Organization-AuthSource: EXCHANGE2010-2.mydomain.lcl
X-MS-Exchange-Organization-SCL: -1
Question by:nachtmsk
    LVL 76

    Expert Comment

    by:Alan Hardisty
    You have your SEND connector Fully Qualified Domain Name incorrectly set as .lcl which is an invalid domain name.  Please correct this to something that resolves in DNS to the IP address of your Exchange server.

    Also, please check my article for additional guidance:


    Author Comment

    Thanks but the send connector has the FQDN set correctly (not the .lcl one). It's always had the correct FQDN set correctly. It was one of the first thing I did.
    The RECEIVE connector on the other hand does have the .lcl addresses in it, but those are not able to be changed -- Exchange won't allow it.
    LVL 76

    Expert Comment

    by:Alan Hardisty
    Good - the RECEIVE connector is not relevant and doesn't matter.

    Have you checked Reverse DNS and that the Reverse DNS name matches your SEND Connector FQDN and that both resolve in DNS back to your fixed IP Address?

    Accepted Solution

    Just found that I had a whole bunch of messages sitting in the queue of the second exchange server. I never configured the second server with a reverse PTR because I was only using it as an emergency backup. I guess Exchange uses whatever  Hub server it can get it's hands on?

    I'm in the middling of getting that PTR record ready for the second server. Question -- I will also need an SSL cert I'm guess. can I use the same cert I have on the first Exchange server?
    Or more specifically, can both exchange servers have the same FQDN set up?
    LVL 76

    Expert Comment

    by:Alan Hardisty
    What roles do each Exchange 2010 server hold?

    Author Comment

    Each server holds MB, HT, CAS  
    no Edge. No UN.

    Author Closing Comment

    The problem was that the second HUB server was sending messages out because the first HUB server was part of a DAG. This is default behavior as per Microsoft docs. Once I added in the Reverse PTR for the second server mail started flowing out. Mail was not flowing out because other hosts would not accept mail from a server w/o a PTR set up.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Live - One-on-One Exchange Help from Top Experts

    Solve your toughest problems, fast.
    Exchange experts are online now and ready to help you.

    Create high volume marketing opportunities using email signatures with these top 10 DOs and DON'Ts of email signature marketing.
    Not sure what the best email signature size is? Are you worried about email signature image size? Follow this best practice guide.
    In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
    To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…

    779 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    13 Experts available now in Live!

    Get 1:1 Help Now