Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Exchange 2003 NO External email incoming until I reboot

Posted on 2012-04-06
30
Medium Priority
?
574 Views
Last Modified: 2012-08-13
We are running Exchange Server 2003.  Starting yesterday morning we were unable to receive external emails coming in, but we can send out to everybody, and the email works great inside the intranet as well.

Our Antespam provider forwards our email to us and they say that they are seeing hundreds of lost connections and dropped connections.

When we reboot the Exchange server everything works fine for abut an hour or two and then it stops receiving again.

Any help would be greatly appreciated.
0
Comment
Question by:rand1964
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 17
  • 6
  • 4
  • +1
30 Comments
 
LVL 8

Expert Comment

by:npinfotech
ID: 37817668
What do you see in the event logs on that server?
0
 

Author Comment

by:rand1964
ID: 37817714
I don't see anything out of the ordinary in the event logs....what should I be looking for particularly.
0
 
LVL 12

Expert Comment

by:FarWest
ID: 37817737
as a way to isolate the problem, try to restart exchange services and not restarting the machine, if it works then it has to do with exchange services, and not computer connectivity
,
sometimes it can be related to DNS records,
0
Get your Disaster Recovery as a Service basics

Disaster Recovery as a Service is one go-to solution that revolutionizes DR planning. Implementing DRaaS could be an efficient process, easily accessible to non-DR experts. Learn about monitoring, testing, executing failovers and failbacks to ensure a "healthy" DR environment.

 

Author Comment

by:rand1964
ID: 37817745
I will give restarting the Exchange Services only a try when it stops working again in an hour or two.  I never thought about that.
0
 

Author Comment

by:rand1964
ID: 37817886
OK...server stopped receiving email at 6:30, I went in and restarted the Exchange Services...that didn't do anything to fix the problem.

I rebooted and it's working again...for another hour or so...
0
 
LVL 12

Expert Comment

by:FarWest
ID: 37817945
it can be a long way with me :)
when it stops again try

IPCONFIG /REGISTERDNS

if not working

try disable /enable NIC ( the problem can be caused by reaching server smtp sessions or connections limits) because the are not disconnected properly and ontime)

does your exchange has two cards, or it is behind firewall and u r using forward rules?
0
 

Author Comment

by:rand1964
ID: 37818000
I did a "repair" on the NIC which I think does the same thing without any results.

It has two NICs  (We only use one)
It is behind a firewall
There are forwarding rules
0
 

Author Comment

by:rand1964
ID: 37818017
Where do you set smtp session limits or connection limits?  And why has it worked for 8 years setup the same way...what would suddenly cause the limits problem?
0
 

Author Comment

by:rand1964
ID: 37818173
I did IPCONFIG /FLUSH
IPCONFIG /Register

Nothing...no difference...I had to reboot the server again
0
 

Author Comment

by:rand1964
ID: 37818299
I am running a scheduled task right now to reboot the server hourly just so I can sleep over the weekend...
this one has me baffled...guess the weekend is going to be lean on help...
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 37818405
This will be your antivirus software.  Typical culprits are Symantec or Sophos but others will do it as well.

Uninstall your AV/SPAM software, reboot and see if the problem persists.  If it doesnt then re-install the AV/SPAM software.

This is normally caused by an update corrupting the engine that interacts with the SMTP service.
0
 

Author Comment

by:rand1964
ID: 37818410
I had Symantec which I unistalled a few months ago when we switched over to Trend Micro.
I have already uninstalled Trend Micro earlier today...there is no Antivirus software on there right now.
Any place else I should look for any remnants interfering with SMTP
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 37818434
Is it still happening after the uninstall?

If so, I'd suggest re-installing Exchange 2003 SP2 just to repair anything that may have been damaged by these products.
0
 

Author Comment

by:rand1964
ID: 37818437
Yes it is still happening after the install...but it worked without error for 8 years and the Trend Micro has been working nicely for over 3 months.  I only uninstalled it to see if it was the problem...not because it was doing anything.
I'm not ready to just blindly assume that antivirus is the cause of my problem.
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 37818449
This problem is caused 99.9% of the time by something interacting with the Exchange SMTP service.

So if you have removed the AV what other 3rd party products do you have installed on the server?

Just because it worked for 3 months doesn't mean it isn't the cause.
0
 

Author Comment

by:rand1964
ID: 37818455
That's about it...I do have Symantec Backup Exec System recovery which is a backup utility like Ghost.

Is reinstalling Exchange 2003 SP2 non destructive?  I can do it in place and it won't overwrite my stuff because this is our only production server.
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 37818461
It won't be system recovery.

Yes, SP2 is non destructive it can be done whilst live.  It will stop the exchange services during install but will only take around 30 minutes to do.
0
 

Author Comment

by:rand1964
ID: 37818465
Just to clarify, this is only the Service Pack?  Not the entire Exchange 2003?
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 37818482
Absolutely, just the service pack.
0
 

Author Comment

by:rand1964
ID: 37819093
If I install this Service Pack 2, is it going to break OWA or anything else I currently have setup?
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 37819196
There's no reason why it should.  If its working now and you haven't strayed away from the default configuration there's no reason it shouldn't work after.
0
 

Author Comment

by:rand1964
ID: 37820009
I drove into work, did the Exchange Service pack 2, rebooted, checked for updates, it still did not fix the problem.  I also switched over to theo NIC in the server.
0
 

Author Comment

by:rand1964
ID: 37820346
Any other answers?
0
 
LVL 8

Expert Comment

by:npinfotech
ID: 37821058
I'd start by enabling SMTP logging in my application event viewer: http://technet.microsoft.com/en-us/library/bb124994%28v=exchg.65%29.aspx.  (you may need to go deeper than this in your logging later).  This will allow you to go to control panel > administrative tools > event viewer > application.  Once you have some data in there, you can sort/filter for SMTP / exchange events and post specific error IDs to this thread.

It might be worth your time to contact the anti-spam provider.  Their logs / error codes might help you in your effort to pinpoint where or how the stoppage is happening.

More drastic measures down the road might be to re-install your SMTP service from a Server disk, deleting and recreating SMTP Server entry in Exchange System Manager, etc.

Contacting Microsoft might be your last resort.  It costs about $250, but they are a stellar resource.
0
 

Author Comment

by:rand1964
ID: 37821160
I have enabled maximum logging...there are no errors...there is nothing in the logs that show why a connection is lost or dropped and that is what is happening according to our AnteSpam provider that forwards the email to us.  They tell us connections are being dropped.

Could it be something in the firewall even if rebooting the server fixes it?
0
 
LVL 8

Expert Comment

by:npinfotech
ID: 37821219
The whole chain, starting at the antispam service down to ur server, is up for review.  It could be that the firewall can't find the exchange server. It could be a timeout set somewhere, or a threshold may be surpassed shutting down service.  I don't think its very likely outside the server, because the problem is solved by a reboot of the ser. Ifver itself.

Check out ur firewall and see if messages hit ur server.  If they do, focus back on ur internal network.if not, check ur ISP modem, ur ISP lines, and antispam service.
0
 

Accepted Solution

by:
rand1964 earned 0 total points
ID: 37830925
OK...finally solved the issue 6 days later....hope this helps somebody.

It was caused by an iPhone running OS 4.0, and what it was doing was trying to activesync multiple times a second which was causing the SMTP server to block for 60 seconds...then as soon as the 60 seconds were up it would open again for a second and immediately get blocked off again for another 60 seconds.
The thing that was causing the random email was these pauses after these 60 seconds and also when the user turned his iPhone off.

I had never heard of this before.  I found it by buying a new intel NIC and installing it in the PCI slot of the server.  Luckily in the configuration panel, this NIC alowed me to turn on Link State Logging and other things.  Suddenly I got a System Log full of errors in the Event Viewer that I couldn't see before.

I then went to the SMTPSVC1 logs and they were enormous and filled with one users transaction and I could see it was an iPhone.

I Googled and found these articles and then went in and disabled this users access to "Mobile devices" in Exchange Tasks, and then rebooted to clear everything and BAM!  Everythings working like normal.

http://www.howardforums.com/showthread.php/1657788-Why-is-Apple%E2%80%99s-iOS4-Crashing-Microsoft-Exchange-Servers

http://support.apple.com/kb/TS3398


Worst 6 days of my life, but I feel ok now.  Thanks to all who helped...I can't hardly believe it turned out to be this though.
0
 
LVL 12

Expert Comment

by:FarWest
ID: 37831071
very glad that you finally solve it,
and thanks for sharing the solution, I hope it will help someone before hitting his/her head against the wall :)
0
 
LVL 8

Expert Comment

by:npinfotech
ID: 37831982
You should have seen a spike in your firewall activity also.  This was a mini Denial of Service event, and your firewall didn't alert you...
0
 

Author Closing Comment

by:rand1964
ID: 37848052
I accepted my own comment because I worked this myself and saw that the solution is accurate and works.
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will help to fix the below errors for MS Exchange Server 2013 I. Certificate error "name on the security certificate is invalid or does not match the name of the site" II. Out of Office not working III. Make Internal URLs and Externa…
A couple of months ago we ran into an issue that necessitated re-creating our Edge Subscriptions. However, when we attempted to execute the command: New-EdgeSubscription -filename C:\NewEdgeSub_01.xml we received an error indicating that the LDAP se…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
how to add IIS SMTP to handle application/Scanner relays into office 365.
Suggested Courses

670 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question