Exchange 2003 Mail Flow Issues

Hi All,

I am a new member to this forum. I am also a new Network Admin and I inherited Exchange 2003.

Problem:

I have had several clients who are unable to send emails to my firm. It only appears to be a few users from different domains (gmail.com, embarqmail.com, mckenzietank.com) These are the only domains that I'm aware of at the present time. The issue appears to happen with or without attachments.

Example 1 error message: "A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed: *****@mydomain.com (while not connected): 554 5.4.7 [internal] exceeded max time without delivery.

Example 2 error message:

"This is a warning message only. You do not need to resend your message. Delivery to the following recipient has been delayed: *****@mydomain.com Message will be retried for 2 more day (s) Technical details of temporary failure: Connection was dropped by remote host (Sent_Mail).

The only changes I've made was to the Default SMTP Virtual Server>Relay Restrictions from "Only the list below" to "All except the list below".

Could it be some sort of DNS or MX record issue? I know there haven't been any changes made. Just a thought.

Any help concerning this issue will be greatly appreciated.

Thanks,
Bobby
Skystone2Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Alan HardistyCo-OwnerCommented:
Hi Bobby and welcome to EE,

Is your Exchange Server part of a Small Business Server or is it just Exchange 2003 Server sitting on top of Windows 2003 Server?

If it is just Exchange 2003, please can you download and run the following Best Practises Analyzer tool and report back what it finds about your server:

http://www.microsoft.com/download/en/details.aspx?id=22485

If it is part of a Small Business Server, please download and run the following instead:

http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=5334

Thanks

Alan
0
Skystone2Author Commented:
Hi Alan,

Thanks for the quick response.

Here are the results of the best practice analyzer.

The principal for SSL certificate 'https://mydomain.com' does not appear to match the host address. Host address: mydomain.com. Principal: OU=Domain Control Validated, OU=PositiveSSL Wildcard, CN=*.mydomain.com.

The Intelligent Message Filter was not detected and at least one computer in the organization is running Exchange Server 2003. The Intelligent Message Filter can help reduce unsolicited commercial electronic messages.

The maximum incoming message size is set too high. This can cause reliability problems. Maximum message size is 40 MB.

The maximum outgoing message size is set too high. This can cause reliability problems. Maximum message size is 40 MB.

Cannot connect to the Windows Management Instrumentation (WMI) repository on server. This could be the result of a network or permissions problem. The tool will not analyze this server. Error: Access is denied.

Cannot connect to the Windows Management Instrumentation (WMI) repository on server. This could be the result of a network or permissions problem. The tool will not analyze this server. Error: Access is denied.

A public folder store is present on Exchange front-end server. This can cause data accessibility and system reliability problems.

Thanks,
Bobby
0
Skystone2Author Commented:
Hi Alan,

Exchange 2003 sits on Windows Server 2003 R2 Enterprise Edition.  

Thanks,
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Alan HardistyCo-OwnerCommented:
Thanks for the information.  You accidentally posted your domain name in the last post, which I (as a Zone Advisor) have hidden for you to protect your identity (most Experts cannot do this, so please be careful when posting to not include details that would identify your company / domain / IP Addresses etc).

Having seen your domain name, I have run a Domain Report and see that your emails are sent to Postini before they are sent to your server for filtering, so there might be an issue between Postini and you.

Have you spoken to Postini?
0
Skystone2Author Commented:
Thanks for hiding my domain name.  

I have not spoken to Postini as of yet.   Should I just mention the problems I am having or are there specifics I should mention?  

Thanks,
0
Alan HardistyCo-OwnerCommented:
Mention to them that you are not receiving emails and they may tell you that they have a problem, or they may advise you that you have a problem!

If they advise you that you have a problem, see if they can explain why / what it might be and if you are not sure what that is, please let me know.

Ideally your SMTP Virtual Server (in Exchange System Manager) should be only allowing mail from the Postini IP Addresses and should have Anonymous Authentication enabled as a minimum.

Your firewall might be blocking your inbound emails - but only they will be able to tell you that as only they can connect to your server to send you emails if your server is configured properly.

Here if you need any further help.
0
Skystone2Author Commented:
I will give them a call and report the outcome of that call.  

For future reference - What site did you use to run the Domain report?

Thanks,
0
Alan HardistyCo-OwnerCommented:
I have a subscription to www.dnsstuff.com but you can use www.mxtoolbox.com to see where your MX records point to.
0
Skystone2Author Commented:
Hey Alan,

I was talked to my ISP who host my DNS records.  They said my emails aren't being filtered through Postini.  

Do you have any other suggestions?

Thanks,

Bobby
0
Alan HardistyCo-OwnerCommented:
Well, if your domain is yourdomain.com, then according to the following report - they are:

Your 4 MX records are:

400 yourdomain.com.s7b2.psmtp.com. [TTL=500] IP=64.18.6.14 (No Glue) [TTL=14400] [US]
100 yourdomain.com.s7a1.psmtp.com. [TTL=500] IP=64.18.6.10 (No Glue) [TTL=14400] [US]
200 yourdomain.com.s7a2.psmtp.com. [TTL=500] IP=64.18.6.11 (No Glue) [TTL=14400] [US]
300 yourdomain.com.s7b1.psmtp.com. [TTL=500] IP=64.18.6.13 (No Glue) [TTL=14400] [US]

If this isn't your domain - then please let me know what it is and I will hide it (like I will do to the domain above after your next post).
0
Skystone2Author Commented:
Thanks Alan,

I really appreciate all your help.  

Did you get the domain?  

I'm having another issue you may be able to assist me with.  A user has been trying to send an email to one of my end-user.  The end-user in question isn't receiving emails from one user.  The sender has carbon copied another user and myself on subsequent test emails that we received.  I have checked all of this user's subfolders, junk mail, quarantine and etc..., but the message isn't there.  I've checked my spam filter and it isn't there either.  I checked the "Message Tracking Center" for the email in question; when I perform a search on this users box the email shows up. However, when I look at the message history, its shows that SMTP: Message Delivered Locally to my email address and SMTP Store Driver: Message Delivered Locally to Store my email address.  

Bobby
0
Alan HardistyCo-OwnerCommented:
Did you email me something?  Haven't received anything.

Check for the email in OWA - just in case the local cache is corrupt.
0
Skystone2Author Commented:
The domain is domain.com

I did try looking for it using OWA.
0
Alan HardistyCo-OwnerCommented:
If the domain you just posted is your domain - then please visit http://www.checkor.com/ and have a read of the following article as you are an open relay:

http://support.microsoft.com/kb/324958

It's getting (well - it is late) for me (2:30am) and I need my beauty sleep.  Should be able to pick this up tomorrow.

Alan
0
Skystone2Author Commented:
Ok.  I checked it out.   It changed to an open relay when I changed it from "only the list below" to "all except the list below".   I thought it could potentially help with the mail flow issues. Should I just change it back to "only the list below"?

I'm going to reboot the exchange server when I awake in about 4 hours.  In what order should I reboot the frontend and backend?  

what should i try next?  

Thanks again.
0
Alan HardistyCo-OwnerCommented:
Yes - change it back to only the list below or you will have spammers relaying mail via your server and getting you blacklisted.

The order of rebooting isn't important.
0
Skystone2Author Commented:
I couldn't reboot the server this morning as I still had users connected.  What else can I try to remedy this issue?  

Any other suggestions for the user who is unable to receive emails from one sender and myself and others can?  

Thanks,
0
Alan HardistyCo-OwnerCommented:
Please close your Open Relay before you do anything else - you are leaving your server wide open and may have more problems than you currently have if you leave it open much longer.
0
Skystone2Author Commented:
I have closed the open relay.  

Any other suggestions?  

Thanks a million.
0
Skystone2Author Commented:
I went back and changed the setting to "Only the list below".  Checkor.com is still showing my mail server as being a open relay.  What else should I check or configure?  

 I spoke with my ISP and the technician believes the issue my be with RDNS not being setup. I'm now awaiting these changes to be made.   My only question is why didn't this become an issue until just now?  


Thanks,
0
Alan HardistyCo-OwnerCommented:
Have you restarted the SMTP Server service since you made those changes?

If not - please do.  If you have, please have a read of the following:

http://www.petri.co.il/preventing_exchange_2000_2003_from_relaying.htm

Once you have resolved the open relay, I'll tackle the other questions.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Skystone2Author Commented:
Okay.  I will restart the SMTP service tonight.   I will let you know when it is completed.  

Thanks,
0
Alan HardistyCo-OwnerCommented:
No problems - I should be about for about 3 or so hours.
0
Skystone2Author Commented:
I have corrected the open relay issue.  

I have also resolved most of my mail flow issues.  We currently use Vipre Email Security for filtering spam.  It's database was corrupted, therefore, causing some instability.  Since we have made the corrections to resolve the database issue.  

I am having one other issue that you may be able to assist me on.  There's one senders email that fails to get delivered to one of my end-user.  I see that the email hit my backend exchange server and transferred to the front-end server.   It get's to "SMTP: Message Submitted to Categorizer."  But never shows that it was delivered locally.  

What can be causing this issue and how do I resolve it?  

Thanks,
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Legacy OS

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.