Solved

Exchange 2003 Mail Flow Issues

Posted on 2012-04-10
26
265 Views
Last Modified: 2014-04-05
Hi All,

I am a new member to this forum. I am also a new Network Admin and I inherited Exchange 2003.

Problem:

I have had several clients who are unable to send emails to my firm. It only appears to be a few users from different domains (gmail.com, embarqmail.com, mckenzietank.com) These are the only domains that I'm aware of at the present time. The issue appears to happen with or without attachments.

Example 1 error message: "A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed: *****@mydomain.com (while not connected): 554 5.4.7 [internal] exceeded max time without delivery.

Example 2 error message:

"This is a warning message only. You do not need to resend your message. Delivery to the following recipient has been delayed: *****@mydomain.com Message will be retried for 2 more day (s) Technical details of temporary failure: Connection was dropped by remote host (Sent_Mail).

The only changes I've made was to the Default SMTP Virtual Server>Relay Restrictions from "Only the list below" to "All except the list below".

Could it be some sort of DNS or MX record issue? I know there haven't been any changes made. Just a thought.

Any help concerning this issue will be greatly appreciated.

Thanks,
Bobby
0
Comment
Question by:Skystone2
  • 13
  • 11
26 Comments
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 37827917
Hi Bobby and welcome to EE,

Is your Exchange Server part of a Small Business Server or is it just Exchange 2003 Server sitting on top of Windows 2003 Server?

If it is just Exchange 2003, please can you download and run the following Best Practises Analyzer tool and report back what it finds about your server:

http://www.microsoft.com/download/en/details.aspx?id=22485

If it is part of a Small Business Server, please download and run the following instead:

http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=5334

Thanks

Alan
0
 

Author Comment

by:Skystone2
ID: 37827991
Hi Alan,

Thanks for the quick response.

Here are the results of the best practice analyzer.

The principal for SSL certificate 'https://mydomain.com' does not appear to match the host address. Host address: mydomain.com. Principal: OU=Domain Control Validated, OU=PositiveSSL Wildcard, CN=*.mydomain.com.

The Intelligent Message Filter was not detected and at least one computer in the organization is running Exchange Server 2003. The Intelligent Message Filter can help reduce unsolicited commercial electronic messages.

The maximum incoming message size is set too high. This can cause reliability problems. Maximum message size is 40 MB.

The maximum outgoing message size is set too high. This can cause reliability problems. Maximum message size is 40 MB.

Cannot connect to the Windows Management Instrumentation (WMI) repository on server. This could be the result of a network or permissions problem. The tool will not analyze this server. Error: Access is denied.

Cannot connect to the Windows Management Instrumentation (WMI) repository on server. This could be the result of a network or permissions problem. The tool will not analyze this server. Error: Access is denied.

A public folder store is present on Exchange front-end server. This can cause data accessibility and system reliability problems.

Thanks,
Bobby
0
 

Author Comment

by:Skystone2
ID: 37828047
Hi Alan,

Exchange 2003 sits on Windows Server 2003 R2 Enterprise Edition.  

Thanks,
0
NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 37828062
Thanks for the information.  You accidentally posted your domain name in the last post, which I (as a Zone Advisor) have hidden for you to protect your identity (most Experts cannot do this, so please be careful when posting to not include details that would identify your company / domain / IP Addresses etc).

Having seen your domain name, I have run a Domain Report and see that your emails are sent to Postini before they are sent to your server for filtering, so there might be an issue between Postini and you.

Have you spoken to Postini?
0
 

Author Comment

by:Skystone2
ID: 37828163
Thanks for hiding my domain name.  

I have not spoken to Postini as of yet.   Should I just mention the problems I am having or are there specifics I should mention?  

Thanks,
0
 
LVL 76

Assisted Solution

by:Alan Hardisty
Alan Hardisty earned 500 total points
ID: 37828212
Mention to them that you are not receiving emails and they may tell you that they have a problem, or they may advise you that you have a problem!

If they advise you that you have a problem, see if they can explain why / what it might be and if you are not sure what that is, please let me know.

Ideally your SMTP Virtual Server (in Exchange System Manager) should be only allowing mail from the Postini IP Addresses and should have Anonymous Authentication enabled as a minimum.

Your firewall might be blocking your inbound emails - but only they will be able to tell you that as only they can connect to your server to send you emails if your server is configured properly.

Here if you need any further help.
0
 

Author Comment

by:Skystone2
ID: 37828276
I will give them a call and report the outcome of that call.  

For future reference - What site did you use to run the Domain report?

Thanks,
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 37828280
I have a subscription to www.dnsstuff.com but you can use www.mxtoolbox.com to see where your MX records point to.
0
 

Author Comment

by:Skystone2
ID: 37830226
Hey Alan,

I was talked to my ISP who host my DNS records.  They said my emails aren't being filtered through Postini.  

Do you have any other suggestions?

Thanks,

Bobby
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 37830232
Well, if your domain is yourdomain.com, then according to the following report - they are:

Your 4 MX records are:

400 yourdomain.com.s7b2.psmtp.com. [TTL=500] IP=64.18.6.14 (No Glue) [TTL=14400] [US]
100 yourdomain.com.s7a1.psmtp.com. [TTL=500] IP=64.18.6.10 (No Glue) [TTL=14400] [US]
200 yourdomain.com.s7a2.psmtp.com. [TTL=500] IP=64.18.6.11 (No Glue) [TTL=14400] [US]
300 yourdomain.com.s7b1.psmtp.com. [TTL=500] IP=64.18.6.13 (No Glue) [TTL=14400] [US]

If this isn't your domain - then please let me know what it is and I will hide it (like I will do to the domain above after your next post).
0
 

Author Comment

by:Skystone2
ID: 37830291
Thanks Alan,

I really appreciate all your help.  

Did you get the domain?  

I'm having another issue you may be able to assist me with.  A user has been trying to send an email to one of my end-user.  The end-user in question isn't receiving emails from one user.  The sender has carbon copied another user and myself on subsequent test emails that we received.  I have checked all of this user's subfolders, junk mail, quarantine and etc..., but the message isn't there.  I've checked my spam filter and it isn't there either.  I checked the "Message Tracking Center" for the email in question; when I perform a search on this users box the email shows up. However, when I look at the message history, its shows that SMTP: Message Delivered Locally to my email address and SMTP Store Driver: Message Delivered Locally to Store my email address.  

Bobby
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 37830756
Did you email me something?  Haven't received anything.

Check for the email in OWA - just in case the local cache is corrupt.
0
 

Author Comment

by:Skystone2
ID: 37830761
The domain is domain.com

I did try looking for it using OWA.
0
 
LVL 76

Assisted Solution

by:Alan Hardisty
Alan Hardisty earned 500 total points
ID: 37830769
If the domain you just posted is your domain - then please visit http://www.checkor.com/ and have a read of the following article as you are an open relay:

http://support.microsoft.com/kb/324958

It's getting (well - it is late) for me (2:30am) and I need my beauty sleep.  Should be able to pick this up tomorrow.

Alan
0
 

Author Comment

by:Skystone2
ID: 37831062
Ok.  I checked it out.   It changed to an open relay when I changed it from "only the list below" to "all except the list below".   I thought it could potentially help with the mail flow issues. Should I just change it back to "only the list below"?

I'm going to reboot the exchange server when I awake in about 4 hours.  In what order should I reboot the frontend and backend?  

what should i try next?  

Thanks again.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 37831290
Yes - change it back to only the list below or you will have spammers relaying mail via your server and getting you blacklisted.

The order of rebooting isn't important.
0
 

Author Comment

by:Skystone2
ID: 37832183
I couldn't reboot the server this morning as I still had users connected.  What else can I try to remedy this issue?  

Any other suggestions for the user who is unable to receive emails from one sender and myself and others can?  

Thanks,
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 37832229
Please close your Open Relay before you do anything else - you are leaving your server wide open and may have more problems than you currently have if you leave it open much longer.
0
 

Author Comment

by:Skystone2
ID: 37832702
I have closed the open relay.  

Any other suggestions?  

Thanks a million.
0
 

Author Comment

by:Skystone2
ID: 37834329
I went back and changed the setting to "Only the list below".  Checkor.com is still showing my mail server as being a open relay.  What else should I check or configure?  

 I spoke with my ISP and the technician believes the issue my be with RDNS not being setup. I'm now awaiting these changes to be made.   My only question is why didn't this become an issue until just now?  


Thanks,
0
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 500 total points
ID: 37834876
Have you restarted the SMTP Server service since you made those changes?

If not - please do.  If you have, please have a read of the following:

http://www.petri.co.il/preventing_exchange_2000_2003_from_relaying.htm

Once you have resolved the open relay, I'll tackle the other questions.
0
 

Author Comment

by:Skystone2
ID: 37834934
Okay.  I will restart the SMTP service tonight.   I will let you know when it is completed.  

Thanks,
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 37834943
No problems - I should be about for about 3 or so hours.
0
 

Assisted Solution

by:Skystone2
Skystone2 earned 0 total points
ID: 37843800
I have corrected the open relay issue.  

I have also resolved most of my mail flow issues.  We currently use Vipre Email Security for filtering spam.  It's database was corrupted, therefore, causing some instability.  Since we have made the corrections to resolve the database issue.  

I am having one other issue that you may be able to assist me on.  There's one senders email that fails to get delivered to one of my end-user.  I see that the email hit my backend exchange server and transferred to the front-end server.   It get's to "SMTP: Message Submitted to Categorizer."  But never shows that it was delivered locally.  

What can be causing this issue and how do I resolve it?  

Thanks,
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Lotus Notes – formerly IBM Notes – is an email client application, while IBM Domino (earlier Lotus Domino) is an email server. The client possesses a set of features that are even more advanced as compared to that of Outlook. Likewise, IBM Domino is…
It’s been over a month into 2017, and there is already a sophisticated Gmail phishing email making it rounds. New techniques and tactics, have given hackers a way to authentically impersonate your contacts.How it Works The attack works by targeti…
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

792 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question