Solved

DNS Mail Exchange Records - Issue

Posted on 2012-12-23
8
659 Views
Last Modified: 2013-01-14
We are having an odd issue with mail being held up the queue viewer on SBS 2011 which happens randomly (Once a day or with a week gap in between) when email is sent externally (Internally we have no issues)

We have an external mail client and we are running Microsoft Exchange 2010. At the same time when mail is sent and received it is filtered by SMX.

We have a smart host setup already that is forwarding to SMX in Exchange / Organization / Hub Tranport / Send Connector. When an email is sent I can easily see it being forwarded to the FQDN address that we were supplied with by SMX in the queue viewer proving that the smart host is correctly forwarding email to SMX and in the SMX administrator console we can see the mail being received and sent out or filtered in other words. When the email is queued it shows up in the queue viewer under the SMX smart host and the FQDN that was used.

I have noticed we do not have a Mail Exchange record setup or anything related to mail on our DNS server could this be the issue? Any help would be much appreciated.
0
Comment
Question by:jdthedj
  • 4
  • 4
8 Comments
 
LVL 15

Expert Comment

by:achaldave
ID: 38717695
Your MX record is not used when you send email outside, the MX record is for receiving emails from outside and since you don't have that problem I am sure you have that setup on the name server for your domain. Since you are forwarding all your out going emails to smart host service, it looks to me as connectivity issue between the smart host and your exchange server. Do you see any pattern when the emails are held up in queue? Do you have any limit set on your connector? Check your firewall for any SMTP or ESMTP inspection configuration.
0
 
LVL 3

Author Comment

by:jdthedj
ID: 38721040
Hi Achaldave. I thought an MX record was used for sending email externally. By my understanding an MX record specifies how email should be routed with SMTP or should I be looking at this from a diffrent perspective such as having an MX record setup so when someone externally sends us an email or does an MX record lookup on us it uses the server in the MX record that we have created so that they can send us email?

I have not noticed any patterns only with what I mentioned.

The send connector does not have any restrictions set on it. I didn't know you could limit the connector. I only can see that you can limit the message size. Is there a way to check this?

There is nothing blocked on the firewall. There hasn't been any rules that I can see to do with SMTP and ESMTP I didn't think you had to set that up as normally port 25 is used to send out email which is already allowed not blocked.

Recently our emails have been queued again and I found this error

* Last Error: 400 4.4.7 Message delayed

Also I didn't mention the way that we get around this issue. We restart the DNS Client and DNS Server service on our exchange server and the queue clears.
0
 
LVL 15

Expert Comment

by:achaldave
ID: 38722077
The MX record you create for your domain is to receive emails from outside domains. It is not being used to route outgoing email.

When a server sends email to external domain it queries  DNS server to retrieve MX record for the domain it is sending email to and once the MX record successfully resolved it makes SMTP connection to the server resolved in the query. But since you are using smart host your server just forwards all emails to the smart host instead of delivering emails to each domain separately.

The limit set on the transport servers are applied to send connectors so you need to check the transport server properties.
http://technet.microsoft.com/en-us/library/bb123514%28v=exchg.141%29.aspx#EMC

Since restarting DNS server and client services resolves the issue, I think your DNS server is having issues, check the event logs for any DNS server errors.

Try specifying IP address of the smart host instead of FQDN.
0
 
LVL 3

Author Comment

by:jdthedj
ID: 38725285
Thank you Achaldave.

I checked the transport properties and nothing is being restricted.

What do you mean by specifiying the IP address of the smart host not the FQDN is this in the send connector?

I have checked for any errors in the DNS log and there is no errors being picked up. Only Event 3, 2 and 4 show . They are

Event 3 *The DNS server has shutdown
Event 2 *The DNS server has started
Event 4 *The DNS server has finished the background loading of zones. All zones are now available for DNS updates and zone transfers, as allowed by their individual zone configuration.

Event 4013 sometimes shows followed with Event 2 and 4 as described below

The DNS server is waiting for Active Directory Domain Services (AD DS) to signal that the initial synchronization of the directory has been completed. The DNS server service cannot start until the initial synchronization is complete because critical DNS data might not yet be replicated onto this domain controller. If events in the AD DS event log indicate that there is a problem with DNS name resolution, consider adding the IP address of another DNS server for this domain to the DNS server list in the Internet Protocol properties of this computer. This event will be logged every two minutes until AD DS has signaled that the initial synchronization has successfully completed.
0
6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

 
LVL 15

Accepted Solution

by:
achaldave earned 500 total points
ID: 38727923
Yes in send connector change the smarthost entry to IP address instead of name.

Check this link for troubleshooting event 4013
http://support.microsoft.com/kb/2001093

I the issue you are facing is realated to DNS, how your DNS is configured for forwarding? Is the server configured to forward DNS queries to your ISP's DNS servers?
0
 
LVL 3

Author Comment

by:jdthedj
ID: 38731497
Thank you Achaldave I am looking into the event 4013 error now. I have also changed the smarthost entry name to an IP address.

Yes the server is forwarding queries to our ISP's DNS servers. Would there be any way to confirm this process is happening correctly? Would I need to contact my ISP?
0
 
LVL 15

Expert Comment

by:achaldave
ID: 38744515
You can analyze the traffic from your server to the ISP for DNS queries. Since your server can resolve external hosts, the forwarding is working. I just wanted you to make user you are forwarding to ISP.
0
 
LVL 3

Author Comment

by:jdthedj
ID: 38749245
Cheers Achaldave. So far nothing has happened if this week ends and there is no queues then the issue has been fixed.
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
Familiarize people with the process of utilizing SQL Server views from within Microsoft Access. Microsoft Access is a very powerful client/server development tool. One of the SQL Server objects that you can interact with from within Microsoft Access…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now