Exchange 2013 mail flow issues
Hello experts, I am being faced with an issue that I cannot resolve, and I hope someone has an idea.
I recently migrated from Exchange 2010 SP3 Windows Server 2008R2 to Exchange 2013 U2 on a new server Running Server 2012. This was my first 2013 migration so I am not sure I did everything correctly, but in the end everything was working properly with the exception of this issue.
My problem is with incoming mail flow. At seemingly radom intervals incoming mail flow will stop! If I go into the Exchange 2013 toolbox and open the queue viewer I can see all the messages stacking up. After a time frame ranging from about a half hour to 2 hours the flow returns and all the messages in the queue are delivered without issue. This occurs with both externaly sent mesasges and internally sent messages. In the queue viewer in the "queues" tab, I can scroll to the right and I see the error...
"[{LRT=(date\time);{LED=44
I have tried to locate a log that has the full error mesage in it but I have been upable to find the specific log in the endless Exchange log files. I found a few articles that mentioned either a firewall issue or the Exchange 2013 malware filter service. The article I found about the firewall did not mention what exactly in the firewall was the cause, but since it works sometimes I have to assume it is not that. I have used the command shell to disable the malware filter. I ams till having the issues.
Does anyone have any input?
I recently migrated from Exchange 2010 SP3 Windows Server 2008R2 to Exchange 2013 U2 on a new server Running Server 2012. This was my first 2013 migration so I am not sure I did everything correctly, but in the end everything was working properly with the exception of this issue.
My problem is with incoming mail flow. At seemingly radom intervals incoming mail flow will stop! If I go into the Exchange 2013 toolbox and open the queue viewer I can see all the messages stacking up. After a time frame ranging from about a half hour to 2 hours the flow returns and all the messages in the queue are delivered without issue. This occurs with both externaly sent mesasges and internally sent messages. In the queue viewer in the "queues" tab, I can scroll to the right and I see the error...
"[{LRT=(date\time);{LED=44
I have tried to locate a log that has the full error mesage in it but I have been upable to find the specific log in the endless Exchange log files. I found a few articles that mentioned either a firewall issue or the Exchange 2013 malware filter service. The article I found about the firewall did not mention what exactly in the firewall was the cause, but since it works sometimes I have to assume it is not that. I have used the command shell to disable the malware filter. I ams till having the issues.
Does anyone have any input?
If you have any anti-virus or malware scanning on that exchange server, I would stop them and see if that helps. If they are on there, the exchange folders should be exempted from real time protection.
Note there is a huge change in 2013 and mail flow is completely changed. You need to understand that first and then only you can troubleshoot it. Like, we have now two roles on in 2013. CAS/MBX and now mail flow service is split into both these roles. One on CAS and two on MBX role.
Service runs on CAS: FrontEnd Transport service
Service runs on MBX: Transport service and Mailbox Transport service
So, in case you have both role on same server, then you will see all three on one server else one on cas and two on mbx. also check application logs for errors.
Service runs on CAS: FrontEnd Transport service
Service runs on MBX: Transport service and Mailbox Transport service
So, in case you have both role on same server, then you will see all three on one server else one on cas and two on mbx. also check application logs for errors.
ASKER
I have restarted all Exchange services and the server itself numerous times. The restart does not resolve the flow issues. At this point the only thing that seems to resolve the issue is time, but again after a while the issue returns.
I have no A-V or any third party software running on the server at all it is a bare installation of just Exchange 2013.
Does anyone know where the log file that would have that full error message be, or what log catagory I should be looking in? I have check the Windows Evnetn log but find nothing in relation to that error.
I have no A-V or any third party software running on the server at all it is a bare installation of just Exchange 2013.
Does anyone know where the log file that would have that full error message be, or what log catagory I should be looking in? I have check the Windows Evnetn log but find nothing in relation to that error.
check the link posted above.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
This was the solution
I would buy you a beer! I had been going through this same issue for years, and couldn't figure out what was causing it (2008 R2 with Exchange 2013). The frustrating thing was that I would eventually get all mail, but the delays were horrible. Every now and again someone would reach out stating they got an NDR, but I'd usually get the message. The oddest part was that internal mail was delayed too. Until recently I'd be lucky if mail went through twice a day.
I encountered the same problem but found that I did not need to delete the DNS entries from the NIC properties.
Exchange's internal DNS lookups can be scope limited in:
Exchange Admin Center, servers, <server name>, DNS lookups, Internal DNS lookups properties. I changed it to "Custom settings" and listed only my internal DNS servers.
Flow was regular after that.
Exchange's internal DNS lookups can be scope limited in:
Exchange Admin Center, servers, <server name>, DNS lookups, Internal DNS lookups properties. I changed it to "Custom settings" and listed only my internal DNS servers.
Flow was regular after that.
http://msexchangeguru.com/2013/08/03/e2013-2010mailflowissue/