?
Solved

New install Exchange 2013 CU2 - "4.7.0 Temporary server error. Please try again later. PRX5"

Posted on 2013-10-28
9
Medium Priority
?
2,236 Views
Last Modified: 2013-10-29
I have a new build of Ex13 CU2 which I migrated over from Ex07. Single server for all roles. Periodically I see this message right after "354 Start mail input":

Message or connection acked with status Retry and response 441 4.4.1 Error encountered while communicating with primary target IP address: ""421 4.4.2 Connection dropped due to ConnectionAborted."" Attempted failover to alternate host, but that did not succeed. Either there are no alternate hosts, or delivery failed to all alternate hosts. The last endpoint attempted was x.x.x.x:2525"

I originally saw this when receiving mail from my pbx on my lan.  Sending log from pbx:

12240 >>> Content-Transfer-Encoding: 7bit
12240 >>> <rest of the data>
12240 >>> .
12232 <<< 250 2.6.0 <201310241234.r9OCYL6S012229@pbx.domain.com> [InternalId=1550483193875] Queued mail for delivery
12232 >>> QUIT
12232 <<< 221 2.0.0 Service closing transmission channel
12240 <<< 451 4.7.0 Temporary server error. Please try again later. PRX5
12240 >>> QUIT
12240 <<< 221 2.0.0 Service closing transmission channel

It looks like the mail data is accepted, but then what is the error about?  Now that I have been looking at the logs, I also see legitimate outside mail getting the same error.  I have looked at other e-e posts but can't find a solution to this.

The fact that it mentions endpoint using port 2525 makes me think it's related to the default HUB recv connector, but I'm not sure where to look to get to the next step.  Users have complained that mail takes longer at times - I suspect this is the reason, and it gets through on the next attempt.

Exchange gurus, any help here?
0
Comment
Question by:dvanaken
  • 6
  • 3
9 Comments
 
LVL 44

Expert Comment

by:Amit
ID: 39605607
Check  AV and  Firewall. Disable it and check again.
0
 

Author Comment

by:dvanaken
ID: 39606021
Firewall is off per GPO, Symantec Mail Security for Exchange is active, and needs to remain so (and has been used here for many years with Ex07).  Is there is specific reason why AV could be a factor?  Have not ever seen that mentioned before.
0
 
LVL 44

Accepted Solution

by:
Amit earned 2000 total points
ID: 39606031
Symantec Mail Security for Exchange is this compatible with 2013? Can you check with vendor guide.
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 

Author Comment

by:dvanaken
ID: 39606534
Yes, beginning with version 7 it supports Ex 2013. We have the latest version installed.
0
 

Author Comment

by:dvanaken
ID: 39609850
Ok, for anybody else that runs into this, here is what is happening.  Amit was right - it was AV software related - sort of.  If you see this in your logs and it occurs just after a transaction ending with a 550 error, it may be Symantec Mail Security.  It turns out that if SMS AntiSpam is set to "reject spam", it calls a MSFT API to reject a message at the SMTP protocol level, sending the 550.  Due to some bug in the API, the very next message croaks with the above 441 message.  So this is a Symantec and/or MSFT problem.  The solution for me was to change SMS Antispam from "reject (spam) message" to "accept message", and then check... "but do not deliver".  This way the SMTP protocol is more normal but any message identified as spam is deleted.  There is also some confusion at Symantec about where the message is being scanned for spam.  I think it happens at the Transport level and not at the FrontEnd at all.  I could be wrong, but that seems to fit with the new 2013 architecture.  If anybody knows for sure I'd appreciate some confirmation.  Points to Amit for making me question Symantec a second time...
0
 

Author Closing Comment

by:dvanaken
ID: 39609852
Thanks!
0
 
LVL 44

Expert Comment

by:Amit
ID: 39609878
Thanks for the points and sharing the solution. As far as I know about 2013. We have 3 services related to hub. 2 resides on MBX role and one on CAS server. For more details:

http://blogs.technet.com/b/rischwen/archive/2013/03/13/exchange-2013-mail-flow-demystified-hopefully.aspx

Scanning part we need to check Symantec product guide.
0
 

Author Comment

by:dvanaken
ID: 39609890
Final note:  the errant API call is ReceiveMessageEventSource.RejectMessage in transport.smtp.  Maybe a few more RUs and we'll get this working correctly...
0
 

Author Comment

by:dvanaken
ID: 39609900
Amit - I actually studied that same technet post.  Unfortunately Symantec is not clear about where their product hooks in.  Their support is not up to speed on Ex2013.  I need to remember to wait a year...
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Are you looking for the options available for exporting EDB files to PST? You may be confused as they are different in different Exchange versions. Here, I will discuss some options available.
Phishing emails are a popular malware delivery vehicle for attack.  While there are many ways for an attacker to increase the chances of success for their phishing emails, one of the most effective methods involves spoofing the message to appear to …
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
Suggested Courses

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question