New install Exchange 2013 CU2 - "4.7.0 Temporary server error. Please try again later. PRX5"

Posted on 2013-10-28
Last Modified: 2013-10-29
I have a new build of Ex13 CU2 which I migrated over from Ex07. Single server for all roles. Periodically I see this message right after "354 Start mail input":

Message or connection acked with status Retry and response 441 4.4.1 Error encountered while communicating with primary target IP address: ""421 4.4.2 Connection dropped due to ConnectionAborted."" Attempted failover to alternate host, but that did not succeed. Either there are no alternate hosts, or delivery failed to all alternate hosts. The last endpoint attempted was x.x.x.x:2525"

I originally saw this when receiving mail from my pbx on my lan.  Sending log from pbx:

12240 >>> Content-Transfer-Encoding: 7bit
12240 >>> <rest of the data>
12240 >>> .
12232 <<< 250 2.6.0 <> [InternalId=1550483193875] Queued mail for delivery
12232 >>> QUIT
12232 <<< 221 2.0.0 Service closing transmission channel
12240 <<< 451 4.7.0 Temporary server error. Please try again later. PRX5
12240 >>> QUIT
12240 <<< 221 2.0.0 Service closing transmission channel

It looks like the mail data is accepted, but then what is the error about?  Now that I have been looking at the logs, I also see legitimate outside mail getting the same error.  I have looked at other e-e posts but can't find a solution to this.

The fact that it mentions endpoint using port 2525 makes me think it's related to the default HUB recv connector, but I'm not sure where to look to get to the next step.  Users have complained that mail takes longer at times - I suspect this is the reason, and it gets through on the next attempt.

Exchange gurus, any help here?
Question by:dvanaken
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 3
LVL 43

Expert Comment

ID: 39605607
Check  AV and  Firewall. Disable it and check again.

Author Comment

ID: 39606021
Firewall is off per GPO, Symantec Mail Security for Exchange is active, and needs to remain so (and has been used here for many years with Ex07).  Is there is specific reason why AV could be a factor?  Have not ever seen that mentioned before.
LVL 43

Accepted Solution

Amit earned 500 total points
ID: 39606031
Symantec Mail Security for Exchange is this compatible with 2013? Can you check with vendor guide.
Forrester Webinar: xMatters Delivers 261% ROI

Guest speaker Dean Davison, Forrester Principal Consultant, explains how a Fortune 500 communication company using xMatters found these results: Achieved a 261% ROI, Experienced $753,280 in net present value benefits over 3 years and Reduced MTTR by 91% for tier 1 incidents.


Author Comment

ID: 39606534
Yes, beginning with version 7 it supports Ex 2013. We have the latest version installed.

Author Comment

ID: 39609850
Ok, for anybody else that runs into this, here is what is happening.  Amit was right - it was AV software related - sort of.  If you see this in your logs and it occurs just after a transaction ending with a 550 error, it may be Symantec Mail Security.  It turns out that if SMS AntiSpam is set to "reject spam", it calls a MSFT API to reject a message at the SMTP protocol level, sending the 550.  Due to some bug in the API, the very next message croaks with the above 441 message.  So this is a Symantec and/or MSFT problem.  The solution for me was to change SMS Antispam from "reject (spam) message" to "accept message", and then check... "but do not deliver".  This way the SMTP protocol is more normal but any message identified as spam is deleted.  There is also some confusion at Symantec about where the message is being scanned for spam.  I think it happens at the Transport level and not at the FrontEnd at all.  I could be wrong, but that seems to fit with the new 2013 architecture.  If anybody knows for sure I'd appreciate some confirmation.  Points to Amit for making me question Symantec a second time...

Author Closing Comment

ID: 39609852
LVL 43

Expert Comment

ID: 39609878
Thanks for the points and sharing the solution. As far as I know about 2013. We have 3 services related to hub. 2 resides on MBX role and one on CAS server. For more details:

Scanning part we need to check Symantec product guide.

Author Comment

ID: 39609890
Final note:  the errant API call is ReceiveMessageEventSource.RejectMessage in transport.smtp.  Maybe a few more RUs and we'll get this working correctly...

Author Comment

ID: 39609900
Amit - I actually studied that same technet post.  Unfortunately Symantec is not clear about where their product hooks in.  Their support is not up to speed on Ex2013.  I need to remember to wait a year...

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Marketers need statistics and metrics like everybody else needs oxygen. In this article we explain how to enable marketing campaign statistics for Microsoft Exchange mail.
Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…
how to add IIS SMTP to handle application/Scanner relays into office 365.

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question