New install Exchange 2013 CU2 - "4.7.0 Temporary server error. Please try again later. PRX5"

Posted on 2013-10-28
Last Modified: 2013-10-29
I have a new build of Ex13 CU2 which I migrated over from Ex07. Single server for all roles. Periodically I see this message right after "354 Start mail input":

Message or connection acked with status Retry and response 441 4.4.1 Error encountered while communicating with primary target IP address: ""421 4.4.2 Connection dropped due to ConnectionAborted."" Attempted failover to alternate host, but that did not succeed. Either there are no alternate hosts, or delivery failed to all alternate hosts. The last endpoint attempted was x.x.x.x:2525"

I originally saw this when receiving mail from my pbx on my lan.  Sending log from pbx:

12240 >>> Content-Transfer-Encoding: 7bit
12240 >>> <rest of the data>
12240 >>> .
12232 <<< 250 2.6.0 <> [InternalId=1550483193875] Queued mail for delivery
12232 >>> QUIT
12232 <<< 221 2.0.0 Service closing transmission channel
12240 <<< 451 4.7.0 Temporary server error. Please try again later. PRX5
12240 >>> QUIT
12240 <<< 221 2.0.0 Service closing transmission channel

It looks like the mail data is accepted, but then what is the error about?  Now that I have been looking at the logs, I also see legitimate outside mail getting the same error.  I have looked at other e-e posts but can't find a solution to this.

The fact that it mentions endpoint using port 2525 makes me think it's related to the default HUB recv connector, but I'm not sure where to look to get to the next step.  Users have complained that mail takes longer at times - I suspect this is the reason, and it gets through on the next attempt.

Exchange gurus, any help here?
Question by:dvanaken
  • 6
  • 3
LVL 41

Expert Comment

ID: 39605607
Check  AV and  Firewall. Disable it and check again.

Author Comment

ID: 39606021
Firewall is off per GPO, Symantec Mail Security for Exchange is active, and needs to remain so (and has been used here for many years with Ex07).  Is there is specific reason why AV could be a factor?  Have not ever seen that mentioned before.
LVL 41

Accepted Solution

Amit earned 500 total points
ID: 39606031
Symantec Mail Security for Exchange is this compatible with 2013? Can you check with vendor guide.

Author Comment

ID: 39606534
Yes, beginning with version 7 it supports Ex 2013. We have the latest version installed.
Free Gift Card with Acronis Backup Purchase!

Backup any data in any location: local and remote systems, physical and virtual servers, private and public clouds, Macs and PCs, tablets and mobile devices, & more! For limited time only, buy any Acronis backup products and get a FREE Amazon/Best Buy gift card worth up to $200!


Author Comment

ID: 39609850
Ok, for anybody else that runs into this, here is what is happening.  Amit was right - it was AV software related - sort of.  If you see this in your logs and it occurs just after a transaction ending with a 550 error, it may be Symantec Mail Security.  It turns out that if SMS AntiSpam is set to "reject spam", it calls a MSFT API to reject a message at the SMTP protocol level, sending the 550.  Due to some bug in the API, the very next message croaks with the above 441 message.  So this is a Symantec and/or MSFT problem.  The solution for me was to change SMS Antispam from "reject (spam) message" to "accept message", and then check... "but do not deliver".  This way the SMTP protocol is more normal but any message identified as spam is deleted.  There is also some confusion at Symantec about where the message is being scanned for spam.  I think it happens at the Transport level and not at the FrontEnd at all.  I could be wrong, but that seems to fit with the new 2013 architecture.  If anybody knows for sure I'd appreciate some confirmation.  Points to Amit for making me question Symantec a second time...

Author Closing Comment

ID: 39609852
LVL 41

Expert Comment

ID: 39609878
Thanks for the points and sharing the solution. As far as I know about 2013. We have 3 services related to hub. 2 resides on MBX role and one on CAS server. For more details:

Scanning part we need to check Symantec product guide.

Author Comment

ID: 39609890
Final note:  the errant API call is ReceiveMessageEventSource.RejectMessage in transport.smtp.  Maybe a few more RUs and we'll get this working correctly...

Author Comment

ID: 39609900
Amit - I actually studied that same technet post.  Unfortunately Symantec is not clear about where their product hooks in.  Their support is not up to speed on Ex2013.  I need to remember to wait a year...

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Not sure what the best email signature size is? Are you worried about email signature image size? Follow this best practice guide.
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
Familiarize people with the process of retrieving data from SQL Server using an Access pass-thru query. Microsoft Access is a very powerful client/server development tool. One of the ways that you can retrieve data from a SQL Server is by using a pa…
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now