Solved

Exchange 2010 outbound email hanging in Queue, all but HOMMAIL?

Posted on 2014-02-14
27
794 Views
Last Modified: 2014-02-16
Well, here we go....

The thing that sticks in my crawl about this is it started Wednesday at around 10:30am....Very near the time that there was an issue with all of Godaddy.com's servers.

But Godaddy insists this problem is on my end.  So I am begging the gents of the internet...YOU...to assist me with your great wisdom.  I've never been let down by EE, and I know this will be no exception.

Since wednesday the 12th, outbound email has begun to give the system warning that mail is delayed.

I will come clean and say I have a limited understanding of Exchange 2010, probably just enough to be dangerous.  I am always trying to learn and educate my-MS-self as my time allows.

I can see items in the Message Queue viewer and they give the error:
451 4.4.0 Primary terget IP address responded with: "421.4.2.1 Unable to connect."  Attempted failover to alternate host, but that did not succeed.  Either there are no alternate hosts, or delivery failed to all alternate hosts.

Now I did look at several instances of this error in EE,  The only step I tried was to flush the DNS with the cmd line ipconfig /flushdns.

Now here's something I can't explain...  I can send mail to my hotmail account from this box!  But not to gmail, or my godaddy hosted email, etc....it seems no other place can get the email.

LIke I said, exchange is still mysterious to me.  
things I have verified:
I have verified my DNS sync to godaddy is updating, and the MX record at godaddy is pointing to my exchange server...INBOUND mail is 100% full speed working.

I have verified my ip address has not changed from my ISP.

I have tested the outbound mail to hotmail 3 times successfully.
I have tested outbound email to any other server FAILS.

Server diagnostics all show healthy, even ran the exchange troubleshooter where it gathers info for about ten minutes and it shot back everything was just fine!  BPA tool I think?

I have verified there were no windows updates on 2/12 at all...when this all started.  I did go ahead and run the updates from 2/13 last night.

What i have not figured out how to verify is if ANY of the mails sent from 2/12 or 2/13 eventually went through as my client hasn't complained about this and the exchange message Queue viewer only shows me items with today's date.  (My ignorance of the message Queueu  viewer is apparent here as well...I just don't need to go into this very often)

I have bared my large sized soul before you all.... Number 5 need input!

Ike
0
Comment
Question by:Faxxer
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 16
  • 6
  • 5
27 Comments
 
LVL 74

Accepted Solution

by:
Jeffrey Kane - TechSoEasy earned 250 total points
ID: 39861019
Very probably a port blocking issue...

However the first thing you need to do is go to http://testconnectivity.microsoft.com and run the Outbound SMTP test to see what it reveals.

Jeff
0
 
LVL 35

Assisted Solution

by:Cris Hanna
Cris Hanna earned 250 total points
ID: 39861285
My question would be, are you sending mail via a smart host, IE. All mail from your exchange server goes to another server first and then they forward it on to the intended recipient?
0
 

Author Comment

by:Faxxer
ID: 39862208
What would you say if EVERY SINGLE test at the test connectivity site passed GREEN checks?

Is there any way to test if my isp is blocking something?  
Again, I can send to HOTMAIL from there just fine!!!

I am sending from the server directly.  no smarthost at all
0
Comparison of Amazon Drive, Google Drive, OneDrive

What is Best for Backup: Amazon Drive, Google Drive or MS OneDrive? In this free whitepaper we look at their performance, pricing, and platform availability to help you decide which cloud drive is right for your situation. Download and read the results of our testing for free!

 

Author Comment

by:Faxxer
ID: 39862209
My certificate is valid through godaddy also, just fyi.
0
 
LVL 35

Assisted Solution

by:Cris Hanna
Cris Hanna earned 250 total points
ID: 39862215
My next recommendation would be go to mxtoolbox.com and run their blacklist test
0
 

Author Comment

by:Faxxer
ID: 39862223
the mxtoolbox shows very little issues.

I do have a reverse dns mismatch, but i've had that since the beginning with no issues.

"Warning - Reverse DNS does not match SMTP Banner "

my isp would have to fix that wouldn't they?
0
 

Author Comment

by:Faxxer
ID: 39862224
I'm not on any blacklists at all
0
 
LVL 35

Expert Comment

by:Cris Hanna
ID: 39862232
You have this question in the Small Business Server zone, are you running SBS 2011?
0
 

Author Comment

by:Faxxer
ID: 39862252
Yes, running SBS 2011 running Exchange 2010
0
 
LVL 35

Expert Comment

by:Cris Hanna
ID: 39862259
Have you applied Exchange SP3?
Have you run the SBS BPA with update 5?
Have you tried running the Fix My Network Wizard?

You don't by chance have IPv6 disabled?
How much free space on the C drive?
0
 

Author Comment

by:Faxxer
ID: 39862263
Great Questions!

SP3 for exchange is installed.
I ran the Fix my network wizard earlier tonight, no joy.
I do run the BPA wizards regularly to check for health issues...usually pretty good and lean running machine...never anything critical...but I will run that again just to check right now...

I did not disable IPv6.
C drive is 340GB free of 464GB

p.s. sp3 for exchange has been running fine since August
0
 

Author Comment

by:Faxxer
ID: 39862283
BPA shows no real issues or warnings.  It's just as it's been for many months now.
0
 
LVL 74

Assisted Solution

by:Jeffrey Kane - TechSoEasy
Jeffrey Kane - TechSoEasy earned 250 total points
ID: 39862302
Do you have an SPF record configured in your public DNS?

If not, that definitely could be the cause.

Overall -- there are just a few things which can cause this problem and Alan Hardisty has put together a pretty good troubleshooting overview:
http://alanhardisty.wordpress.com/2010/02/25/problems-sending-emails-to-external-domains/

Info on how to create a proper SPF record is included on that page.

Jeff
0
 

Author Comment

by:Faxxer
ID: 39862315
Godaddy confirmed my SPF is good already today actually
0
 

Author Comment

by:Faxxer
ID: 39862337
however... maybe not.  Mxtoolbox is saying it's not valid.  But the guy I talked to at Godaddy said it was good today....

This inconsistency is cause for further investigation
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 39862338
What make/model Firewall are you using?
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 39862339
MX toolbox doesn't like the ~all on the end of SPF records and will show it being invalid because of that.  Post the record here if you want me to take a look at it.

Jeff
0
 

Author Comment

by:Faxxer
ID: 39862342
ok... Microsoft says it did find a valid SPF.../shrug of confusion
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 39862344
so, the firewall make/model is...??
0
 

Author Comment

by:Faxxer
ID: 39862354
I updated the TXT record to the one Microsoft suggested.  Will hold my breath.
0
 

Author Comment

by:Faxxer
ID: 39863093
The firewall is SonicWall TZ-105.  I've checked it out pretty good, I honestly don't believe it's the SonicWall.

However!  My first call to my ISP yielded ZERO help, the lady didn't even know what an Exchange server was...

I called again just now and the guy says... "Ya...we closed port 25 for non business customers."

I'm all like, "But we ARE a business customer and on a static IP!"

He says.. "ok, let me check on that for you.."

sigh!!!!!!

If this is the case, obviously the fix is near...I'll update soon...
0
 
LVL 35

Expert Comment

by:Cris Hanna
ID: 39863118
that could be the issue, however this points to another possibility.   Sounds like your ISP may simply handout IPs for business customers from it's pool of IPs for residential customers.   Some systems will detect this and still reject mail as well.  Some ISP's have distinctly different networks and support groups for consumer vs business.  Just food for thought.
0
 

Author Comment

by:Faxxer
ID: 39863125
They are still a small ISP, Fidelity Communications only in a few states.

They told me they've unblocked the port but I still can't telnet through the port.
I'm going to give them up to an hour before i call back
0
 

Author Comment

by:Faxxer
ID: 39863331
WEll they opened the port and boom...mail flowing again.  

What is so frustrating is they told me they don't close ports!!!  

It wasn't until I called and harrassed them that they admitted it.

what threw me was the exchange connector test succeeded!!!  How could it do that if the port was blocked????  That really confused me.

This case is closed.
0
 

Author Closing Comment

by:Faxxer
ID: 39863334
All the questions and follow up questions helped me to eventually push in the correct direction.  Thank you both
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 39863671
Y'know... the FIRST thing I suggested as the problem was a port issue!  I should have insisted that you follow up on that before we moved on.  Oh well...

:-)
0
 

Author Comment

by:Faxxer
ID: 39863884
I see what you mean.  I did learn alot from all the other posts and questions so I felt like it was a total learning experience.
0

Featured Post

Edgartown IT Case Study

Learn about Edgartown's quest to ensure the safety and security of the entire town's employee and citizen data. Read the case study!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Export details from Contacts in Exchange 3 35
Exec Database for Exchange 5 53
mailbox move or migrate 2 47
Exchange server Error 3 39
This article explains how to install and use the NTBackup utility that comes with Windows Server.
In-place Upgrading Dirsync to Azure AD Connect
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …
how to add IIS SMTP to handle application/Scanner relays into office 365.

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question