Exchange smart host send connector connexion timed out 421 4.4.1
Hi Experts,
We encounter a strange issue on a SBS 2011 with Exchange 2010 SP3 server. We send emails through our ISP smar host. Everything worked great since a long time and a day this error appeared:
541 4.4.0 Primary target IP address responded with: "421 4.4.1 Connection timed out." Attempted failover to alternate host, but that did not succeed. Either there are no alternate hosts, or delivery failed to all alternate hosts.
We contacted the ISP and after some tests, they claim that the problem couldn't be from their side.
I then tried to create a brand new send connector with this smart host with DNS name and then with IP address with the same result. I created a NAT rule on our USG 100 to give the right IP from our pool to the server which had the gateway one and tested it successfully. The mails are coming from the right IP and the reverse DNS is OK too.
I tried successfully to send mail with telnet from our Exchange server through the ISP smart host server. The mail came with the good source IP and host name too.
What can I do now please?
Thank you in advance for your precious help, best regards,
We encounter a strange issue on a SBS 2011 with Exchange 2010 SP3 server. We send emails through our ISP smar host. Everything worked great since a long time and a day this error appeared:
541 4.4.0 Primary target IP address responded with: "421 4.4.1 Connection timed out." Attempted failover to alternate host, but that did not succeed. Either there are no alternate hosts, or delivery failed to all alternate hosts.
We contacted the ISP and after some tests, they claim that the problem couldn't be from their side.
I then tried to create a brand new send connector with this smart host with DNS name and then with IP address with the same result. I created a NAT rule on our USG 100 to give the right IP from our pool to the server which had the gateway one and tested it successfully. The mails are coming from the right IP and the reverse DNS is OK too.
I tried successfully to send mail with telnet from our Exchange server through the ISP smart host server. The mail came with the good source IP and host name too.
What can I do now please?
Thank you in advance for your precious help, best regards,
I agree with Simon. The number of times I have called an ISP, they claim nothing is wrong, you persist, they go on hold "to check" and then it magically starts working is uncanny.
But back on topic. Normally when you get this error the problem is with the smart host. As Simon said, try to Telnet to it.
I am curious about the bigger picture here. You mentioned you have configured your mail server to always send out on the same IP and you have a reverse DNS configured for this IP. Any particular reason you are using the smart host and not just sending direct to DNS in the Send Connector?
But back on topic. Normally when you get this error the problem is with the smart host. As Simon said, try to Telnet to it.
I am curious about the bigger picture here. You mentioned you have configured your mail server to always send out on the same IP and you have a reverse DNS configured for this IP. Any particular reason you are using the smart host and not just sending direct to DNS in the Send Connector?
I had this exact issue earlier this week and the issue was down to a problem the ISP were having.
Did you confirm with the ISP support team that the smarthost name / IP address are correct?
Speak with the ISP support team and ask them to escalate the call, if nothing has changed your end then it can only be something their end...
Did you confirm with the ISP support team that the smarthost name / IP address are correct?
Speak with the ISP support team and ask them to escalate the call, if nothing has changed your end then it can only be something their end...
ASKER
Thank you for your answers,
I was sick, so excuse me for the delay...
When I test our customers Mail Server with MXToolBox, I receive no more error. The new NAT rule seems to have corrected the previous open relay error, which was a possible open relay configuration error because of quick connection lost, MXTB had not the necessary time to try to relay...
I can send mails with telnet from the customer's site and ours. We are both customers of the same ISP, which authorize only his customers (IP Range) to use this smart host.
I can send telnet mails from the customers server through another of ours customers mail server. So what can I do in more please?
Thank you in advance for your help !
I was sick, so excuse me for the delay...
When I test our customers Mail Server with MXToolBox, I receive no more error. The new NAT rule seems to have corrected the previous open relay error, which was a possible open relay configuration error because of quick connection lost, MXTB had not the necessary time to try to relay...
I can send mails with telnet from the customer's site and ours. We are both customers of the same ISP, which authorize only his customers (IP Range) to use this smart host.
I can send telnet mails from the customers server through another of ours customers mail server. So what can I do in more please?
Thank you in advance for your help !
If you are both on the same ISP then that points to the smart host being the cause and you have to bring the ISP in on the issue. If you are send email to other sites without a problem it is somewhere within the ISP network.
Simon.
Simon.
ASKER
I tested to switch back to the ISP smart host this morning and it worked for about 3 hours. Then it stopped working with the exactly same "Connection timed out" error. I wrote to the ISP and wait for their answer.
I looked up in the send log (C:\Program Files\Microsoft\Exchange Server\V14\TransportRoles\
Thanks in advance for your help, best regards,
I looked up in the send log (C:\Program Files\Microsoft\Exchange Server\V14\TransportRoles\
Thanks in advance for your help, best regards,
ASKER
New try, same result. I activated the smart host send connector ans disabled the other one for one hour in accordance with the ISP. We sent approximately 20 mails. The timed out connection error occurred three times. If we suspend and resume in the queue viewer, mails were sent for a while and the error occurred again...
The ISP can see only successful connections. In our Exchange smtpsend log, we can see only successful connections too. In which log could we see the timed out connection please ?
Nothing in the Windows eventvwr logs too...
Thank you in advance for your help !
The ISP can see only successful connections. In our Exchange smtpsend log, we can see only successful connections too. In which log could we see the timed out connection please ?
Nothing in the Windows eventvwr logs too...
Thank you in advance for your help !
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Here is the ISP response :
The technicians who are responsible for our outgoing mail have verified your logfile with our SMTP servers.
From 12:04:46 CEST we only see the "CONNECT", but no transmission dates (or data??). The sending "EHLO mail.customer.com" (from "2014-06-02T10: 04:46.729 Z, mail.isp.com smart host, 08D13C876463D1DB, 20,192.168.99.99:33253,99.
We can not find any problems on our side. Since there are no such problems with our other customers.
The technicians who are responsible for our outgoing mail have verified your logfile with our SMTP servers.
From 12:04:46 CEST we only see the "CONNECT", but no transmission dates (or data??). The sending "EHLO mail.customer.com" (from "2014-06-02T10: 04:46.729 Z, mail.isp.com smart host, 08D13C876463D1DB, 20,192.168.99.99:33253,99.
We can not find any problems on our side. Since there are no such problems with our other customers.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Well does your ISP limit the number of addressees on a mail? it may be that they say 5 is a limit. if you have 6 in total To: + CC: + BCC: it can be rejected with 421...
ASKER
Sorry for the delay, we are sticking on the backup send connector for the moment. We'll test it again when we have more time. We'll post a new answer later.
Thank you for your help !
Thank you for your help !
As long as you work on that basis, then your sanity will be fine.
Can you telnet in to port 25 of their server from your server? From another machine? If not, then something is wrong with their setup.
Can you telnet in to port 25 of another mail server? If so, then that definitely points to a problem with their server.
Simon.