Solved

Exchange2010 SP3 UR7 Queue Viewer many messages type DnsConnectorDelivery 451.4.4.0 primary target ip address responded 421 4.2.1 unable to connect

Posted on 2014-12-03
16
1,016 Views
Last Modified: 2016-02-25
Hi there,
Running Exchange2010 SP3 UR7, have many messages sitting in the queue of type DnsConnectorDelivery 451 4.4.0 primary target ip address responded 421 4.2.1 unable to connect.  

The general and recepient tab of one of the message please note mydomain=my real domain name:

Identity: EXCHANGE3\402697\1840962
Subject: Undeliverable: Re: You have a $50 CVS reward waiting for you
Internet Message ID: <94350b71-ee7c-4938-989e-37491365d670@mydomain.com>
From Address: <>
Status: Ready
Size (KB): 6
Message Source Name: DSN
Source IP: 255.255.255.255
SCL: -1
Date Received: 12/2/2014 11:12:51 AM
Expiration Time: 12/4/2014 11:12:51 AM
Last Error: 400 4.4.7 Message delayed
Queue ID: EXCHANGE3\402697
Recipients:  CVScustomerrewards@vex5powervpsnode.link;2;2;400 4.4.7 Message delayed;0;CN=Internet Mail SMTP connector Exchange3,CN=Connections,CN=Exchange Routing Group (DWBGZMFD01QNBJR),CN=Routing Groups,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=My Domain,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=mydomain,DC=com

The recipient information:
CVScustomerrewards@vex5powervpsnode.link        ready    400 4.4.7 message delayed

Can someone please help me in identifying what is going on with my exchange, my antivirus is fine, filtering is fine running Sophos pure message.  Is my exchange sending spam? how and where can I block it?  Need help please.
Thanks
0
Comment
Question by:amanzoor
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 10
  • 6
16 Comments
 
LVL 12

Expert Comment

by:FarWest
ID: 40478684
first make sure that the server can access the internet, and do DNS query
using DNSLookup cmd command
0
 
LVL 4

Author Comment

by:amanzoor
ID: 40478719
Thanks fryezz:
From exchange2010
nslookup, just checked with many domains, even the ones which have the above error.  No issue, I get the reply:
Non-authoritative answer:
Name:    almanacstore.com
Address:  50.57.34.52

> aquavpshoster-40.link
Server:  vs1.mydomain.com
Address:  10.10.10.11

Non-authoritative answer:
Name:    aquavpshoster-40.link
Address:  50.2.23.21

> auraa.ca
Server:  vs1.mydomain.com
Address:  10.10.10.11

Non-authoritative answer:
Name:    auraa.ca
Address:  108.168.150.234
0
 
LVL 12

Expert Comment

by:FarWest
ID: 40478734
so check if you have any dns server setup in the send connector, and make sure that you don't set invalid external dns
0
Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

 
LVL 4

Author Comment

by:amanzoor
ID: 40478793
I have the following config for Hub transport, is this correct?
under EMC, Server config, Hub Transport:

I have two connectors:

Cleint Exchange3 and Default Exchange3:  both enabled
-Clicked on client exchange3 and under network tab, for IPV6andIPV4 port 587
-Authentication tab; transport layer TLS is checked, basic auth is checked, offer basic auth is checked, integrated windows auth is checked:
Under permissions group:
Checked, Anonymous users
Checked, Exchange users
Checked, Exchange servers
Checked legacy exchange servers

For default Exchange3:
Network tab has port 25 for IPv6 and 4
Authentication tab:
-Authentication tab; transport layer TLS is checked, basic auth is checked, offer basic auth is checked, integrated windows auth is checked:
Under permissions group:
Checked, Anonymous users    
Checked, Exchange users
Checked, Exchange servers
Checked legacy exchange servers
0
 
LVL 4

Author Comment

by:amanzoor
ID: 40478795
I will just let you know the send connector DNS.
0
 
LVL 4

Author Comment

by:amanzoor
ID: 40478805
2 connectors attached
connectors.docx
0
 
LVL 12

Accepted Solution

by:
FarWest earned 500 total points
ID: 40478825
in the first setting page try to select "use network card DNS Setting" since dns is working fine on cmd
and then restart hub-transport service
0
 
LVL 4

Author Comment

by:amanzoor
ID: 40478853
I made the change, you meant 'Exchange Transport' service? , cannot find hub-transport under services.msc.
0
 
LVL 12

Expert Comment

by:FarWest
ID: 40478860
yes,
any progress ?
0
 
LVL 4

Author Comment

by:amanzoor
ID: 40478862
I re-started the whole server.   Users will be running after me :)  Will let you know in few sec
0
 
LVL 4

Author Comment

by:amanzoor
ID: 40478901
168 to 162..............slowly going down, seems a good sign
0
 
LVL 4

Author Comment

by:amanzoor
ID: 40478935
All these emails end with '.link' and all of them have suspicious subject headers matching advertisements etc.  The number of list is just sitting there.  Can I delete them all?
0
 
LVL 12

Expert Comment

by:FarWest
ID: 40479222
yes sure,   utuse with ndr so users will be notified
0
 
LVL 4

Author Comment

by:amanzoor
ID: 40482104
Thanks fryezz:
Turned out to be all messages which Sophos antispam is trying to send to quarantine.  In any case removed all messages with NDR and the list of domains kept on shrinking to 10.  Thanks a lot.
0
 
LVL 4

Author Closing Comment

by:amanzoor
ID: 40482105
I really appreciate your time.
0
 
LVL 12

Expert Comment

by:FarWest
ID: 40484800
welcome anytime andI really enjoied discussion with you
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Exchange 2013 - Powershell output not showing all results 2 33
Exchange 2010 Server - Phishing attack 3 54
Exchange management shell 5 38
exchange 2007 5 21
Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
This video discusses moving either the default database or any database to a new volume.

697 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question