Link to home
Create AccountLog in
Avatar of Member_2_6492660_1
Member_2_6492660_1Flag for United States of America

asked on

Exchange Queues are stuck on Retry DNSConnectorDelivery

Exchange 2016 DAG 2 Nodes CU10
Windows 2016 Data Center
VMware ESXI 6.5

Today I got alerted that my Queues are full with many messages on both nodes.

I did a get-queue command and found this

Identity       DeliveryType         Status MessageCount Velocity RiskLevel OutboundIPPool NextHopDomain
--------       ------------         ------ ------------ -------- --------- -------------- -------------
TGCS021-N1\13  DnsConnectorDelivery Active 152          0.02     Normal    0              tiscali.it
TGCS021-N1\96  DnsConnectorDelivery Retry  1            0        Normal    0              barbara-lankester.com
TGCS021-N1\130 DnsConnectorDelivery Retry  1            0        Normal    0              prhc.net
TGCS021-N1\133 DnsConnectorDelivery Ready  47           0        Normal    0              verizon.net
TGCS021-N1\145 DnsConnectorDelivery Retry  1            0        Normal    0              olympiacapital.com
Many more

How can I clear this

I tried this

remove-mssage -identity tgcs01-n1 -wthndr $false

Cannot process argument transformation on parameter 'Identity'. Cannot convert value "tgcs021-n1" to type
"Microsoft.Exchange.Data.QueueViewer.MessageIdentity". Error: "The input string supplied as a message internal
identity cannot be parsed as a long value.
Parameter name: Identity"
    + CategoryInfo          : InvalidData: (:) [Remove-Message], ParameterBindin...mationException
    + FullyQualifiedErrorId : ParameterArgumentTransformationError,Remove-Message
    + PSComputerName        : tgcs021-n1.our.network.tgcsnet.com

I went to the Exchange toolbox Queue Viewer but that only lets you remove one at a time it would take forever to do over a 1000 of these


Any ideas

See image

User generated image
Avatar of timgreen7077
timgreen7077

you can try the following to clear all the message at once:

Get-TransportService | Get-Queue | Get-Message -ResultSize unlimited | Remove-Message -WithNDR $False
Avatar of Member_2_6492660_1

ASKER

Tim

No outgoing email is working  

Running the command now taking a long time

I recently changed my Public facing Ip address  made the DNS changes up on godaddy.com inbound mail works fine.
OWA works iPhone email accounts working just ca not send now

Also I am setup on a Kemp Load Balancer

Thoughts?
Tim

The command failed

[PS] C:\Windows\system32>Get-TransportService | Get-Queue | Get-Message -ResultSize unlimited | Remove-Message -WithNDR
$False
Processing data for a remote command failed with the following error message: <!DOCTYPE html>
<html>
    <head>
        <title>Exception of type 'System.OutOfMemoryException' was thrown.</title>
        <meta name="viewport" content="width=device-width" />
        <style>
         body {font-family:"Verdana";font-weight:normal;font-size: .7em;color:black;}
         p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
         b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
         H1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
         H2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
         pre {font-family:"Consolas","Lucida Console",Monospace;font-size:11pt;margin:0;padding:0.5em;line-height:14pt}
         .marker {font-weight: bold; color: black;text-decoration: none;}
         .version {color: gray;}
         .error {margin-bottom: 10px;}
         .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
         @media screen and (max-width: 639px) {
          pre { width: 440px; overflow: auto; white-space: pre-wrap; word-wrap: break-word; }
         }
         @media screen and (max-width: 479px) {
          pre { width: 280px; }
         }
        </style>
    </head>
    <body bgcolor="white">
            <span><H1>Server Error in '/Powershell' Application.<hr width=100% size=1 color=silver></H1>
            <h2> <i>Exception of type 'System.OutOfMemoryException' was thrown.</i> </h2></span>
            <font face="Arial, Helvetica, Geneva, SunSans-Regular, sans-serif ">
            <b> Description: </b>An unhandled exception occurred during the execution of the current web request.
Please review the stack trace for more information about the error and where it originated in the code.
            <br><br>
            <b> Exception Details: </b>System.OutOfMemoryException: Exception of type 'System.OutOfMemoryException'
was thrown.<br><br>
            <b>Source Error:</b> <br><br>
            <table width=100% bgcolor="#ffffcc">
               <tr>
                  <td>
                      <code>
An unhandled exception was generated during the execution of the current web request. Information regarding the origin
and location of the exception can be identified using the exception stack trace below.</code>
                  </td>
               </tr>
            </table>
            <br>
            <b>Stack Trace:</b> <br><br>
            <table width=100% bgcolor="#ffffcc">
               <tr>
                  <td>
                      <code><pre>
[OutOfMemoryException: Exception of type &#39;System.OutOfMemoryException&#39; was thrown.]
   Microsoft.Exchange.HttpProxy.AnchorMailbox.InvalidateCache() +0
   Microsoft.Exchange.HttpProxy.RemotePowerShellProxyRequestHandler.UpdateOrInvalidateAnchorMailboxCache(Guid mdbGuid,
String resourceForest) +115
   Microsoft.Exchange.HttpProxy.ProxyRequestHandler.InvalidateBackEndServerCache(HttpWebResponse response, Boolean
invalidateAnchorMailboxCache) +1145
   Microsoft.Exchange.HttpProxy.ProxyRequestHandler.InvalidateBackEndServerCacheSetDelay(HttpWebResponse response,
Boolean alwaysDelay, Boolean invalidateAnchorMailboxCache) +25
   Microsoft.Exchange.HttpProxy.ProxyRequestHandler.HandleWebExceptionConnectivityError(WebException exception) +196
   Microsoft.Exchange.HttpProxy.ProxyRequestHandler.HandleWebException(WebException exception) +54
   Microsoft.Exchange.HttpProxy.ProxyRequestHandler.CompleteWithError(Exception ex, String label) +349
   Microsoft.Exchange.HttpProxy.&lt;&gt;c__DisplayClass198_0.&lt;OnResponseReady&gt;b__0() +2168
   Microsoft.Exchange.Common.IL.ILUtil.DoTryFilterCatch(Action tryDelegate, Func`2 filterDelegate, Action`1
catchDelegate) +35
   Microsoft.Exchange.HttpProxy.ProxyRequestHandler.CallThreadEntranceMethod(Action method) +59
[AggregateException: One or more errors occurred.]
   Microsoft.Exchange.HttpProxy.ProxyRequestHandler.EndProcessRequest(IAsyncResult result) +406
   System.Web.CallHandlerExecutionStep.InvokeEndHandler(IAsyncResult ar) +212
   System.Web.CallHandlerExecutionStep.OnAsyncHandlerCompletion(IAsyncResult ar) +166
</pre></code>
                  </td>
               </tr>
            </table>
            <br>
            <hr width=100% size=1 color=silver>
            <b>Version Information:</b>&nbsp;Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.7.3282.0
            </font>
    </body>
</html>
<!--
[OutOfMemoryException]: Exception of type &#39;System.OutOfMemoryException&#39; was thrown.
   at Microsoft.Exchange.HttpProxy.AnchorMailbox.InvalidateCache()
   at Microsoft.Exchange.HttpProxy.RemotePowerShellProxyRequestHandler.UpdateOrInvalidateAnchorMailboxCache(Guid
mdbGuid, String resourceForest)
   at Microsoft.Exchange.HttpProxy.ProxyRequestHandler.InvalidateBackEndServerCache(HttpWebResponse response, Boolean
invalidateAnchorMailboxCache)
   at Microsoft.Exchange.HttpProxy.ProxyRequestHandler.InvalidateBackEndServerCacheSetDelay(HttpWebResponse response,
Boolean alwaysDelay, Boolean invalidateAnchorMailboxCache)
   at Microsoft.Exchange.HttpProxy.ProxyRequestHandler.HandleWebExceptionConnectivityError(WebException exception)
   at Microsoft.Exchange.HttpProxy.ProxyRequestHandler.HandleWebException(WebException exception)
   at Microsoft.Exchange.HttpProxy.ProxyRequestHandler.CompleteWithError(Exception ex, String label)
   at Microsoft.Exchange.HttpProxy.ProxyRequestHandler.<>c__DisplayClass198_0.<OnResponseReady>b__0()
   at Microsoft.Exchange.Common.IL.ILUtil.DoTryFilterCatch(Action tryDelegate, Func`2 filterDelegate, Action`1
catchDelegate)
   at Microsoft.Exchange.HttpProxy.ProxyRequestHandler.CallThreadEntranceMethod(Action method)
[AggregateException]: One or more errors occurred.
   at Microsoft.Exchange.HttpProxy.ProxyRequestHandler.EndProcessRequest(IAsyncResult result)
   at System.Web.HttpApplication.CallHandlerExecutionStep.InvokeEndHandler(IAsyncResult ar)
   at System.Web.HttpApplication.CallHandlerExecutionStep.OnAsyncHandlerCompletion(IAsyncResult ar)
-->[ClientAccessServer=TGCS021-N1,BackEndServer=tgcs021-n1.our.network.tgcsnet.com,RequestId=3349ff69-86b5-4c0a-8424-93
1a65c6551a,TimeStamp=2/5/2019 2:00:41 AM]  For more information, see the about_Remote_Troubleshooting Help topic.
    + CategoryInfo          : OperationStopped: (tgcs021-n1.our.network.tgcsnet.com:String) [], PSRemotingTransportExc
   eption
    + FullyQualifiedErrorId : JobFailure
    + PSComputerName        : tgcs021-n1.our.network.tgcsnet.com


Confirm
Are you sure you want to perform this action?
Removing the message "TGCS021-N1\96\24661702213723".
[Y] Yes  [A] Yes to All  [N] No  [L] No to All  [?] Help (default is "Y"):

Confirm
Are you sure you want to perform this action?
Removing the message "TGCS021-N1\130\24661702213753".
[Y] Yes  [A] Yes to All  [N] No  [L] No to All  [?] Help (default is "Y"):

Confirm
Are you sure you want to perform this action?
Removing the message "TGCS021-N1\138\24661702213753".
[Y] Yes  [A] Yes to All  [N] No  [L] No to All  [?] Help (default is "Y"):

Confirm
Are you sure you want to perform this action?
Removing the message "TGCS021-N1\145\24661702213753".
[Y] Yes  [A] Yes to All  [N] No  [L] No to All  [?] Help (default is "Y"): a
The requested operation can't be performed for the object with identity TGCS021-N1\12537\24670292152540.
    + CategoryInfo          : InvalidOperation: (:) [Remove-Message], LocalizedException
    + FullyQualifiedErrorId : [Server=TGCS021-N1,RequestId=9580eb34-2ba3-43e3-bf84-25da17cd68ee,TimeStamp=2/5/2019 2:3
   2:14 AM] [FailureCategory=Cmdlet-LocalizedException] C22375AD,Microsoft.Exchange.Management.QueueViewerTasks.Remov
  eMessage
    + PSComputerName        : tgcs021-n1.our.network.tgcsnet.com

The requested operation can't be performed for the object with identity TGCS021-N1\15358\24674587117282.
    + CategoryInfo          : InvalidOperation: (:) [Remove-Message], LocalizedException
    + FullyQualifiedErrorId : [Server=TGCS021-N1,RequestId=9580eb34-2ba3-43e3-bf84-25da17cd68ee,TimeStamp=2/5/2019 2:3
   2:16 AM] [FailureCategory=Cmdlet-LocalizedException] 6CB11F5C,Microsoft.Exchange.Management.QueueViewerTasks.Remov
  eMessage
    + PSComputerName        : tgcs021-n1.our.network.tgcsnet.com

The requested operation can't be performed for the object with identity TGCS021-N1\16222\24665997185307.
    + CategoryInfo          : InvalidOperation: (:) [Remove-Message], LocalizedException
    + FullyQualifiedErrorId : [Server=TGCS021-N1,RequestId=9580eb34-2ba3-43e3-bf84-25da17cd68ee,TimeStamp=2/5/2019 2:3
   2:17 AM] [FailureCategory=Cmdlet-LocalizedException] 56868BF3,Microsoft.Exchange.Management.QueueViewerTasks.Remov
  eMessage
    + PSComputerName        : tgcs021-n1.our.network.tgcsnet.com

The requested operation can't be performed for the object with identity TGCS021-N1\18750\24674587124797.
    + CategoryInfo          : InvalidOperation: (:) [Remove-Message], LocalizedException
    + FullyQualifiedErrorId : [Server=TGCS021-N1,RequestId=9580eb34-2ba3-43e3-bf84-25da17cd68ee,TimeStamp=2/5/2019 2:3
   2:20 AM] [FailureCategory=Cmdlet-LocalizedException] B7281184,Microsoft.Exchange.Management.QueueViewerTasks.Remov
  eMessage
    + PSComputerName        : tgcs021-n1.our.network.tgcsnet.com

The requested operation can't be performed for the object with identity TGCS021-N1\18750\24678882088075.
    + CategoryInfo          : InvalidOperation: (:) [Remove-Message], LocalizedException
    + FullyQualifiedErrorId : [Server=TGCS021-N1,RequestId=9580eb34-2ba3-43e3-bf84-25da17cd68ee,TimeStamp=2/5/2019 2:3
   2:20 AM] [FailureCategory=Cmdlet-LocalizedException] E8F6FEE,Microsoft.Exchange.Management.QueueViewerTasks.Remove
  Message
    + PSComputerName        : tgcs021-n1.our.network.tgcsnet.com

The requested operation can't be performed for the object with identity TGCS021-N1\19872\24674587126480.
    + CategoryInfo          : InvalidOperation: (:) [Remove-Message], LocalizedException
    + FullyQualifiedErrorId : [Server=TGCS021-N1,RequestId=9580eb34-2ba3-43e3-bf84-25da17cd68ee,TimeStamp=2/5/2019 2:3
   2:20 AM] [FailureCategory=Cmdlet-LocalizedException] C3E92DF3,Microsoft.Exchange.Management.QueueViewerTasks.Remov
  eMessage
    + PSComputerName        : tgcs021-n1.our.network.tgcsnet.com

[PS] C:\Windows\system32>

Queues still full
try restarting the transport services on the servers.
Tim

Restarted the transport service on both nodes.

Still have 1000 queue entries which they each have 1 to many emails   a few have status of ready most in retry status

Is there an outgoing test I can run that might help us?

Thoughts
Make sure that your hard drive isn't full because that could cause this issue also. Also have you changed anything with your network. Issue may be with your send connector or smarthosts, also i would restart the Transport queues again until the queues clear.
Tim

My hard drives are fine.

I amm getting a lot of Undeliverable Contact him emails   Delivery delayed : contact him

mail@4mecsalunettes.com
mx-vit.online.net
Remote Server returned '550 relay not permitted'



my send connector settings

[PS] C:\Windows\system32>get-sendconnector | fl


AddressSpaces                : {SMTP:*;1}
AuthenticationCredential     :
CloudServicesMailEnabled     : False
Comment                      :
ConnectedDomains             : {}
ConnectionInactivityTimeOut  : 00:10:00
ConnectorType                : Default
DNSRoutingEnabled            : True
DomainSecureEnabled          : False
Enabled                      : True
ErrorPolicies                : Default
ForceHELO                    : False
Fqdn                         :
FrontendProxyEnabled         : False
HomeMTA                      : Microsoft MTA
HomeMtaServerId              : TGCS021-N1
Identity                     : TGCSNET
IgnoreSTARTTLS               : False
IsScopedConnector            : False
IsSmtpConnector              : True
MaxMessageSize               : 10 MB (10,485,760 bytes)
Name                         : TGCSNET
Port                         : 25
ProtocolLoggingLevel         : Verbose
Region                       : NotSpecified
RequireOorg                  : False
RequireTLS                   : False
SmartHostAuthMechanism       : None
SmartHosts                   : {}
SmartHostsString             :
SmtpMaxMessagesPerConnection : 20
SourceIPAddress              : 0.0.0.0
SourceRoutingGroup           : Exchange Routing Group (DWBGZMFD01QNBJR)
SourceTransportServers       : {TGCS021-N2, TGCS021-N1}
TlsAuthLevel                 :
TlsCertificateName           :
TlsDomain                    :
UseExternalDNSServersEnabled : False


see anything wrong?


On the network I had an issue with the cluster failing  in a daily report I get I found that I was missing a nic on both nodes when i added it back I set the ip addresses incorrectly  I changed them two days ago  

Tom
Tim

Was on the phone with Kemp we ran wireshark on the server and found the same errors as I did in the queue.

It all is spam emails so some how they might be using my exchange server as a relay

What can I check?

Tom
Looks like you have DNSRoutingEnabled set to True, so your DNS servers that you have Exchange looking at may be what's causing the issue. If you log onto the Exchange ECP and go to Servers > Servers > Double click the exchange server > DNS Lookups under External looks are you showing an IP address? If so that may be where your issue is happening. There is something going on with your DNS. You can remove that IP or try to put the IP for your gateway and test. you could also completely remove that IP address complete and select all network adapters, and them make sure that your send connector is pointing to a smart host or select the option "MX record associated with recipient domain"
Tim

I had  all networks adapters (All available IPV4) selected on the external DNS

I switched it to my network adapter which then presented my two DNS servers internal ip addresses.


My send connector has MX record associated with the recipient domain set.


I tried the powershell command you sent me to try and delete the queue entries but it failed again.

How can I delete all of these ?  I tried manually but it is taking forever



can it be someone relaying emails off my exchange servers?  if so how to stop that?

Thanks

Tom
the cmdlets I provided should work unless something is up with you servers. you may have to reboot.
Tim

I ran the command on both nodes

Node 1

[PS] C:\Windows\system32>Get-TransportService | Get-Queue | Get-Message -ResultSize unlimited | Remove-Message -WithNDR
$False
Processing data for a remote command failed with the following error message: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML
1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>IIS 10.0 Detailed Error - 500.0 - Internal Server Error</title>
<style type="text/css">
<!--
body{margin:0;font-size:.7em;font-family:Verdana,Arial,Helvetica,sans-serif;}
code{margin:0;color:#006600;font-size:1.1em;font-weight:bold;}
.config_source code{font-size:.8em;color:#000000;}
pre{margin:0;font-size:1.4em;word-wrap:break-word;}
ul,ol{margin:10px 0 10px 5px;}
ul.first,ol.first{margin-top:5px;}
fieldset{padding:0 15px 10px 15px;word-break:break-all;}
.summary-container fieldset{padding-bottom:5px;margin-top:4px;}
legend.no-expand-all{padding:2px 15px 4px 10px;margin:0 0 0 -12px;}
legend{color:#333333;;margin:4px 0 8px -12px;_margin-top:0px;
font-weight:bold;font-size:1em;}
a:link,a:visited{color:#007EFF;font-weight:bold;}
a:hover{text-decoration:none;}
h1{font-size:2.4em;margin:0;color:#FFF;}
h2{font-size:1.7em;margin:0;color:#CC0000;}
h3{font-size:1.4em;margin:10px 0 0 0;color:#CC0000;}
h4{font-size:1.2em;margin:10px 0 5px 0;
}#header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS",Verdana,sans-serif;
 color:#FFF;background-color:#5C87B2;
}#content{margin:0 0 0 2%;position:relative;}
.summary-container,.content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;}
.content-container p{margin:0 0 10px 0;
}#details-left{width:35%;float:left;margin-right:2%;
}#details-right{width:63%;float:left;overflow:hidden;
}#server_version{width:96%;_height:1px;min-height:1px;margin:0 0 5px 0;padding:11px 2% 8px 2%;color:#FFFFFF;
 background-color:#5A7FA5;border-bottom:1px solid #C1CFDD;border-top:1px solid #4A6C8E;font-weight:normal;
 font-size:1em;color:#FFF;text-align:right;
}#server_version p{margin:5px 0;}
table{margin:4px 0 4px 0;width:100%;border:none;}
td,th{vertical-align:top;padding:3px 0;text-align:left;font-weight:normal;border:none;}
th{width:30%;text-align:right;padding-right:2%;font-weight:bold;}
thead th{background-color:#ebebeb;width:25%;
}#details-right th{width:20%;}
table tr.alt td,table tr.alt th{}
.highlight-code{color:#CC0000;font-weight:bold;font-style:italic;}
.clear{clear:both;}
.preferred{padding:0 5px 2px 5px;font-weight:normal;background:#006633;color:#FFF;font-size:.8em;}
-->
</style>

</head>
<body>
<div id="content">
<div class="content-container">
  <h3>HTTP Error 500.0 - Internal Server Error</h3>
  <h4>The page cannot be displayed because an internal server error has occurred.</h4>
</div>
<div class="content-container">
 <fieldset><h4>Most likely causes:</h4>
  <ul>  <li>IIS received the request; however, an internal error occurred during the processing of the request. The
root cause of this error depends on which module handles the request and what was happening in the worker process when
this error occurred.</li>       <li>IIS was not able to access the web.config file for the Web site or application. This
can occur if the NTFS permissions are set incorrectly.</li>     <li>IIS was not able to process configuration for the Web
site or application.</li>       <li>The authenticated user does not have permission to use this DLL.</li>       <li>The request
is mapped to a managed handler but the .NET Extensibility Feature is not installed.</li> </ul>
 </fieldset>
</div>
<div class="content-container">
 <fieldset><h4>Things you can try:</h4>
  <ul>  <li>Ensure that the NTFS permissions for the web.config file are correct and allow access to the Web server's
machine account.</li>   <li>Check the event logs to see if any additional information was logged.</li>  <li>Verify the
permissions for the DLL.</li>   <li>Install the .NET Extensibility feature if the request is mapped to a managed
handler.</li>   <li>Create a tracing rule to track failed requests for this HTTP status code. For more information
about creating a tracing rule for failed requests, click <a
href="http://go.microsoft.com/fwlink/?LinkID=66439">here</a>. </li> </ul>
 </fieldset>
</div>

<div class="content-container">
 <fieldset><h4>Detailed Error Information:</h4>
  <div id="details-left">
   <table border="0" cellpadding="0" cellspacing="0">
    <tr class="alt"><th>Module</th><td>&nbsp;&nbsp;&nbsp;IIS Web Core</td></tr>
    <tr><th>Notification</th><td>&nbsp;&nbsp;&nbsp;BeginRequest</td></tr>
    <tr class="alt"><th>Handler</th><td>&nbsp;&nbsp;&nbsp;ExtensionlessUrlHandler-Integrated-4.0</td></tr>
    <tr><th>Error Code</th><td>&nbsp;&nbsp;&nbsp;0x800705aa</td></tr>

   </table>
  </div>
  <div id="details-right">
   <table border="0" cellpadding="0" cellspacing="0">
    <tr class="alt"><th>Requested URL</th><td>&nbsp;&nbsp;&nbsp;https://tgcs021-n1.our.network.tgcsnet.com:444/powershe
ll?serializationLevel=Full;ExchClientVer=15.1.1531.3;clientApplication=ManagementShell;TargetServer=;PSVersion=5.1.1439
3.2636&amp;sessionID=Version_15.1_(Build_1530.3)=rJqNiZqNgau4vKzPzc7Ssc7RkIqN0ZGai4iQjZTRi5icjJGai9GckJKBzsbLzc/JzcrHyI
HNz87G0s/N0s/Kq8/Jxc/GxczM</td></tr>
    <tr><th>Physical Path</th><td>&nbsp;&nbsp;&nbsp;G:\Program Files\Microsoft\Exchange
Server\V15\ClientAccess\PowerShell-Proxy</td></tr>
    <tr class="alt"><th>Logon Method</th><td>&nbsp;&nbsp;&nbsp;Not yet determined</td></tr>
    <tr><th>Logon User</th><td>&nbsp;&nbsp;&nbsp;Not yet determined</td></tr>

   </table>
   <div class="clear"></div>
  </div>
 </fieldset>
</div>

<div class="content-container">
 <fieldset><h4>More Information:</h4>
  This error means that there was a problem while processing the request. The request was received by the Web server,
but during processing a fatal error occurred, causing the 500 error.
  <p><a href="http://go.microsoft.com/fwlink/?LinkID=62293&IIS70Error=500,0,0x800705aa,14393">View more
information &raquo;</a></p>
  <p>Microsoft Knowledge Base Articles:</p>
 <ul><li>294807</li></ul>

 </fieldset>
</div>
</div>
</body>
</html>
Error occurred during the Kerberos reponse.
[Server=TGCS021-N1, TimeStamp = 25/2019 00:59:36]
 For more information, see the about_Remote_Troubleshooting Help topic.
    + CategoryInfo          : OperationStopped: (tgcs021-n1.our.network.tgcsnet.com:String) [], PSRemotingTransportExc
   eption
    + FullyQualifiedErrorId : JobFailure
    + PSComputerName        : tgcs021-n1.our.network.tgcsnet.com

Starting a command on the remote server failed with the following error message : <!DOCTYPE html PUBLIC "-//W3C//DTD
XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>IIS 10.0 Detailed Error - 500.0 - Internal Server Error</title>
<style type="text/css">
<!--
body{margin:0;font-size:.7em;font-family:Verdana,Arial,Helvetica,sans-serif;}
code{margin:0;color:#006600;font-size:1.1em;font-weight:bold;}
.config_source code{font-size:.8em;color:#000000;}
pre{margin:0;font-size:1.4em;word-wrap:break-word;}
ul,ol{margin:10px 0 10px 5px;}
ul.first,ol.first{margin-top:5px;}
fieldset{padding:0 15px 10px 15px;word-break:break-all;}
.summary-container fieldset{padding-bottom:5px;margin-top:4px;}
legend.no-expand-all{padding:2px 15px 4px 10px;margin:0 0 0 -12px;}
legend{color:#333333;;margin:4px 0 8px -12px;_margin-top:0px;
font-weight:bold;font-size:1em;}
a:link,a:visited{color:#007EFF;font-weight:bold;}
a:hover{text-decoration:none;}
h1{font-size:2.4em;margin:0;color:#FFF;}
h2{font-size:1.7em;margin:0;color:#CC0000;}
h3{font-size:1.4em;margin:10px 0 0 0;color:#CC0000;}
h4{font-size:1.2em;margin:10px 0 5px 0;
}#header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS",Verdana,sans-serif;
 color:#FFF;background-color:#5C87B2;
}#content{margin:0 0 0 2%;position:relative;}
.summary-container,.content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;}
.content-container p{margin:0 0 10px 0;
}#details-left{width:35%;float:left;margin-right:2%;
}#details-right{width:63%;float:left;overflow:hidden;
}#server_version{width:96%;_height:1px;min-height:1px;margin:0 0 5px 0;padding:11px 2% 8px 2%;color:#FFFFFF;
 background-color:#5A7FA5;border-bottom:1px solid #C1CFDD;border-top:1px solid #4A6C8E;font-weight:normal;
 font-size:1em;color:#FFF;text-align:right;
}#server_version p{margin:5px 0;}
table{margin:4px 0 4px 0;width:100%;border:none;}
td,th{vertical-align:top;padding:3px 0;text-align:left;font-weight:normal;border:none;}
th{width:30%;text-align:right;padding-right:2%;font-weight:bold;}
thead th{background-color:#ebebeb;width:25%;
}#details-right th{width:20%;}
table tr.alt td,table tr.alt th{}
.highlight-code{color:#CC0000;font-weight:bold;font-style:italic;}
.clear{clear:both;}
.preferred{padding:0 5px 2px 5px;font-weight:normal;background:#006633;color:#FFF;font-size:.8em;}
-->
</style>

</head>
<body>
<div id="content">
<div class="content-container">
  <h3>HTTP Error 500.0 - Internal Server Error</h3>
  <h4>The page cannot be displayed because an internal server error has occurred.</h4>
</div>
<div class="content-container">
 <fieldset><h4>Most likely causes:</h4>
  <ul>  <li>IIS received the request; however, an internal error occurred during the processing of the request. The
root cause of this error depends on which module handles the request and what was happening in the worker process when
this error occurred.</li>       <li>IIS was not able to access the web.config file for the Web site or application. This
can occur if the NTFS permissions are set incorrectly.</li>     <li>IIS was not able to process configuration for the Web
site or application.</li>       <li>The authenticated user does not have permission to use this DLL.</li>       <li>The request
is mapped to a managed handler but the .NET Extensibility Feature is not installed.</li> </ul>
 </fieldset>
</div>
<div class="content-container">
 <fieldset><h4>Things you can try:</h4>
  <ul>  <li>Ensure that the NTFS permissions for the web.config file are correct and allow access to the Web server's
machine account.</li>   <li>Check the event logs to see if any additional information was logged.</li>  <li>Verify the
permissions for the DLL.</li>   <li>Install the .NET Extensibility feature if the request is mapped to a managed
handler.</li>   <li>Create a tracing rule to track failed requests for this HTTP status code. For more information
about creating a tracing rule for failed requests, click <a
href="http://go.microsoft.com/fwlink/?LinkID=66439">here</a>. </li> </ul>
 </fieldset>
</div>

<div class="content-container">
 <fieldset><h4>Detailed Error Information:</h4>
  <div id="details-left">
   <table border="0" cellpadding="0" cellspacing="0">
    <tr class="alt"><th>Module</th><td>&nbsp;&nbsp;&nbsp;IIS Web Core</td></tr>
    <tr><th>Notification</th><td>&nbsp;&nbsp;&nbsp;BeginRequest</td></tr>
    <tr class="alt"><th>Handler</th><td>&nbsp;&nbsp;&nbsp;ExtensionlessUrlHandler-Integrated-4.0</td></tr>
    <tr><th>Error Code</th><td>&nbsp;&nbsp;&nbsp;0x800705aa</td></tr>

   </table>
  </div>
  <div id="details-right">
   <table border="0" cellpadding="0" cellspacing="0">
    <tr class="alt"><th>Requested URL</th><td>&nbsp;&nbsp;&nbsp;https://tgcs021-n1.our.network.tgcsnet.com:444/powershe
ll?serializationLevel=Full;ExchClientVer=15.1.1531.3;clientApplication=ManagementShell;TargetServer=;PSVersion=5.1.1439
3.2636&amp;sessionID=Version_15.1_(Build_1530.3)=rJqNiZqNgau4vKzPzc7Ssc7RkIqN0ZGai4iQjZTRi5icjJGai9GckJKBzsbLzc/JzcrHyI
HNz87G0s/N0s/Kq8/Jxc/GxczJ</td></tr>
    <tr><th>Physical Path</th><td>&nbsp;&nbsp;&nbsp;G:\Program Files\Microsoft\Exchange
Server\V15\ClientAccess\PowerShell-Proxy</td></tr>
    <tr class="alt"><th>Logon Method</th><td>&nbsp;&nbsp;&nbsp;Not yet determined</td></tr>
    <tr><th>Logon User</th><td>&nbsp;&nbsp;&nbsp;Not yet determined</td></tr>

   </table>
   <div class="clear"></div>
  </div>
 </fieldset>
</div>

<div class="content-container">
 <fieldset><h4>More Information:</h4>
  This error means that there was a problem while processing the request. The request was received by the Web server,
but during processing a fatal error occurred, causing the 500 error.
  <p><a href="http://go.microsoft.com/fwlink/?LinkID=62293&IIS70Error=500,0,0x800705aa,14393">View more
information &raquo;</a></p>
  <p>Microsoft Knowledge Base Articles:</p>
 <ul><li>294807</li></ul>

 </fieldset>
</div>
</div>
</body>
</html>
Error occurred during the Kerberos reponse.
[Server=TGCS021-N1, TimeStamp = 25/2019 00:59:36]
 For more information, see the about_Remote_Troubleshooting Help topic.
    + CategoryInfo          : OperationStopped: (tgcs021-n1.our.network.tgcsnet.com:String) [], PSRemotingTransportExc
   eption
    + FullyQualifiedErrorId : JobFailure
    + PSComputerName        : tgcs021-n1.our.network.tgcsnet.com

[PS] C:\Windows\system32>



NODE 2

[PS] C:\Windows\system32>Get-TransportService | Get-Queue | Get-Message -ResultSize unlimited | Remove-Message -WithNDR
$False

Confirm
Are you sure you want to perform this action?
Removing the message "TGCS021-N1\13\24627342475286".
[Y] Yes  [A] Yes to All  [N] No  [L] No to All  [?] Help (default is "Y"): A
Sending data to a remote command failed with the following error message: [ClientAccessServer=TGCS021-N2,BackEndServer=
tgcs021-n2.our.network.tgcsnet.com,RequestId=76a61ebb-30a8-428b-976e-67e5b9562326,TimeStamp=2/5/2019 6:43:13 AM]
[FailureCategory=WSMan-Others] The total data received from the remote client exceeded the allowed maximum. The
allowed maximum is 524288000. For more information, see the about_Remote_Troubleshooting Help topic.
    + CategoryInfo          : OperationStopped: (tgcs021-n2.our.network.tgcsnet.com:String) [], PSRemotingTransportExc
   eption
    + FullyQualifiedErrorId : JobFailure
    + PSComputerName        : tgcs021-n2.our.network.tgcsnet.com

[PS] C:\Windows\system32>


Very strange that this command does not work
If you are certain that all mails present in the queue are spam and want to get rid them then you can stop the Transport service and rename the queue database located below location: C:\Program Files\Microsoft\Exchange Server\V15\TransportRoles\data\Queue

After renaming restart the transport service to create new queue database.
Thank you Shreedhar.

What should I check to make sure my exchange server is not exposed to be a relay server?
ASKER CERTIFIED SOLUTION
Avatar of Shreedhar Ette
Shreedhar Ette
Flag of India image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
thanks

ran the test and got these warnings/errors

 DMARC Record Published No DMARC Record found  More Info  
 SMTP Banner Check Reverse DNS does not match SMTP Banner  More Info  
 SMTP Open Relay May be an open relay.

all other tests where successful.

Now where to next?
You can ignore DMARC Section.

But you need to take action on SMTP Banner issue and Open Relay.
For SMTP Banner refer the article: https://doitfixit.com/blog/2014/07/01/reverse-dns-does-not-match-smtp-banner/

For SMTP Relay issue hope you followed the article and modified internal Relay connector authentication and executed required commands for permission.
All my receive connectors have banners.

but when I telnet to mail.tgcsnet.com 25 it does not show any thing

but if I telnet to mail.tgcsnet.com 2525 it shows a banner.

On the smtp relay which article ??
Also I can not send any email outgoing
Just ran the Microsoft Remote Test Connectivity Analyzer on outgoing smtp
It was successful..

I still can not send email out bound.

Send Connector?  Firewall?
Test telnetting on port 25 from your exchange servers. You can telnet to portquiz.net, its external and accepts tests to it via different ports, so open a cmd prompt on your exchange server and run the following and the results will be blank if successful and error is unsuccessful.

telnet portquiz.net 25
Tim

telnet portquiz.net 25  from node 1

220 electron.positon.org ESMTP Exim 4.80 Wed, 06 Feb 2019 06:04:48 +0100

 telnet portquiz.net 25 from node 2

220 electron.positon.org ESMTP Exim 4.80 Wed, 06 Feb 2019 06:08:29 +0100


Also I was able to send email to a friends gmail account  but not to anyone on me.com  Also unable to send mail to my work account

at xyz.com    

Content filter issue?

Thanks
Cool, When you send to the email addresses that are failing check your transport queues and see if they are stuck and if so what is the error?
Hi Thomas,

Missed to mentioned the Internal Relay article:
https://practical365.com/exchange-server/exchange-2016-smtp-relay-connector/

Looks like your Server Public IP address might have been blocked. Please go to https://mxtoolbox.com/blacklists.aspx

and Run Blacklist check for your exchange server public ip address.

If your Exchange Server Public IP Address is blacklisted then you have to place request for de-listing or you can change the public ip address.
I already checked my  domain name on mxtoolbox my email is not block by any of the test sites.

My internal relay was setup by that article when I first built my Exchange 2016

I created a transport rule and now my server is not acting like a relay server according to mxtoolbox site.


I still have the banner error but that is on port 25 the banner works on port 2525 I believe the site is checking for port 25 only when they run the report.
When I telnet into mail.tgcsnet.com 25 I get a blank response  but when I do telnet mail.tgcsnet.com 2525 I get a response


I now send outgoing to any @gmail.com account  
I can not send to any @me.com account or my work account @abc.com

I looked at my contentfilterconfig  but did not see anything that stood out

Thanks

Tom
- When you send mail non gamil domain are you getting any bouce back message?

- Is mail getting stuck in Exchange Queue? If ytes, then share the message from the "Last Error" tab.
Shreedhar

Yes I get a bounce back after a while

I tried to send to @me.com  

PS] C:\Windows\system32>get-queue

Identity              DeliveryType          Status MessageCount Velocity RiskLevel OutboundIPPool NextHopDomain
--------              ------------          ------ ------------ -------- --------- -------------- -------------
TGCS021-N1\3          SmtpDeliveryToMailbox Ready  0            0        Normal    0              tgcsnet-journal2016
TGCS021-N1\155        DnsConnectorDelivery  Retry  1            0        Normal    0              me.com
TGCS021-N1\Submission Undefined             Ready  0            0        Normal    0              Submission


Where is the message from the Last Error tab?

Oh from the Queue Viewer

PS] C:\Windows\system32>get-queue

Identity: TGCS021-N1\155\133143986218
Subject: test
Internet Message ID: <2b53bc5b5dee4de4b08f7e7d95340963@tgcsnet.com>
From Address: ThomasRGrassiJr@tgcsnet.com
Status: Ready
Size (KB): 6
Message Source Name: SMTP:Default TGCS021-N1
Source IP: 10.2.8.17
SCL: -1
Date Received: 2/6/2019 6:59:57 PM
Expiration Time: 2/8/2019 6:59:57 PM
Last Error:
Queue ID: TGCS021-N1\155
Recipients:  trgrassijr@me.com;2;2;[{LED=};{MSG=};{FQDN=};{IP=};{LRT=}];0;CN=TGCSNET,CN=Connections,CN=Exchange Routing Group (DWBGZMFD01QNBJR),CN=Routing Groups,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=TGCSNET,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=our,DC=network,DC=tgcsnet,DC=com;0


User generated image
Hi Thomas,

Thank you for sharing the message header. However it was not much of help.

Observed that domain tgcsnet.com MX record is resolving to public ip address 98.109.201.11.

Looks like you changed the public ip address from 98.109.201.10 to 98.109.201.11.

As per the queue viewer Last Error snap shot it suggests that me.com blocking your mail as it that domain blocking your public ip address 98.109.201.10. Also observed that ip address 98109.201.10 is black listed.

Please make sure your outbound mails are going though pubic ip address 98.109.201.11.
ok

where do I check that

Please make sure your outbound mails are going though pubic ip address 98.109.201.11.       ???????

Thank you
Check your exchange send connector configuration and also firewall NAT routing rule for port 25 from Internal to External.
my send connector is ok no ip address reference listed

My firewall NAT rules are for inbound traffic only
No outbound firewall rules.


Today I sent a test email to someone and it bounced back right away.

In the bounce back message I show that my ip address has been black listed.

So I went onto mxtoolbox.com site checked and show the ip address was blocked by 3

I contacted the three BARRACUDA   DNS Realtime Blackhole List  and  SOORBS  

I have since had them remove my ip address from black list

Now mxtoolbox.com  show my ip address is all good.

So I got home tried to send outbound email and it failed again  same reason ip address is blocked.

Meraki sent me another site when we did a trace the other night and found the ip address is blocked.

that site is proofpoint.com I sent them an email to remove from list also  Still waiting

How many other sites do I need to check?

I also have a support case with Verizon FIOS to see what they can come up with.

Thank you,
Yeah it gets difficult to delisted from blacklist.

Once your IP address removed from proofpoint.com blacklist mail should work.
Yes

It was delisted

and now I can send to @me.com

Just one more that I know of now      DNSBL.SPFBL.NET has my ip address listed  but there site not as user friendly as the others.

It only allows internet provider to request   need to contact Verizon again with that info.

We are getting close to a resolution on this one
Its good to hear that you were now able to send mails to me.com.
Guys,


My queues are clean now thanks

1. I created a transport rule and now my exchange servers are not acting as an relay server.

2. Only out standing issue is my public ip address is blocked on so many sites. I got most of them but I still can not send email to outlook.com and some others.  Waiting to replace the public ip addresses with new ones hopefully they where not used as this one was.

Thanks for all the help