RE: Cannot send mail to certain domains (Full Version)

All Forums >> [Microsoft Exchange 2003] >> Message Routing



Message

leehammond -> RE: Cannot send mail to certain domains (24.Sep.2004 11:22:00 PM)

I had the same issue with our Exchange 2000 Server. Finally traced the problem to Norton Anti-Virus. Somehow the setting for our email server was switched to enable exchange/outlook real-time protection. After disabling email protection the problem went away.

NAV's client-email protection was setting up a email proxy server that was causing the issue.

-----------------------------------------
ljh@coredesigninc.com

[ September 24, 2004, 11:30 PM: Message edited by: lee-core design ]



mbirmingham -> RE: Cannot send mail to certain domains (29.Sep.2004 4:17:00 PM)

Hi everyone,
I have had similar delivery issues to a handful of domains and think I may have uncovered a possible Microsoft SMTP bug. It appears as though all the domains that we are having problems with have multiple MX records for their domain and the highest priority MX server is offline. I verified by using NSLOOKUP then attempting a telnet session to port 25 of the returned MX servers. The only way I found to overcome this was to create a separate connector that points to our ISP's SMTP relay server and define address spaces for the affected domains. If you don't have another SMTP server to relay through, I suppose you could create a separate connector for each domain, define the address space for that particular domain and have the "forward all mail through this connector to the following smart hosts" point to the responding MX server, although I have not tried it. I hope this helps.

Mike B.



typical_nd -> RE: Cannot send mail to certain domains (6.Oct.2004 9:59:00 PM)

I've had the Exchange 2k3 issue of emails sitting in the Queue for aol.com and yahoo.com emails. I tried everything.

I removed internet email scanning.
I ran enableednsprobes 0.
I changed and added different exchange DNS servers (except for ISP's as I host 2 name servers myself outside my firewall).
I rebooted and watched the emails leave...and sighed in relief, but that was 3 weeks ago.

Yesterday it started all over again and the reboot doesn't even work now. Anybody have a new trick up their sleeve for this nuisance?



ChrisWhite85 -> RE: Cannot send mail to certain domains (7.Oct.2004 1:32:00 PM)

We're on the second page of posts guys and still nothing solved really?

Same conditions as most:

SBS2003/Server 2003
Exchange 2003
No Anti-Virus or Software Firewalls
SMTP Connector sending (Send=Smarthost Recieve=Relayed to server from ISP via IP with ISP relay backup).

Just built brand new SBS2003 and Server 2003 File Servers on a new network entering all my correct information once and once only (No Wizard Re-Running) and leaving Remote Access (Internet Side) Disabled.

Its getting to the stage of a whose Exchange actually works. There are too many people with this problem for it to be "easily solved or whitepapered". Once again the logging service helps like a chocolate kettle, telling you the errors and error codes nobody has heard of... even on EVENTID website [Eek!] .

I will let you know what happens guys when i test it out this weekend!



ChrisWhite85 -> RE: Cannot send mail to certain domains (7.Oct.2004 2:20:00 PM)

Ok guys just ran an SMTPDiag test (SMTPDiag - Exchange Tools) from DOS to see if i could trace the problem I am having with the certain domains.

Command Line I entered at the DOS prompt:

C:\Windows>smtpdiag "me@mydomain.co.uk" "friend@problemdomain.co.uk" -d 100.100.100.100 /v

(* Where -d is my ISP's DNS Server and /v gives extra info)

It seems that the mails send ok then right at the very end I get a few red errors saying Error 220 - Failed to get Response. Error 10054.

Well Error 10054 is a Socket "Reset by Peer" error so I am not sure what to make of it. I know i can Telnet Mail fine so it has to be an Exchange ONLY issue. DNS works and resolves correctly and telnet fires e-mails as fast as i can type them with zero problems. Why oh Why has it become this hard to send an e-mail? Why does Exchange get blocked from being allowed to forward to external DNS to be resolved. Internal mail is fine but Exchange gets blocked contacting external DNS.

We restart the server at set times at the moment so the e-mails go out. It has to be a service or a process that starts just after the transport services.

I dunno. [Confused] [Roll Eyes] [Frown] [Roll Eyes] [Roll Eyes]



typical_nd -> RE: Cannot send mail to certain domains (7.Oct.2004 3:36:00 PM)

Ding Ding. I fixed it for myself finally! I said I tried everything in previous posts and some temporarily seemed to work, but really who wants to reboot 5 times daily....not me.

It is a DNS issue. For me anyways, this problem is so wide spread and random, I won't be surprised if it starts up again in 2 weeks!

In my exchange 2k3 system attendant.
>go to Properties of Default SMTP Virtual Server
>Delivery Tab >Advanced button >Configure Button
>Now I added my ISP's 'Resolvers' not DNS servers (VERY IMPORTANT) and I moved one of theirs to the top...didn't work in second or third position for some reason.
>Stop and Restart Default SMTP Virtual Server.

Went to my Queue and watched aol.com and yahoo.com roll on out....no reboot necessary.

Hope this helps.....Nathan



ChrisWhite85 -> RE: Cannot send mail to certain domains (7.Oct.2004 7:26:00 PM)

For me its not yahoo, hotmail etc. Its other companies we work with that cause the problems and they are very large corporations/plc's.

I will try and get our ISP's resolvers anyway!

Cheers.



Guest -> RE: Cannot send mail to certain domains (7.Oct.2004 11:21:00 PM)

For anyone not following this thread closely, This issue is not an ISP problem. As of yet, I, nor anyone else posting here, has found a permanant solution to the core issue. (However I am aware of a work around)

Let me summarize
There is a bug in Exchange 2003 that causes emails to randomly fail. I've personlly witnessed the exact same bug in 3 different companies. Using both 2003 SBS and 2003 Enterprise Editions.

The Problem is that Exchange 2003 sometimes fails when looking up an MX record, it then does an a record lookup..which, for some domains, return another ip address that doesn't support incoming mail. This results in the email bounce backs.

The Discovery/Work Around I stumbled across this work around, which supports the above diagnosis of the issue (also supported by previous posts to this thread) If you install a mail relay (non-exchange) and route the exchange email to it, and let the mail relay do the lookups it removes the exchange dns lookup bug from the equation. I stumbled across this when installing Trend Micro mail relay and GFI Mail Essentials 10 Mail Relay.
Both Exhange boxes previously experiencing this issue stopped after the mail relays were implemented.

ConclusionUntil MS patches the bugged DNS lookup, i see the simplest workaround to be installing a mail relay to do the dns lookup instead of exchange.

hope this helps
-Arthur
griffonage@%nospam4me%gmail.com



ChrisWhite85 -> RE: Cannot send mail to certain domains (8.Oct.2004 7:16:00 PM)

For those of us who are VERY keen to follow your suggestion, could you possibly write a small whitepaper on how to configure exchange to route to the Mail Relay?

That would be great and thanks kindley for sharing your Work Around. I am sure most of us will be very pleased with your findings and solutions. [Smile] [Cool]



koggen -> RE: Cannot send mail to certain domains (8.Oct.2004 10:25:00 PM)

There's little need for a whitepaper there. Just create a SMTP Connector and tell it to forward email to a relay.

Go to Exchange System Manager->Connectors. Right-click and choose New->SMTP Connector. On the General tab give the connector a descriptive name. Enable "Forward all mail through..." and enter the relay server of your ISP. Click the Add button and add your server's SMTP virtual server instance. Switch to the Address Space tab, add SMTP Address Space, set Email domain to * (which means all domains, i.e. all outbound email is routed to the relay) and click OK. Make sure that "Allow messages to be relayed..." is NOT ENABLED. Doing so basically opens up your server for anonymous relaying, which is bad.

Click OK to save settings. That's all. Outbound email will now flow through your ISP's relay instead, hopefully allowing you to send email without problems.

// Johan



ChrisWhite85 -> RE: Cannot send mail to certain domains (9.Oct.2004 1:47:00 PM)

I know how to create a connector, how do you make Exchange use GFI Mail Essencials for sending instead of its own crap lookup system?



ChrisWhite85 -> RE: Cannot send mail to certain domains (9.Oct.2004 6:58:00 PM)

I think i need a seperate machine for GFI to work looking at it now.

I have to say i did a fresh install of SBS2003 and run all the wizards once and my new Exchange has been fine so far, touch wood.

I hope its not going to be tempremental though :S.

If it is, then i'm going do install a seperate box as thats the only way i'm going to get it to work. [Roll Eyes]



koggen -> RE: Cannot send mail to certain domains (12.Oct.2004 11:11:00 PM)

Perhaps a long shot, but might be worth trying. I just experienced some similar problems and after some log digging, I could find out that one receiving server didn't like the SMTP EHLO command that Exchange issues by default. The server (Trend Micro InterScan VirusWall NT 3.53) seems to get stuck after the EHLO command, if you press enter when connected with telnet you can get back a normal response, but that's not something the Exchange server is gonna do for you. When I issued a HELO command instead, everything worked fine.

If that's the case, you can create a connector to solve the problem. Create it as instructed previously, and on the Advanced tab, check the "Send HELO instead of EHLO" checkbox and restart the SMTP service. This might explain why it can be solved by using your ISP as relay, as not all servers use the EHLO command by default.

Good luck!

// Johan



ChrisWhite85 -> RE: Cannot send mail to certain domains (13.Oct.2004 11:20:00 AM)

Thought i'd done it when i changed the flamin settings from EHLO to HELO when mails started flowing after reboot. Unforunatly 5mins after startup it died again.

What a lump of junk, i'm glad i am a Partner and not a full paying retail customer. Its just disturbing work now, and i cant take anymore time off as there is nobody here to restart the servers to get mail sent.

God damn. [Roll Eyes]



koggen -> RE: Cannot send mail to certain domains (16.Oct.2004 2:11:00 AM)

Try to raise the logging level for the MSExchangeTransport service and the Connection Manager and SMTP Protocol categories (Exchange System Manager->"your server"->Properties->Diagnostic Logging). That should pretty quickly give you a further indication on what's wrong. Events are logged in the Application log of the server.



ChrisWhite85 -> RE: Cannot send mail to certain domains (16.Oct.2004 11:27:00 AM)

I think we all know whats wrong now. To be honest i am fed up with chasing this bug on a working server. I have just re-installed and deployed a new SBS2003 premium and 3 2003 Servers. I have been able to send mails fine and this is where i hope to be for a while.

The bug as <Arthur> describes is obviously a programming problem within exchange in regards to the routing engine and the very short delays that it has for looking up MX Records etc.

Maybe Longhorn Exchange will be an improvement without these silly bugs that were only risen after distribution.

Good luck if you find a repair guys, we have devoted alot of my admin time to sorting it and i hope you have success! [Smile]

Cheers.



Guest -> RE: Cannot send mail to certain domains (21.Oct.2004 4:04:00 PM)

I think I have resolved this problem. It was not NAV at all. As someone said earlier, it looks like it was related to multiple MX records for that domain, and at least for me, that was the EXACT problem. The primary MX host is down and needs to bounce to the second one. Fails trying to go to second, and delays. I pointed my Exchange server to my DNS server, and let it go out and query the MX records for that domain. Once it did it and failed sending the message, I went in to the cached lookups, removed the first MX record entry, and magically the email went out the next time on the first try! PROBLEM FIXED! As long as I don't lose my cached look-ups, then I'll have to remove the records again. This works for 2 domains I was having problems with. Looks like an SMTP/DNS problem in Windows 2003 to me! Hope this helps someone, cause it sure helped me!

Take care all and thanks for all the input!
Scotty_D



Guest -> RE: Cannot send mail to certain domains (22.Oct.2004 8:15:00 PM)

This sounds an aweful lot like a notorious qmail bug where once the message is queued it will always try the same MX rather than lower priority MXs. If it is the *same* problem, it would only occur if all MXs failed initially, then the primary MX was failing subsequently... would not send even if secondary MX(s) came back online. Does this sound reasonable, or is there evidence to the contrary?

Of course if this is the issue, the only sound solution would have to come from M$. =(



Guest -> RE: Cannot send mail to certain domains (25.Oct.2004 7:21:00 AM)

I tried using my ISPs resolver address and that seems to do the trick.



Guest -> RE: Cannot send mail to certain domains (26.Oct.2004 5:37:00 PM)

Using the ISPs DNS resolvers worked. I had the name servers prior. Changed them and wallah, mail to gmail and yahoo.

Thanks so much [Big Grin]



Page: <<   < prev  1 2 [3] 4 5   next >   >>