Messages stuck in queues (Full Version)

All Forums >> [Microsoft Exchange 2003] >> Message Routing



Message

Spacecowboy2005 -> Messages stuck in queues (22.Oct.2009 5:41:59 AM)

Right, I've spent hours reading posts and getting no where with this! I know there are several other people with the same issue but I don't seem to be getting anywhere.

We're running Exchange 2003 on a Windows Server 2003 box.
All mail that comes in to valid users is forwarded to another address on another domain.

For example:

me@123.com forwards to me@123-abc.com

This had been working fine for almost a year, until a few weeks ago.
Now the problem is that recently these messages just sit in queues, sometimes the mail is gradually released but never the whole queue.

There are also several queues forming with NDR reports to random domains.

Error messages displayed are;
"The connection was dropped due to an SMTP protocol event sink."
or
"Unable to bind to the destination server in DNS"

I've read that this can be related to External DNS so have added and External DNS to the Deafult SMTP Virtual Server. This hasn't helped.

I also was lead to belive this was a RNDR attack as per http://support.microsoft.com/kb/909005 but i have Recipent filtering enabled and this is still occuring

I'm completly stumped as to what is happening, if there is an exchange guru that could help me out i'd be very very greatful

Thanks



ashishjoshi1 -> RE: Messages stuck in queues (22.Oct.2009 9:55:39 AM)

Hi,
How do you know that Email is getting forwarded from valid email address to invalid email address in your domain.
 
Hope you have enabled Recipient filtering in the Global Settings and then enabled it at the server level, because if you enable it at Global Settings you also have to enable it on the Servers.
 
After enabling Recip filtering have you cleared all your queues either using some tool. Please have a look on the article below
http://support.microsoft.com/kb/886208
 
Regards,
Ashish Joshi



uemurad -> RE: Messages stuck in queues (22.Oct.2009 9:57:49 AM)

Where is this other domain? 
Do the messages have to be sent via the Internet, or is it internal to your infrastructure (via LAN, WAN, or VPN)?
What is the name of the queue where the messages sit?
Where and how is the forwarding configured?
What changed in your environment a few weeks ago?



Spacecowboy2005 -> RE: Messages stuck in queues (22.Oct.2009 10:07:52 AM)

The other domain is situated at our head office in another geography, messages are forwarded there via the internet as we are not within the LAN/WAN structure.

The forward it self is configured individually for each user within their Exchange settings.

None of these accounts are used to send mail (other than these forwards) as we now send recieve mail on the other domain @123-abc.com

I've logged into my account and sent mail to other domains (google, hotmail etc) so out bound mail is working.

The mails are sitting with the: Internet Mail Connector - 123-abc.com (smtp connector)

Recipent filtering is enabled at Default SMTP Virtual Server.

As far as I'm aware nothing has changed with in the enviroment in the past few weeks.

Look forward to you response



uemurad -> RE: Messages stuck in queues (22.Oct.2009 10:17:05 AM)

What happens if you are connected to your @123.com mailbox and you send a message to your @123-abc.com address?  Does it go through?  Does it bounce?  Does it sit in the queue?



Spacecowboy2005 -> RE: Messages stuck in queues (22.Oct.2009 10:31:26 AM)

The message just gets added into the queue along with the rest of the @123-abc.com bound mail.



uemurad -> RE: Messages stuck in queues (22.Oct.2009 10:56:52 AM)

That makes more sense.  It's not that the forwarding is failing, it's that you can't send a message from your system to the other.

How is your routing configured to get from your system to HQ?  Are you using a single SMTP connector for everything?  Do you have a special connector for that address space?  Are you using a smarthost configured in the Default SMTP Virtual Server or in the connector (or neither)?

Did you modify your Recipient Policy to include the other domain?
Did you modify your AD in anyway to now include the addresses in the other domain (e.g. add contact objects)?



Spacecowboy2005 -> RE: Messages stuck in queues (22.Oct.2009 11:09:16 AM)

I'm slightly confused, but i'll try to provide the information; There is a single SMTP connector for each queue, e.g. @123-abc.com or @googlemail.com

There is no smarthost configured.

The Recipent policy for @123.com is only configured to filter recipients that are not in the directory.

Yes I've added contact objects in AD to iniate the forwards to the other domain.



uemurad -> RE: Messages stuck in queues (22.Oct.2009 12:09:31 PM)

Since you are unable to get any messages delivered to HQ, we are concentrating efforts on parts of Exchange involved with message delivery.

If you define @123-abc.com in the recipient policy and tell Exchange it is authoritative, it will assume that the address is internal and not try to send out.
quote:

There is a single SMTP connector for each queue, e.g. @123-abc.com or @googlemail.com
I didn't know if this meant you have a single SMTP connector for outbound messages, or if you have separate connectors for each domain listed.  In any case, we want to look at the connector used for @123-abc.com.

Let's take a step backward for a moment.  What does Message Tracking say for a test message sent from your mailbox to one at HQ?  Is it delivered to SMTP?

If that doesn't provide any useful information, I'd also suggest you manually test communications between your Exchange server and the server at HQ.  On your Exchange server, get the MX information using NSLookup.  Then, use Telnet to simulate the creation/delivery of a message.



Spacecowboy2005 -> RE: Messages stuck in queues (22.Oct.2009 12:53:02 PM)

Ok, so i've run Message Tracker from me@123.com to me@123-abc.com , the following appears in the event colom:

SMTP Store Drive: Message Submitted from Store
SMTP: Message Submitted to Advance Queuing
SMTP: Started Message Submission to Advanced Queue
SMTP: Message Submitted to Categorizer
SMTP: Message Catorgrized and Queued for Routing
SMTP: Message Routed and Queued for Remote Delivery

As for Telenet I tried to send a mail from test@testdomain.com > me@123.com
(is this correct)

However the message doesn't seem to have sent think I revieved a 505 error.
I've finished for the day, but will try to Telnet tomorrow

Thanks for the help and suggestions so far



uemurad -> RE: Messages stuck in queues (22.Oct.2009 2:34:45 PM)

For the manual tests, please first perform NSLookup according to the instructions in my blog article.  That should be the FQDN you use in the Telnet test.

Each SMTP command you enter during the Telnet test should get a response from the recipient server.  Any response code in the 200-299 range is OK.  Anything else warrants investigation.  The SMTP commands given should be:

EHLO (or HELO)
MAIL FROM:
RCPT TO:
DATA
QUIT

You should get a response for each of these.  If you aren't sure of the results, you can post them in this thread (edit any confidential information you don't want publicized).



Spacecowboy2005 -> RE: Messages stuck in queues (23.Oct.2009 7:19:17 AM)

Thanks,

I've successfully Telnet'd on to HQ (123-abc.com) & sent and recieved mail.

When Telnet'ing on to My local exchange i recieve the following when i go to send the message.

250 2.6.0 <IEEXCHANGE01XFZ0stg00000031@mail.123.com> Queued mail for delivery

But the message is never recieved

Thanks



uemurad -> RE: Messages stuck in queues (23.Oct.2009 9:19:47 AM)

quote:

I've successfully Telnet'd on to HQ (123-abc.com) & sent and recieved mail.
Successful message delivery indicates that everything necessary for your Exchange server to communication with the HQ server is in place.  Let's go back to a question I asked you earlier.
quote:

I didn't know if this meant you have a single SMTP connector for outbound messages, or if you have separate connectors for each domain listed.  In any case, we want to look at the connector used for @123-abc.com.
Which is it?  Do you have a separate connector for @123-abc.com?



Spacecowboy2005 -> RE: Messages stuck in queues (23.Oct.2009 9:28:29 AM)

http://4.bp.blogspot.com/_TMrUtWVMJR0/SuGugoja93I/AAAAAAAAAFA/SbqBmytqUjY/s1600-h/queues.jpg

(sorry can't seem to embed the picture)

This is what I'm seeing,

I think when a message is sent a conector is created for that domain.
I've currently had to to diable NDR's as 100's of queues were in retry mode sending NDR's to various domains.

Please excuse my inexpertise with Exchange etc i'm more used to desktop/1st line support than servers



uemurad -> RE: Messages stuck in queues (23.Oct.2009 10:22:28 AM)

quote:

I think when a message is sent a conector is created for that domain.
I'm talking about SMTP connectors which you have to create and configure as part of Exchange.  These tell Exchange how to route messages.  Based on your answer, I'm assuming you probably only have a single connector that delivers messages to the Internet.

Open the System Manager (ESM).  If you don't see a folder named Routing Groups at the first level of your Organization tree, then expand Administrative Groups and the object that appears beneath (the name of your Exchange Organization).  You should find Routing Groups there.

Expand the folders beneath and any folder named Connectors.  How many entries in total beneath all the Connectors folders are there?

quote:

I've currently had to to diable NDR's as 100's of queues were in retry mode sending NDR's to various domains.
NDRs are a natural occurance.  When you have a lot, they are typically a by-product of Spam.  Read this article for an explanation of what is happening.

Strictly speaking, turning off NDRs breaks the RFC for SMTP.  Not that you're breaking any laws, but you are also denying legitimate messages from getting out.  For example, if one of your customers attempts to send a message to one of your users and accidentally misspells the name, wouldn't you want your customer to know?  Without the NDR, the customer will assume that the message got through.  What if it was something important (like a revenue opportunity)?

What to do about Spam?  3rd-party spam filters are highly recommended.  Also, my colleague Oz Ozugurlu put together a nice list of things you can do, some are native to Exchange (i.e. at no cost).



Spacecowboy2005 -> RE: Messages stuck in queues (23.Oct.2009 10:33:04 AM)

Sorry yes we do only have the one SMTP Connector.

We did have a 3rd party spam filter in place but thought that as all mail was being forwarded to the other domain and then scanned at their end it seemed pointless having scanning at both ends.

What I don't understand is why this has been working fine for well over a year and now causes an issue. I've checked ESM almost everyday and never seen queues of NDR's in rety mode.

I was aware that disabling NDR's was against the SMTP RFC. I've only turned it off while this problem is occuring & intend to turn them back on.

Without the NDR's being sent the only queue left in retry mode is the queue forwarding to HQ



uemurad -> RE: Messages stuck in queues (23.Oct.2009 10:47:59 AM)

quote:

Sorry yes we do only have the one SMTP Connector.
No worries - we all learn about these things however they happen.

Knowing that you have a single Connector makes troubleshooting a bit simpler.  Open the properties of that Connector - on the General tab is the radio button selected for "Use DNS ..."  or "Forward all ...".  This indicates whether Exchange is responsible for sending messages directly to recipient systems or forwarding all the outbound messages to a different system for delivery.

quote:

I've checked ESM almost everyday and never seen queues of NDR's in rety mode.
That's because some spammer out there has decided to start using your domain name as it's sending address.

quote:

What I don't understand is why this has been working fine for well over a year and now causes an issue.
Behavior like this doesn't change for no reason - your job now is to figure out what changed.  For example, did the HQ change ISPs or DNS hosting services?  Did they make a change to their Messaging Environment?



Spacecowboy2005 -> RE: Messages stuck in queues (23.Oct.2009 10:56:02 AM)

quote:


Open the properties of that Connector - on the General tab is the radio button selected for "Use DNS ..."  or "Forward all ...".  This indicates whether Exchange is responsible for sending messages directly to recipient systems or forwarding all the outbound messages to a different system for delivery.


This is set tp "USE DNS..."

I've tried asking the Support team at HQ about changes etc but everythings met with a limited response.

I shall endevour to try again..



uemurad -> RE: Messages stuck in queues (23.Oct.2009 12:15:51 PM)

Just to be sure, please perform (again) the NSLookup according to my blog article.  This should be done on your Exchange server.

Using the FQDN that comes back for your other domain (123-abc.com) for the lowest valued MX record, perform the Telnet test (again).  Again, this should be done on your Exchange server.

Does the message get delivered successfully?



Spacecowboy2005 -> RE: Messages stuck in queues (26.Oct.2009 5:36:08 AM)

Hi I tried again on friday evening however recieved the following error:

452 Too many recipients received this hour

When submiting the Rcpt To:

I've tried again on Monday and recieve the same error.

Another thing to note is that as of this morning the queues have sent but I can see they are noticeably starting to build up again.



Page: [1] 2   next >   >>