Microsoft exchange server problems / questions

Dr Zoidberg

Dr Zoidberg

Dr Zoidberg

Associate
Joined
18 Oct 2002
Posts
710
Location
Somerset
Hi

Hoping this is better off in here than in the software section but i might be wrong.

As i think i have mentioned in a few questions over the last month or so i am looking after our IT matters whilst our main person is off. i few things have been a bit of a learning curve as it isnt my main job and i dont have any 'on the job' experience out side of what i was already doing here.

The situation i have at the moment is with our exchange server.

The main problem seems to be with our ISP and some one has been in touch with them and they have said they have problems with there email system, the last response was 'can you not just send one email at a time'
Now for a business broadband package from a large company this seems a bit bad, but its not up to me to ditch them.

The problem has been on going for 4 to 6 weeks now, with the last week being the worst.

Email is getting stuck in our outbound queue, the virtual SMTP server keeps dropping and having to be manually stopped and re-started.

I have been trying to manage the queue to some extent over this time, but last week being the end of the month my main job had to take priority and wednesday the email queue was left alone, by the end of the day over 150 emails were sat there.
Today there is still email sat there from last tuesday,

Small email (<10kb) seems to go as long as the SMTP server is up.
Once you start to get above this size it is really having problems, and once the queue gets longer the SMTP server falls over more often, so a lot of the time i have large amounts of the queue frozen which is helping, and letting 10 or 20 mails at a time have a go at getting out.

Now from our ISP it seems there system is struggling to take more than one email at a time, how often it can take one i have no idea, but i would have thought it has to be at a decent rate, but our queues will not clear.

Some emails are leaving the queue and you think great that is that one gone (some one has called and said i have sent an important mail can you make sure it gets out) but then the SMTP server falls over, i stop it, re start it and that same email is back in the queue.

I couldn't tell you how our mail is set up to go out, but if asked questions i can find the answer and get back.

If any one can give any hints or tips on how to control this queue and hopefully get some of it moving i would be very great full

Thank You
Keith
 
sounds like your using your isps mail server as a smart host in exchange to send mail. you could as an interim measure just use dns to send mail directly to the internet and let dns sort out where to deliver the mail, but you'll have problems sending mail to isps like aol.

i'd recommend msexchange.org as a starting point for all things exchange.
 
Thanks Jimathy

I will take a look at msexchange.org tomorrow, and put forward the idea of useing dns for direct mail.

As far as i see it at the moment all our outbound mail goes to our ISP and they direct it on, all our inbound mail goes to our ISP and they direct it to us.

i guess this is normal set up (no other experiance)
our emails are [email protected]l internally, but as soon as you send a email to an external address it goes on to the ISp and changes to [email protected]
I assume this would still work using direct DNS,
will go and do some hunting and have a look at that site.

Thanks again
 
Exchange can be a beast.
I've been in charge of our Exchange system for a good few years now and I'm still discovering new features even now :)
We really need some information from your Event Logs to try and find an answer here.
The queue simply "falling over" isn't really going to lead to an answer as there are literally hundreds of reasons why it might be doing that.

I'm not entirely convinced allowing your Exchange server to send mail directly is going to be your answer.
There is a chance your ISP are blocking mail ports to stop you running your own direct mail servers - instead forcing you to use them as a Smarthost, yes this does still happen on business broadband packages.
Also without correct reverse DNS in place you may find that a lot of receiving servers will deny your connection for fear it's an open relay or similar.

Report back with what the logs have to say and hopefully that will lead to some better answers.
 
Right let me try and fill in some more details then.
Please stick with me, this isnt my system and my experiance with exchange is very limited.

The system has been in place for some time and working fine untill a few weeks ago,
At this time our ISP was contacted and they said they had a problem, (twice in 2 calls a week or so apart)

but if i can confirm the problems are down to them and not at our end that would be a big bonus.

First up we are using the ISP as a smart host, all mail is forwarded through post.ISPname.co.uk

quackers - DNS forward zones ? where are those :o

stoofa i can find logs telling me all sorts all over the place, any particular logs you have in mind?

Here is a section of a log from yesterday from the smtp virtual server,
I have replaced the IP address in there with XXXXXX
from what i can tell the EHLO -250, mail - 250, RCPT - 250, Quit -240 parts are everything working ok, as for the other parts in there i dont know.

#Software: Microsoft Internet Information Services 6.0
#Version: 1.0
#Date: 2007-11-04 00:01:22
#Fields: time c-ip cs-method cs-uri-stem sc-status
00:05:43 XXXXXX EHLO - 250
00:05:43 XXXXXX MAIL - 250
00:05:43 XXXXXX RCPT - 250
00:05:43 XXXXXX QUIT - 240
00:05:49 XXXXXX EHLO - 250
00:05:49 XXXXXX x-exps - 0
00:05:49 XXXXXX x-link2state - 200
00:05:49 XXXXXX MAIL - 250
00:05:49 XXXXXX RCPT - 250
00:05:49 XXXXXX xexch50 - 354
00:05:49 XXXXXX BDAT - 250
00:05:49 XXXXXX QUIT - 240
00:05:59 XXXXXX EHLO - 250
00:05:59 XXXXXX MAIL - 250
00:05:59 XXXXXX RCPT - 250
00:05:59 XXXXXX QUIT - 240
 
just add reverse dns and send using DNS. I work for an ISP and I detest people who decide they need to set our mail relays as smarthosts for their exchange box, I mean, whats the point, you have a mail server then use it! A business ISP should be quite happy to open up the ports for you if they aren't open already, if they aren't then I'd move on sharpish...
 
bigredshark said:
just add reverse dns and send using DNS. I work for an ISP and I detest people who decide they need to set our mail relays as smarthosts for their exchange box, I mean, whats the point, you have a mail server then use it! A business ISP should be quite happy to open up the ports for you if they aren't open already, if they aren't then I'd move on sharpish...
Click to expand...

So if i turn off the smart host option and set up reverse DNS,
What problems am i likely to inconter with ports?
I am liking this idea as we are still convinced the problem is with our ISP (as they have told us they have a problem) so any chance to not go through there mail servers should be a big help.
 
Dr.
The idea behind using DNS to resolve mail hosts is that you remove the need for your ISP to be involved with the process of you sending e-mail.
Basically you tell your Exchange server where it can make DNS lookup's (either your ISP's name servers or if you're feeling even braver, point the Exchange box directly at the "Majestic 12" Root Servers).
Then you allow your Exchange box to deliver it's own mail.

At the moment any mail you send is queued, then sent on to your ISP's mail server that makes a DNS lookup on the domain and sends the mail off.

If you allow the Exchange server to make its own DNS lookup's then any mail is entered into the Exchange server's queue, the Exchange server makes the DNS lookup on the domain and directly communicates with the receiving mail server - missing out the ISP's mail server entirely.

The problem is that by default you don't have any reverse DNS.
Reverse is as the name suggests the opposit of a DNS lookup.
For example:

You run NSLOOKUP on novell.com and I get 130.57.5.70
With revers DNS you would run the NSLOOKUP on the IP address and it would resolve to novell.com
Reverse amongst other things can be used as a way to confirm you are who you say you are.
A lot of mail servers will accept a connection from any other mail server, they then run a reverse DNS on the IP address that is talking to them.
As long as the domain name all matches up and reverse records exist then the mail is delivered.
If however no reverse lookup can be successfully made many mail servers will drop the connection and the mail won't be delivered.

So basically you cannot just start getting the Exchange server to directly deliver mail (missing out your ISP's mail server) without setting some reverse DNS records - otherwise you may find more mail servers not accepting your mail.
Creating reverse DNS records can be complicated and brings in other systems - are you familar with DNS, Zones, etc?
Do you know if your run your own DNS or if your ISP does all of that for you?

As to who is to blame here - it sounds to me that it is your ISP at fault.
The reason being that you are seeing an error on your Exchange box which means the problem exists between you and the Smarthost.
As far as you are aware nothing has changed at your end of things yet they are freely admitting that they have been having problems.
It really does sound to me like your ISP's mail server is dropping your connections for some reason.

When I mentioned logs last night - take a look in your Event Viewer under Control Panel>Administrative Tools and look for Events that mention MS Exchange or any of the Exchange Services.
These events will have a description and an ID number which you should use with Microsoft Knowledgebase.
This should help indicate if the problem is with your local SMTP server or with your Smarthost.
 
The reverse DNS looks like fun, think i might have to go banging my head against a few walls but might be our only (sensible) option at this time.

Logs - That is one of the places i had looked, there are a few relating to exchange in there

MSEchange Transport
Queueing engine
event ID 4005

Then goes on to tell time spent doing things, all 0 milli seconds, then the queue length.

Most of these have a ! next to them
Any others are expected notices and not related to exchange.

While on the topic of email, i read a little while ago but 2 methods for incoming mail.

method 1
Everything addressed to @ourdomain.com comes in and is accepted by our server then the front is looked at against our directory and sorted.
This is the method we use

method 2
The name@ is looked at before it is accepted and if the name is not in the directory our server rejects it.

Method 2 looks like the better option to me, any opinions?

Again thank you for all the help and suggestions, i have been dropped in the deep end here and any help is greatfully recieved.
 
Just to add a little note here, it looks to me as though we do already have reverse DNS lookup set up,

On our domain controller i went to
Admin tools > DNS
and this is set with both forward and reverse lookup zones that contain what seems to be details of all the PC's in the building
I assume this is what is needed for the email as well ?
 
yeah thats it, you'll need:

Mail.yourcompany.co.uk as a forward lookup zone, and an a host record in there pointing to your exchange server

then in yourcompany.local forward zone, put an mx record in for mail.yourcompany.co.uk

Do that for each mail domain you have
 
Well after 2 phone calls this afternoon i was told to turn it on,
The queue has started to drop in size, but is taking its time,
I have been told our server is going to struggle a little doing this job and that is why we normally go through our ISP, i would say if anything our internet connection is what is going to struggle.

In the forward lookup zone there is a ourcompany.local but not a .com

One of the calls i made was to someone who told me to phone our ISP and check we have a PTR (i think) record or table with them, he then done a look up on our domain himself and told me it was already in place.

The only other thing i have done other than switch the option is to add our ISP's DNS servers to the smtp virtual server settings.

These area already listed in the DNS settings on the domain controller.

Looks like there might still be some things need adjusting here but heading in the right direction hopefully.

Once again thanks for the help
 
Last edited:
Ok i have just thought on something here,

I have switched so our server is doing the work and not sending it all direct to our ISP.

But i have moved from sending to them to using there DNS servers,

Now when they said they had email problems that is all i know, i haven't been told what is causing the problems and this could be there DNS servers,
So would it be an idea to add another DNS server to the list ?

Also am i right in thinking that the mail that was in the queue before i made the switch is not guaranteed to make the switch its self and may remain stuck in the queue? i thought i read that some where.
 
quackers said:
I would imagine any mail stuck in queue should clear, have a go of this:

http://www.checkdns.net/quickcheckdomainf.aspx

put your domain.co.uk in and see what it comes back with
Click to expand...

that seems to come back clear on everything, except one
It trys 3 of our ISP's name servers and sasy the 3rd timed out but the other 2 are ok,

Under the mail section it finds both our ISP options and our direct option.

mail server tests

Domain goochandhousego.com has 3 mail-servers.
Checking mail server (PRI=10) mailgate.ourdomain.com [83.104.113.210]
Mail server mailgate.ourdomain.com[83.104.113.210] answers on port 25

<<< 220 ghexchange.ourdomain.local Microsoft ESMTP MAIL Service, Version: 6.0.3790.3959 ready at Tue, 6 Nov 2007 18:49:53 +0000
>>> HELO www.checkdns.net
<<< 250 ourexchange.ourdomain.local Hello [XXX.XX.XX.XXX]
>>> MAIL FROM: <[email protected]>
<<< 250 2.1.0 [email protected]er OK
>>> RCPT TO: <[email protected]>
<<< 250 2.1.5 [email protected]
>>> QUIT
Mail server mailgate.ourdoamin.com [our IP] accepts mail for ourdomain.com

Checking mail server (PRI=50) relay-2.mail.demon.net [XXX.XXX.XX.XX]
Mail server relay-2.mail.demon.net[194.217.242.9] answers on port 25
<<< 220 anchor-relay-1.mail.thus.net ESMTP Postfix
>>> HELO www.checkdns.net
<<< 250 anchor-relay-1.mail.thus.net
>>> MAIL FROM: <[email protected]>
<<< 250 2.1.0 Ok
>>> RCPT TO: <[email protected]>
<<< 250 2.1.5 Ok
>>> QUIT
Mail server relay-2.mail.demon.net [194.217.242.9] accepts mail for our.com

Checking mail server (PRI=50) relay-1.mail.demon.net [xxx.xxx.xxx.xxx]
Mail server relay-1.mail.demon.net[xxx.xxx.xxx.xxx] answers on port 25
<<< 220 lon1-relay-1.mail.thus.net ESMTP Postfix
>>> HELO www.checkdns.net
<<< 250 lon1-relay-1.mail.thus.net
>>> MAIL FROM: <[email protected]>
<<< 250 2.1.0 Ok
>>> RCPT TO: <[email protected]>
<<< 250 2.1.5 Ok
>>> QUIT
Mail server relay-1.mail.demon.net [xxx.xxx.xxx.xxx] accepts mail for ourdomain.com
All MX are configured properly

I have edited out our company details and all IP's that are listed in that, but have left our ISP details in, cant be bothered with not mentioning who it is any more. If the problem is still with them or not.
 
Emails in are still ok, we hav not had a problem with email coming in and this has not changed with this switch

Just got back from a darts match at the pub so maybe not the best time to be logging onto our servers but....

The outbound mail queue is still large, it looks like a big chunck of this is postmaster replys to spam but a good amount of it is still mail waiting to go out,

I am not going to look into it any further tonight, will check again in the morning when back at work.
 
You must log in or register to reply here.
Back
Top Bottom