Thursday, April 22, 2010

Exchange Queues filling up?

Recently, I've been deploying a new Exchange 2007 server at a client.  We were almost through the transition when outbound email started to back up.  The queues would just start filling up with outbound messages.  This led to the discovery of a couple of problems with this brand new set up.

First, my last post detailed an issue (at least I think its an issue) where Exchange 2007 won't use the FQDN set on your outbound send connector.  If you have the Hub Transport role installed on the same server as the Mailbox role (which I think is a fairly common AND supported configuration), Exchange instead uses the internal name of the server.

Here's where this can cause issues.  Since we were transitioning from Exchange 2003 to Exchange 2007, when we flipped the SMTP traffic over to Exchange 2007, we simply redirected the DNS records to the new server.  In this scenario, the client had two external DNS entries for their mail server.  First, they had a "webmail.domain.com" entry that was used for OWA and Outlook Anywhere.  Second they had a "mail.domain.com" entry used for SMTP traffic.  Both point to the same address and both were ultimately redirected to the shiny new Exchange 2007 server.

In Exchange 2003 this didn't cause any issues, because the outbound FQDN could be set to match "mail.domain.com".  Here's where the issue arises.  In this client's single server Exchange 2007 configuration, they have an external DNS entry that says "hey, I'm mail.domain.com", but if you peek at the message headers, they say something like "I'm servername.domain.com" since this the internal name of the server.

Big ISP's like AOL, Comcast, etc really like you to have a reverse DNS entry for your mail server.  And they prefer it to match.  This is a relatively minor problem and easy to fix.  Otherwise, you can have mail delivery issues.  Fun error messages like :
451 4.4.0 Primary Target IP responded with ...
"421 4.4.2 Connection dropped" or "421 4.2.1 Unable to connect" or "421 4.7.1..." 

You get the idea.

There's an easy solution.  Create an external DNS entry that matches whatever your server is putting in the headers.  In this case, servername.domain.com.  You also will need a reverse DNS entry that matches.  Get this through your ISP.

This was the first mail flow issue we discovered.  Stay tuned for part 2.
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)