Troubleshooting Delayed Mailflow from relay server to E2K7 Hub Transport

Recently I've had a problem with my E2K7 environment which is still in the migration phase. We are Migrating from a separate E2K3 Organization ( InterOrg Migration) Using Quest Tool.

We have so far migrated about 10% users to the new E2K7, emails for these migrated users are still routed form the old E2K3 environment ( we have a SMTP connector created which forwards emails from these relay servers to our Hub transport servers for these 10% Users)

We noticed that these 10% users will get all the emails delayed, the SMTP queue on the E2K3 relay servers were in retry state. These emails will be delivered eventually but will be extremely late.

We did have some interesting findings & I enjoyed my day troubleshooting this, thought you would also enjoy knowing how...here's the brief summary of the issue for those reading minds








CAUSE:

The SMTP command EXCH50 is advertised from the Exchange 2007 organization which cause the Exchange 2003 to try to authenticate to the Exchange 2007 Hub Transport server. However this fails with 504 5.7.1 Not authorized SMTP" but the message are delivered. If the Exchange 2007 receives 5 of those errors in the same connection it will close the connection and send the following respond with 421 4.7.0 Too many errors on this connection, closing transmission channel .This will cause the queue to go in retry.

Troubleshooting Performed:

We collected the Netmon capture from the OMG Relay Server & a sample TCP Stream showed following

 220 Server.Domain.COM Microsoft ESMTP MAIL Service ready at Fri, 30 Jan 2009 11:08:29 -0500
EHLO elay2.Domain2.com
250-Server.domain.com Hello [X.X.X.X]
250-SIZE
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-STARTTLS
250-X-ANONYMOUSTLS
250-AUTH NTLM
250-X-EXPS GSSAPI NTLM
250-8BITMIME
250-BINARYMIME
250-CHUNKING
50-XEXCH50
250 XRDST
MAIL FROM:johndoe@abc.com AUTH=<>
250 2.1.0 Sender OK
RCPT TO:sandeep.narkhede@domain.com
250 2.1.5 Recipient OK
XEXCH50 1020 2
504 5.7.1 Not authorized

 As shown above when the Hub transport Server advertises XEXCH50 verb, we send a “5.7.1 Not Authorized” response. Also we noticed that we have corresponding 4.7.0 errors displayed on the Relay Servers.

Resolution:

We created a new Receive Connector with following settings

1.       New Dedicated Receive connector on Hub Transport, which allows only to receive emails from Relay Servers

2.       Ensured that following settings ( Minimum) are in place on this connector.

·         Check Box for “Anonymous Authentication” is checked.

·         Check Box for “Exchange Server Authentication” is unchecked.



Posted by Sandeep Narkhede at Tuesday, February 10. 2009
Categories: uncategorized

Previous Post
Next Post

 

What did you think of this article?




Trackbacks
Trackback specific URL for this post
  • Trackbacks are closed for this post.
Comments
Display comments as (Linear | Threaded)

  • Thursday, September 29. 2011 Exchange Help wrote:
    This is a great post. Help us through a very large problem with our exchange environment. This may be two years later but this is still very relevant as this problem is still seen in an environment that has Exchange 2003 forwarding to Exchange 2010 via SMTP connector.

    Specifically, some symptoms you may see are messages backing up in the QMM Redirector queue and then flapping between retry and active mode. Then you will also see the QMM Redirector queue disappear and all of the messages from it will be in the Unreachable Destination queue.

    Thanks Sandeep!
    Reply to this
Leave a comment

Submitted comments are subject to moderation before being displayed.

 Name (required)

 Email (will not be published) (required)

Your comment is 0 characters limited to 3000 characters.