Exchange server sends mail fine right after a reboot

[NetworkDOC]

Once I reboot the exchange server mail flows great. After a while though (a few days sometimes) it stops. I rebot and all mail flows fine. It only hangs on a few domains too.

I did the correction to fix the EDNS 0 issue. That allowed mail to flow out to hotmail/yahoo users fine. This is a hmmmmmmmmm Problem...

Any thoughts?

 

[NetworkDOC]

Well... I thought about the solution you mentioned. So... I says to myself, self... What ya think. Self then says, you really have nothing to lose... I then thought. Hmmm I have a second onboard nic I can use. Did that. Same results. I guess that would quantify as trying a second nic. These servers are about 2.5 months old. The problem has been going on since the beginning.

 

[Chambers]

Is your server getting hit with alot of people trying to relay or SPAM? if so try setting up DNS blacklists so the server won't even accept connection from known spammer domains. Give that a shot. Maybe your server is just getting slammed too hard?? If you need help setting them up let me know.

 

[xmsre]

What make/model is the server? What type of NIC is it? Last year, Dell and other had all sorts of driver issues with the Broadcom cards. Your problem sounds strangely familiar.

 

[NetworkGuy101]

Have you tried going wide open on your mail server? Allowing IP any? It may not be best practice but it will definitly rule out the firewall. As far as the NIC is concerned. Are you sending mail internally fine? If so, I doubt the NIC would be an issue.

 

[sab4you]

I am with Chambers, first thing I thought about was SPAM and its overwhelming your system.

SPAM can be external relaying or relay attempts or even from an internal compromised system.

 

[de1458]

We had the same problem over a year ago, you might have to look closely the IDENT and fixup on your pix,
another thing, what is the outgoing mail size you allowed and what is your upload bandwidth. if there are large email waiting in the queue, use the system manager to pause some big email, especially those waiting for resend, and see if the small guy can zip through, as you might already know, smtp is not a very nice protocol even your server capble of handling 1k sessions at once, when the big guy in the way, nobody can send.

 

[de1458]

just browsing the forum and somebody, sorry forgot your name but thanks for sharing, mentioned this link.

http://www.mxtoolbox.com

it can check if it is an open relay, of course if you don't want telneting and don't have scripts on hand.

 

[NetworkGuy101]

The easy way to check on spam is to look at your queue. How many messages are there at one time? Like my previous posts and along with de1458, I have also experienced similar issues with the Pix. Is there a VPN in the mix here?

 

[NetworkDOC]

Good answers folks... BUT... No cigar.

Remember all works great for a little while after I reboot the server.

The messages getting stuck are really small. Nothing usually coming or going is usually over 2-3 meg any way but the messages I would check on were all small.

The PIX had the no fixup DNS been done as well as the no fixup SMTP(see above in list of fixes) . These have not resolved it (they were done early on in the post).

I tried the second onboard nic recently (within the last 10 days) same results.

There is virtually no mail in the queues when it stops sending to specific domains. Other than those specific domains. It appears there are so far about 3-4 domains that if left alone (meaning I don't reboot the server within a day or so) will hang up. Reboot the server and everything in the queues sends right out fine. The domains it hangs up on are consistent though....

So far the only thing I can do to keep this consistently working is reboot the server each day. I automated this. I will stop it (the reboot process) all along to try something else.

Once I reboot the server usually it takes over 24 hrs to start hanging up. Some times as much as 48 hrs can go by without issues.

It is just plain ODD..... I have put a lot of Exchange servers in place over the years and never seen this.... I am thinking I will try researching the hotfixes more/again/now.... I think it's a bug....

 

[SR7758]

If you are using Exchange 2003 Standard, there is a limit of 16GB for combined Private and Public Information store. Make sure your DB files are not over this limit. if they are, you'll need to move to Exchange 2003 Enterprise.
I believe if this is the case, the DB should just not spin up to begin with, but I'm not exactly sure off hand, so I would check since it's just a few seconds out of the day.

S.R.

 

[PScottC]

You may want to consider putting up an outbound mail relay. All you need is a simple workstation running Windows 2000 / 2003 server and IIS SMTP services. Have all of your outbound mail bounce off that box and see if mail still hangs up in your Exchange server. This allows you to more closely analyze the SMTP logs, and optionally you can set up the relay box to use an external DNS to find if you are having other DNS issues.

I recently had an issue with Windows 2003 DNS where it would not cache CNAME records correctly and I could not resolve McAfee's FTP site. There is a fix from microsoft, but you have to call support to get it. The fix is supposed to be released with SP-1. KB873430

PSC

 

[NetworkGuy101]

Have you tried just restarting Exchange Services instead of reboot? I wonder if we could get this narrowed down to a service. Or instead of rebooting, try to do a IPconfig /flushdns from a comman prompt. Youve got me hooked on your problem again until another one of mine comes along.

 

[de1458]

ironically, just a day after I posted a possible solution, we have the same problem on our smtp relay svr. mail got stuck and restarting related services won't work, then reboot kind of work in the first 5 minutes or so.
I mentioned this because we were under dos attack after checking the firewall log, I called those guys, a well known service vendor, to investage their servers, but then 2 days already, those IPs just keep attacking us.
possible forged IP? I am not aware of the widely use of this technique.
so check you service pack and patch level and firewall log besides DNS, the answer might just there.

 

[NetworkDOC]

The information store is about 1/2 a gig public store hasn't been used at all yet.

I have just stopped the mail services, just the smtp service, IIS service just to see if this resolved it. It didn't. The mail would just queue up until I rebooted it.

I cannot say I tried toe IPCONFIG /flushdns to see if that was the problem. I will try that. I suspect it is something in DNS that is acting up. Just can't put my finger on it.

Right now I don't have DNS server running on this box. I have thought about sticking that on there to see if this may fix the problem.

I have cruised the logs and don;t see anything odd. The firewall (pix) is at the latest rev.

I may consider using one of the other servers as the smtp relay, not a bad idea to see if it is related. I think I will add DNS server first and see if this fixes it.

Still open to ideas though....

 

[NetworkGuy101]

Who are you using as a DNS Server? Another local server? or an ISPs Server?

 

[NetworkGal]

I feel your pain NetworkDoc! I've just rebooted my server this morning after many unsuccessful attempts to troubleshoot. Like you, I am also behind a PIX but never thought about that being a problem. I will look into that, but if you come up with any ideas, please let me know. I'm also running GFI mail essentials and McAfee Groupshield.

 

[tedgoat]

I am experiencing the same issue. Some domains will not flow. I am behind a watchguard firebox, not a pix...

 

[mariov]

Guys,

I am having exactly the same issue that it is getting very annoying. I have just posted a topic as well without reading this one first.

All servers are 2k3 standard.

All Exchange are 2k3 Sp1 enterprise

Separate SMTP servers .

Both Servers need a reboot once a week as they crash . I have restarted IIS and i had no luck .

The event log in full of 4000 4006 4007 errors.

The SMTP servers are DNS servers are well (NOT AD) and Exchange virtual SMTP servers are pointing to a external DNS server.

Exchange server themselfes are pointing to a internal DNS server.

I am really getting sick of this as it is really hard to monitor it as well.

MS hasnt been any help at all as i have read all topics. There was an issue with 2000 and you had to remove the DNS entries on the Exchange virtual SMTP server.

As well we are behind a pix firewall as well.

Either CIsco or MS have to get this right as there are a lot of ppl out there effected by it.

Regards,

Mario

 

[mariov]

And it cannot be a PIX issue as if we reboot the server that fixes the problem.

I am sure it is a MS issue but i do not know the solution

Regards,

Mario

 

[mstarrett]

We had the same issue and it was GFI passing out a bad update. Four days and many reboots mail is flowing and the mailessentials is finally working. All of the issues you discribed we had. One of the filters was not working. Check the GFI site board for the complicated fix.

Mike