[Host Unreachable] Exchange 5.5 Internet mail service 5

[gp8]

Hi , 99% of mails leave the IMS OK but a few will just sit and when looking at the details it says [Host unreachable]. I have tried nslookup to the host and get a valid response, I have even managed to ping the host in some instances
I have tried different dns servers address's with no result.
I have set the dns cache on the exchange server to force a dns resolution every time it sends a mail.
Any Ideas anyone???

Ged

 

[Griffyn]

The remote host could just be down.... Remember that just by pinging a remote host doesn't guarantee you're actually pinging a mail server - Many organisations use NAT with port forwarding. Which means your ping will bounce back from the NAT router, while your Exchange box is communicating with a mail server beyond that router.

 

[msdIT]

Hi GP8
I have the same issue ie Host Unreachable. Can't figure it out as I have done all the same checks and all is well. I have even Telnet into the host without issue. Exchange 5.5 just won't send it anytime.

If you?or Anybody find out the answer please let me know. This has been an issue for me for a while. One Domain just happens to be my own. I can't send myself a message from that Exchange Server!

Regards
MD

 

[gp8]

Thanks for your responses. just to bring you up to date. The problem still persists. Things I have tried:

I edited the registry to force a new dns lookup for every domain ( the dafault is to cache a 1000 entries).

I have had my isp check out my reverse dns, its ok.

I have deleted the Internet Mail Connector and re-created it. This appears to have made things slightly worse as I can no longer send mail to my personal e-mail accounts.

I can still send mail in OK

My next step is to get someone at one of the affected domains to do an nslookup for my domain just to verify their dns is ok. (I'm sure it will be as they can actually send mail in to me).

Any more Ideas anyone????

 

[zbnet]

Your email connection might be being rejected by the other party if they are suspicious of you. Have you been listed on any realtime blackhole lists? There are a few sites that you can check your domain on, to see if you've been listed (sorry, don't have the details to hand at present, but try searching on Goof=gle - SamSpade is a good place to start).

 

[msdIT]

Hi ZBNET
Blacklist is not a problem for me as I can send from the same server if I bypass exchange. I setup Outlook Express to send directly through my ISP. Email sends without an issue. Exchange is setup to use the Servers DNS hence can't understand why it can't send.

One day somebody will come up the a Simple answer!
Thanks
MD

 

[jaymedacosta]

Hi gp8, I have the same problem (it started at 08/03/2004) as you on your exchange server, some e-mails cannot leave out exchange server because they give the error "Host Unreachable".

 

[kilfarsnar]

I have been having a similar issue for about six months now. I use a mail gateway for all mail except that going to our other site, which is in Munich, Germany. The connection between sites is a static FW to FW VPN. These emails are routed directly to the other site's exchange server, specified by IP address, and so do not go over the gateway. Only messages bound for the other site fail with the error "Host Unreachable" on an intermittent and seemingly random basis; I cannot see a pattern as far as message size, attachments, etc. Alot of the time the failed messages are actually system replication messages! Mail destined for the gatway always goes fine. The strangest part is that other mail will be delivered to the Munich site without a problem while one message sits in the Outbound queue, refusing to be sent and returning the error "Host Unreachable"!

So IP routing or DNS do not seem to be the issue. I should note that the Munich site has seen none of these problems. This looks like a software bug to me. When I drop one of the failed messages into the Pickup directory, it fails immediately and returns an error saying that there is either no From address (not true) or it is not a valid 822 message (822 being the RFC for SMTP). Could it be that the MTA is corrupting messages? Being at the end of my rope, and with my users wanting to hang me with the other end, I am preparing to rebuild my Server this weekend. I have already applied all patches, and recreated the IMC to no avail. Can anyone save me from spending Saturday in the office?

 

[msdIT]

Hi Kilfarsnar,
A reinstall won't assist if the issue relates to the OS or something else that is configured on the Server that Exchange has a problem with. I agreee that it may be the last bit of action to take but a time consuming one.
I think a call to Microsoft may be an alternate avenue. Might be worth having you company pay for this,although expensive. That way you can say that they can't resolve it either (maybe they can). Either way If you work it out with a support call or reinstall. Please let us know. It seems a lot of us are having this problem.
MD

 

[gp8]

Hi Kilfarsnar,
I agree that a rebuild is a last resort and avery drastic one at that. I would be very interested to hear the result should you go down that route.

cheers
GP8

 

[kilfarsnar]

Ok y'all, I rebuilt my mail server last weekend. New hardware and a fresh install of the OS and Exchange. Just the databases (pub, priv and DS) were copied from the old server. And it only took 11 hours! :-( And guess what? I have two PubIS messages that failed today. So don't rebuild, it won't work. All I have running on this machine is Trendmicro Scanmail (anti-virus) and a Vertias Backup Exec remote backup agent. Otherwise, it's just NT4 SP6a, with IE 6 and all patches. This configuration ran fine for years up until the end of last June. I was on vacation at the time and can't think of any precipitating event. I am the only IT person on site. So my next step is to call M$ and see if they can help. I just hope they don't tell me to upgrade, as NT4 is EOL. I'll keep y'all posted.

 

[tcswan]

Any more information re: this thread? We've been having the same problem for months now and like the rest, I've pretty much exhausted my ideas by going through the same processes.. ;(

 

[Fairbankstech]

We too are experiencing this problem... It started a few months ago, the only common thread I could find was that the messages had attachments over 30k. The funny thing is, I can send large plain text email to the same user/domain and it goes through... After banging my head against the wall for weeks it just disappeared. Unfortunately three weeks later it's back.

I've stopped the imc, cleared the outbound queue, checked our address with ordb.org, tried all of the tips regarding black hole routers, ran integrity checks on the db, and even deleted and recreated the imc.

Just out of curiosity how many of you are running Norton Anti-Virus for Exchange? EVault or Vertias Backup Exec?

 

[tcswan]

We're running Norton v2.14, and Veritas v.8.5, but Veritas is actually running on a different server and backing up the exchange server remotely so I can't see where that would effect it. Also, attachments are not a pattern with us. It makes no difference whether there's an attachment or not.

 

[kilfarsnar]

I am running Backup Exec 8.5 and Trendmicro Scanmail AV software. While it is true that Backup Exec runs on a different server, there is an agent installed on the Exchange server. This seems to be a common thread. Anyone else run Backup Exec? I plan to call M$ this week. I'll post my experience. Just fyi, I was wrong in an earlier post. NT4 is not EOL just yet.

 

[msdIT]

Hi Kilfarsnar
For the sake of Anythings possible, I did a test and disabled all the Veritas Backup Exec Services and also Nortons Virus protection Services. It made no difference. I still get a "host Unreachable" message.

One day somebody is going to come up with the silliest solution and we will all be kicking ourselves.
MSD

 

[Fairbankstech]

I'm by no means an Exchange Guru, and this isn't exactly scientific, but I thought I'd post it anyway, in case it helps anyone...

Yesterday I had to reboot our server because of the new NT patches. Before I rebooted I stopped the IMS and moved all of the IMC log files and route.txt file into another folder in hopes to find some clue as to what was going on. Upon reboot our outbound queue was empty and mail was flowing again. I talked to a few people who had stuck messages and nobody received an ndr because of my actions. I looked at the new logs and it appears that everything went through ok.

I remember moving the contents of /imcdata/log/shortly before our server "fixed itself" the last time (without the reboot.)

 

[tcswan]

No help there for me.. Tried doing the same but it didn't make a difference. Sent a test message to a couple of the domains we have problems with and it's still sitting in the queue with a [Host Unreachable] error.. ;(

Thanks for the info though.. Was definitely worth a try..

Tony

 

[msdIT]

Hi Fairbankstech.
Now that was interesting idea and I expect along the right lines.
I tried it myself but it didn't work for me. I still get Host unreachable.
It did prompt me to look at the logs and noticed the failure result which seems to be the failed Domain not accepting the "HELO" arguments. I wonder if this is the trouble. I'm no guru on this but I can telnet to m1.dnsix.com from the command prompt. I wonder if Exchange is sending the correct commands? OR If the recipients Domain has a problem with Exchange 5.5?

ERROR Message (Summary)
2/19/04 12:00:37 PM : <<< IO: |501 Syntactically invalid HELO argument(s)
2/19/04 12:00:37 PM : <<< 501 Syntactically invalid HELO argument(s)
2/19/04 12:00:37 PM : >>> QUIT
2/19/04 12:00:42 PM : <<< IO: |221 m1.dnsix.com closing connection
2/19/04 12:00:42 PM : <<< 221 m1.dnsix.com closing connection
2/19/04 12:00:42 PM : 499 Host unreachable:

Anyway unsure if this helps anybody coming up with a solution.

Keep the ideas coming.

 

[kilfarsnar]

Damn! This thread has really picked up! Rock on folks. I covered the log and route deletions with my rebuild a couple of weeks back, and I still get failures. But not as many as before the rebuild. (shrug) I agree with Notused. I think we are on the right track there. I have held off calling M$ at my IT Director's request. She has me checking user configurations, though I think this is a blind alley. By far most of my failures are replication messages, which leads me away from a user config problem. I have often wondered if this could be a problem on the receiving end. In my case the server that these deliveries fail to also runs Exchange 5.5. I will up my logging levels and wait for another failure. Hopefully we can all learn something from this. Just out of curiosity Notused, what are your logging levels set to?