Slow smtp connector

[lkinninmont]

I have recently migrated our email from exchange 2000 on an old inadequate server to exchange 2003 on a new box. Currently, the exchange services are stopped on the old server and everything is running on the new server.
All firewall config has taken place and we are able to send/recieve emails internally and externally. However, I am finding email to external domains is extremely slow - hours, even days in some cases. Some mail gets out ok and some queues (one for ontario.ca in particular) just keep growing.
I am thinking this is a dns issue, but nothing I do seems to resolve it. I have, over the past few days, taken to stopping my symantec mail security for exchange services and restarting Exchange routing and SMTP service and this will sometimes force things through - but not always (50/50).
Also, Here's an idea of what I see in the logs:

17:59:43 209.226.175.111 HELO - 250
17:59:43 209.226.175.111 MAIL - 250
17:59:43 209.226.175.111 RCPT - 250
17:59:43 209.226.175.111 DATA - 250
17:59:43 209.226.175.111 QUIT - 240 (this looks normal)

18:00:12 78.46.32.104 - - 0
18:00:12 78.46.32.104 EHLO - 0
18:00:12 78.46.32.104 - - 0
18:00:12 78.46.32.104 MAIL - 0
18:00:12 78.46.32.104 - - 0
18:00:12 78.46.32.104 RCPT - 0
18:00:12 78.46.32.104 - - 0
18:00:12 78.46.32.104 RSET - 0
18:00:12 78.46.32.104 - - 0
18:00:12 78.46.32.104 QUIT - 0
18:00:12 78.46.32.104 - - 0

18:00:28 222.90.74.34 - - 0
18:00:28 222.90.74.34 EHLO - 0
18:00:28 222.90.74.34 - - 0
18:00:28 222.90.74.34 MAIL - 0
18:00:28 222.90.74.34 - - 0
18:00:28 222.90.74.34 QUIT - 0
18:00:29 222.90.74.34 - - 0
(These do not look normal)

I'd appreciate any ideas on this.
Thanks in advance

 

[Zelandakh]

Anything in the event log?

Is the DNS on that server set to look at itself, another DNS in the same LAN or your ISP?

 

[lkinninmont]

Only things in the event log (and there's on 3 of these)
Message delivery to the host '67.69.240.20' failed while delivering to the remote domain 'sympatico.ca' for the following reason: The remote server did not respond to a connection attempt.

Nothing in DNS events
I have DNS on exchange server and it replicates with the main DNS server internally. When I came into this environment, I found DNS servers set up on 5 machines. I have 2 of these servers listed as DNS servers in exchange.

 

[Zelandakh]

If you ping a domain listed in the SMTP connector, what is the response time?

 

[58sniper]

This may be a crap shoot, but are you using a Cisco PIX firewall with fixup enabled on port 25? Or maybe a Cisco ASA with SMTP inspection enabled on 25?

If either is true, you need to turn that "feature" off for a variety of reasons.

If you telnet via port 25 to one of those remote servers from a command prompt on your server, can you establish a connection?

Pat Richard MVP
Plan for performance, and capacity takes care of itself. Plan for capacity, and suffer poor performance.

http://www.ucblogs.net/blogs/exchange/

 

[lkinninmont]

Thanks for everyone's responses. I found the issue was with the firewall as 58sniper suggested.