Troubleshooting Inbound mail flow

Mail flow is mainly divided in to 3 types Internal, Inbound and Outbound. When there is a inbound mail flow issue, users usually complain that they haven’t got any new mail in their inbox for a while. When you analyse the issue closely you will find that the Outlook and OWA can connect without any issue. In some cases the Services on your SMTP or HUB transport server is running fine. It is quite possible that your SMTP service on Exchange 2003 or MSExchange Transport service on the Exchange 2007/20010 HUB transport server could be stopped, but in this case outbound mail flow will also be affected

I have listed down the number of reasons if you are not getting any inbound mail:

  • MX record for the affected domain no longer exists or is removed
  • Recipient policies not configured correctly
  • Default SMTP Virtual server or Receive connector settings and permission not configured correctly
  • Mail server is unreachable from the Internet
  • Exchange server ran out of space on your transport queue database drives

Let us discuss at each of these possible issues closely

Test mail flow

Before we start the investigation and look at each of the items, if possible, test the mail flow by using telnet and using
the EHLO commands to connect to the server from both external and internal servers. This will help you to narrow down where the issue is.

Steps to use Telnet to drop an email

1. Open a command prompt and type telnet FQDN 25, press ENTER.(Use internal FQDN if you are doing this from the Exchange server, and if you are doing it from externally use the MX records of your domain)

2.Type EHLO <your mail server domain>, and then press ENTER.

3.The server responds with SMTP Verbs, something like below.

250-mail.domain.com Hello [192.168.0.1] 250-SIZE 10485760
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-STARTTLS
250-AUTH
250-8BITMIME
250-BINARYMIME
250 CHUNKING

4. Now Type MAIL FROM:<sender@domain.com>, and hit ENTER. If the sender is not permitted or allowed to send mail, the SMTP server returns an error.

5. Type RCPT TO:<recipient@domain.com>,and hit ENTER.If the recipient is invalid or the server doesn’t accept mail for this domain, the SMTP server returns an error.

6. Now type DATA, and hit ENTER

7. Type message text, hit ENTER

8. Type a dot/period (.), and press ENTER again.

9. If mail flow is working properly, you should see a response similar to the following indicating that mail is queued for delivery and also see the email in the recipients mailbox:

250 2.6.0 <INET-IMC-01UWr81nn9000fbad8@mail1.domain.com.

What are MX records

It is necessary for a mail server to have a proper MX records created to receive emails from Internet, MX records are a part of the external DNS by which other mail servers knows what IP to deliver the mail for that particular domain.
You can query MX records for a domain by using nslookup from any computer connected to Internet.

Below are the steps to query MX record

  1. Open a command prompt
  2. Type the command: nslookup
  3. Now type: Set type=mx
  4. Enter Your domain name, e.g. systemadminthings.com
  5. Check If returns the correct IP address for your domain or not.

To know more about MX record please refer : http://en.wikipedia.org/wiki/MX_record

You can also use http://www.mxtoolbox.com to query MX Records for your domain

How to check the Recipient policies?

The recipient policies on exchange server is responsible for “stamping” correct SMTP (email) address on your users account. If the users are not “stamped” with the proper email address you will not receive any inbound email. Check if the correct recipient policy is configured using below steps.

In Exchange 2003:

  1. Open ESM (Exchange system manager)
  2. Expand Recipients, Recipient policies.
  3. Select the default policy and check that you have the correct domain(s) listed there
  4. Exchange 2007/2010:
  5. Using EMC (Exchange management console)
  6. Expand Organization Configuration
  7. Select Hub Transport, now select the Email Address Policies.
  8. Check if policies have correct domains listed, if not then correct it.

Note: Before a correct email address policy is created, you need to have correct domain listed under the Accepted Domains tab under Hub transport

SMTP Virtual server and Receive connector

Exchange needs a properly configured SMTP Virtual server/Receive connector to allow other mail servers to connect to your mail server to deliver the message.

In Exchange 2003:

  1. Open ESM (Exchange system manager)
  2. Expand Administrative groups, Expand the first administrative group, Expand Servers, Expand your server name, Expand Protocol, Expand SMTP, Go to properties of Default SMTP VS
  3. Check the properties of SMTP Virtual server and check it for accuracy. http://technet.microsoft.com/en-us/library/aa997301(v=exchg.65).aspx

For Exchange 2007/2010:

  1. Using EMC (Exchange management console).
  2. Expand Server Configuration and select Hub transport
  3. Select the HUB server and check it has receive connectors Default and Client
  4. Right click on Default receive connector and go to properties
  5. Check if “anonymous” entry is checked on security groups tab.
  6. On the network tab configure the correct IPs.
  7. Check for all the listed hub transport servers.

The mail server cannot be connected from the Internet

This might happens due to firewall rules and port forwarding misconfigured or ISP blocked the Port 25.

To verify this use telnet to connect to the MX record or external ip address on port 25

For example : telnet 169.0.1.1 25

You can also confirm if the exchange server is capable of listening on port 25 or not by doing telnet local IP 25, you have to do this on exchange server

Note: If Exchange response to your telnet session you might get result starting from 220, If not then you are not connected to an Exchange!

Mail Queue

Exchange server has different queues to store emails before it get submitted to other Exchange servers or it is delivered locally. The default location will be C: drive.

Mainly, the C: drive being system drive is hard to manage the drive space on it. If there is less than 3GB available and inbound mail flow is down, You can consider it to be backpressure condition. The backpressure was introduced in Exchange 2007 and Exchange 2010. But still in case of Exchange 2003 check for the drive space.

If you found that there is a backpressure, following events will be logged in Application Logs:

Event log entry for critically low available disk space
Event Type: Error
Event Source: MSExchangeTransport
Event Category: Resource Manager

 

Event ID: 15006
Description: The Microsoft Exchange Transport service is rejecting messages because available disk space is below the configured threshold. Administrative action may be required to free disk space for the service to continue operations.
Event log entry for critically low available memory

 

Event Type: Error
Event Source: MSExchangeTransport
Event Category: Resource Manager
Event ID: 15007
Description: The Microsoft Exchange Transport service is rejecting message submissions because the service continues to consume more memory than the configured threshold. This may require that this service be restarted to continue normal operation.

You can consider the following way to fix this:

  1. Free up your C drive, by deleting unwanted files and folders
  2. Change the location for transport queue from C drive to any other drive.

I would recommend you to move the queue from C drive to another drive, but still the C drive need to monitored for the drive space for your sever to work smooth.

To move the transport queues you should perform the following actions:

For Exchange 2003:

  1. Open (EMC)Exchange system manager
  2. Expand Administrative Groups, First Administrative Group, Select Servers, expand the server which is responsible to receive mails, Now expand protocols and expand SMTP.
  3. Right click the Default SMTP virtual server and click on stop.
  4. Now, go to properties of Default SMTP virtual server.
  5. Select messages tab and enter the new path for Badmail and Queue directories.
  6. No start the Default SMTP virtual server again.

For Exchange 2007/2010:

  1. Open the following file in a notepad format:
    C:\Program Files\Microsoft\Exchange Server\Bin\EdgeTransport.exe.config
  2. look for <appSettings>
  3. Change the <add key=”QueueDatabasePath” value=” “> /> to reflect the new path.
  4. Save and close
  5. Restart the transport service
  6. Verify the new mail.que and trn.chk files have been created at the new path
  7. Remove the mail and trn files at the old path.
  8. Check this Microsoft link for more detailed instruction

Well i tried my best to cover all the issues you can face with the inbound mail flow. Hope you enjoyed reading it

Posted in Exchange.

Leave a Reply

Your email address will not be published. Required fields are marked *

sixteen − 5 =