Exchange 2003 outbound email issue

By Jalal Khan On September 24, 2008 · Filed Under Exchange 2003, Microsoft

Yesterday it was a good happy day off for me until I received a call from my helpdesk that exchange outbound email is not working. Well it is known issue to my team since our last troubleshooting session with Microsoft consultant. However this post could help for exchange admins out there troubleshooting the same issue.

Let us now discuss the issue, its workaround, & the permanent solution.

Issue

Outbound email does not work with the following conditions true

You cannot send emails outside the organization.
You have an exchange frontend backend scenario.
You are using PPTP connection between the frontend and the backend exchange server.
You cannot ping your domain controller from the exchange frontend server.
‘Message with unreachable destination queue’ keeps increasing.

Workaround

You need to follow the below steps as a workaround:

Logon to frontend exchange server with local administrator which is located in DMZ
Disconnect the secondary PPTP connection
Ping domain controller (for single backend scenario, skip this step)
Enable the PPTP connection again
Logoff
Logon with exchange admin account and restart the exchange services
Restart the SMTP service
Go back to the queues and ‘force connection’ for clearing the queue.

Well, this should fix the issue however I encountered further issue when I restarted the frontend exchange server, DO NOT RESTART if you are facing the PPTP error as the PPTP error will reoccur and if it does you need to follow the above procedure again. For me, the issue was with the ANTI SPAM device called IRON MAIL which has an SMTP connection to the frontend exchange server, restarting “all services” option in iron mail resolved the issue completely.

Backend>frontend>iron mail>internet, this is how the outbound email travels.

More information

This issue is related to the PPTP connection between the backend exchange server and the front end exchange server which actually drops even if the status is shown as up in the routing and remote access MMC.

This is usual scenario with the front end server located in the DMZ, as per my discussion with a Microsoft exchange consultant it is recommended to have the front end inside the LAN and ISA or another proxy or publishing OWA. This is the best fit scenario if you dont want to open multiple port on the firewall

We are planning to redesign soon however exchange admins started designing exchange remember frontend exchange server in the LAN and ISA or other proxy to be used to publish OWA.