none
Outbound Smarthost Connection Limits

    Question

  • Hello,

    I am seeing an issue where our primary SMTP internet send connector is routing through a smarthost (actually 8 in the list; sub1.domain.com, sub2.domain.com...sub8.domain.com) and we are getting outbound mail that queues up very high within this queue in Exchange.

    From what I can tell, Exchange never seems to attempt to open more than 2-3 connections for emails ready in this queue at a time.  I have checked the max outbound connections and max outbound connection per domain.  These were 1000 and 20 respectively and I have tried setting them to unlimited.

    The issue seems to be that when these messages go through the smarthost, the smarthost holds the connection until it either fails or delivers the message.  So with a mistyped domain in an email for example, the connection breaks after 60 seconds with a temporary 4.2.1 failure.  It then goes through the process of later retrying.  All the while, more mail stacks up, and so on.  Eventually we get to a point where regular mail is taking 10-15 minutes to deliver outbound.

    If I change to deliver mail directly using MX records, all of the mail jumps out of the queue in no time, which makes sense, as each outbound domain gets its own queue essentially and the failures just stack up on themselves rather than in a single queue.

    What I am wondering, is why can't I get Exchange to open 50 connections to the smarthosts at a time?  Or what would be causing it to only ever try 2-3 at most at a time?  I have tweaked some of the settings like the timeouts of the messages, increasing the retry intervals, changing the Queue Glitch values, etc.

    Anyone else experienced this or have recommendations on how to use outbound smarthosts but not have poorly spelled domains stacking up the queue and slowing down regular delivery?

    Thanks in advance!

    Monday, March 20, 2017 6:27 PM

All replies

  • Hello,

    I am seeing an issue where our primary SMTP internet send connector is routing through a smarthost (actually 8 in the list; sub1.domain.com, sub2.domain.com...sub8.domain.com) and we are getting outbound mail that queues up very high within this queue in Exchange.

    From what I can tell, Exchange never seems to attempt to open more than 2-3 connections for emails ready in this queue at a time.  I have checked the max outbound connections and max outbound connection per domain.  These were 1000 and 20 respectively and I have tried setting them to unlimited.

    The issue seems to be that when these messages go through the smarthost, the smarthost holds the connection until it either fails or delivers the message.  So with a mistyped domain in an email for example, the connection breaks after 60 seconds with a temporary 4.2.1 failure.  It then goes through the process of later retrying.  All the while, more mail stacks up, and so on.  Eventually we get to a point where regular mail is taking 10-15 minutes to deliver outbound.

    If I change to deliver mail directly using MX records, all of the mail jumps out of the queue in no time, which makes sense, as each outbound domain gets its own queue essentially and the failures just stack up on themselves rather than in a single queue.

    What I am wondering, is why can't I get Exchange to open 50 connections to the smarthosts at a time?  Or what would be causing it to only ever try 2-3 at most at a time?  I have tweaked some of the settings like the timeouts of the messages, increasing the retry intervals, changing the Queue Glitch values, etc.

    Anyone else experienced this or have recommendations on how to use outbound smarthosts but not have poorly spelled domains stacking up the queue and slowing down regular delivery?

    Thanks in advance!


    I would look at what the smarthost allows for connections.

    Exchange 2007 reaches end of life on April 11th. What’s your plan to move?

    Monday, March 20, 2017 6:34 PM
    Moderator
  • Hi Andy,

    We are using Barracuda Email Security Service, and their support confirmed they support up to 3000 connections per smarthost.  So we should be able to connect much faster than what exchange is connecting at.  But not sure how to debug or further prove that out.

    I have been able to do SMTP logging and can see the connection timeouts when connected but not the attempts to connect to the smarthosts at a higher rate than what we see in the active queue.

    Tuesday, March 21, 2017 12:32 AM
  • Hi Andy,

    We are using Barracuda Email Security Service, and their support confirmed they support up to 3000 connections per smarthost.  So we should be able to connect much faster than what exchange is connecting at.  But not sure how to debug or further prove that out.

    I have been able to do SMTP logging and can see the connection timeouts when connected but not the attempts to connect to the smarthosts at a higher rate than what we see in the active queue.

    How many send connectors in your exchange server? Or you have eight smarthost IP addresses in one send connector?

    Well, I suggest to create eight send connector for those eight smarthost IP addresses for a test.

    By the way, would you mind to post the SMTP log when connection timeouts? I would like to see what is trying to connect.


    Best Regards,

    Lynn-Li
    TechNet Community Support


    Please remember to mark the replies as answers.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    • Proposed as answer by Lynn-LiModerator Friday, April 07, 2017 1:52 AM
    • Unproposed as answer by ml_josha Friday, April 07, 2017 1:58 AM
    Monday, April 03, 2017 2:20 AM
    Moderator
  • We have one send connector and we have all 8 smarthost DNS names in that send connector.

    I did try adding multiple send connectors, however when I did that, only one smarthost was ever used, it never seemed to distribute across the other, but only used the first in the list.

    When we see the timeout it is typically between the submitting of the mail data and the responding of mail accepted.  It makes me think potentially the smart host is being slow.  But with eight outbound connectors, I feel like we should still be having more connections at a time.  Not sure how to distribute them across more queues...

    Friday, April 07, 2017 1:58 AM
  • We are having the exact same issue with Exchange 2010 and the Barracuda smart host. We have made the same Exchange modifications as well. None of the modifications seem to have worked. We were using smart hosts from McAfee and Trend Micro before Barracuda and did not have this issue.

    Barracuda has made a change to the rate control for our domain to 500/user/30mins from 150/user/30mins. I will write back if this resolves our issue.

    ml_josha, Have you been able to resolve this issue?

    Thank you

    Thursday, January 25, 2018 2:24 PM
  • Unfortunately, Exchange will only use one Send Connector that matches the given SMTP address space(s).

    If your Send Connector has the address space of "*", which is common for most Send Connectors that handle external email, then even if you had 8 Send Connectors, Exchange will only use the first matching Send Connector.

    If you have multiple smart host IPs, they should be all defined within the same Send Connector that most closely matches the address space. In the case where the address space is just "*", all associated smart host IPs should be listed on the Send Connector.

    Thursday, January 25, 2018 3:41 PM
  • I am having the EXACT same issue with Barracuda.  Did you ever find a solution?

    Larry D.

    Thursday, February 01, 2018 4:07 AM
  • I never did find a solution.  We upgraded to Exchange 2016 and still saw the same issue, so I still believe this is something more on the Barracuda side.

    We ended up moving to Cisco's Cloud Email Security service and do not have the same issue.  Again, another indicator something is going on with Barracuda...

    Thursday, February 01, 2018 5:05 AM