none
Mail backlogged and queued from spam filter appliance to Exchange 2013 - throttling question

    Question

  • Hello,

    We have a spam filtering appliance in front of Exchange that is Internet facing, thus all mail to Exchange server is coming from this appliance's IP address.  I'm starting to see backlogged mail getting queued and users saying messages are coming in hours or days delayed.  I've already changed the values on the Default Front End receive connector:

    MaxInboundConnection 5000

    MaxInboundConnectionPerSource 100

    MaxInboundConnectionPercentagePerSource 100

    This seems logical as all mail will be coming from the same source IP.  However the problem is still occurring, am I missing another value to change?  Interestingly I have not seen any Error in event viewer indicating that connections have been exceeded.

    Any assistance is appreciated!

    -Brandy


    Tuesday, March 8, 2016 2:10 AM

Answers

All replies

  • Enable SMTP protocol logging on the receive connector used by the filtering appliance and look to see if tarpitting is being enforced.  If so, consider disabling it by setting the tarpit interval to 0.  You don't really need it if your SMTP is front-ended by an appliance.

    https://technet.microsoft.com/en-us/library/bb232205(v=exchg.150).aspx

    https://technet.microsoft.com/en-us/library/bb125140(v=exchg.160).aspx


    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
    Celebrating 20 years of providing Exchange peer support!

    • Marked as answer by syKosis Tuesday, March 8, 2016 8:46 PM
    Tuesday, March 8, 2016 4:50 AM
    Moderator
  • Hi Brandy,

    Welcome to Technet forum.

    Please post message trace log for the specific delay email message for our troubleshooting. In addition, please disable Windows firewall and A/V software on Exchange 2013 to check if the issue persist. 

    Because the email was queued from spam filter appliance, we suggest you contact the vendor of spam filtering appliance to get help. It is not Microsoft production and Microsoft is out of support.

    Best Regard,

    Jim Xu


    Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.

    Jim Xu
    TechNet Community Support

    Tuesday, March 8, 2016 7:18 AM
    Moderator
  • Looking at tarpitting was the right direction to go.  I should have added in my first post that these servers have  Windows firewalls OFF and no AV scanning software.  The spam filter takes care of the AV.  Unfortunately looking at the logs on the appliance just showed a connection time out on every retry, and success anywhere from 4-48 hours later.  No feedback from Exchange just confirmation that the problem was the downstream Exchange server.  Thanks for the help.
    Tuesday, March 8, 2016 8:49 PM
  • You're welcome.  Happy to have helped.

    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
    Celebrating 20 years of providing Exchange peer support!

    Wednesday, March 9, 2016 12:13 AM
    Moderator