locked
Exchange Mail transmission error: 421 Service not available,closing transmission channel RRS feed

  • Question

  • Hi,

    We are running Exchange 2007 SP3

    We have 2 MX records for our organisation, hosted with our ISP e.g.

    MX 10  mail.company.com.au

    MX 20  mail.isp.net

    Primary mail comes directly into our Exchange (through a Trend Smarthost).

    Secondary mail is forwarded from our ISP mail server.

    We installed updates on our Exchange 2007 server last month on 01/03/12

    Since this date, we have been unable to receive mail from mail.isp.net, with the following error logged on the ISP mail server:

    “delivery temporarily suspended: host mail.company.com.au [IP address] refused to talk to me: 421 Service not available,closing transmission channel”

    We have an example of an NDR  being returned several days later to sender:

    Subject: Undelivered Mail Returned to Sender

    This is the Postfix program at host mail.isp.net.

    I'm sorry to have to inform you that your message could not be

    be delivered to one or more recipients. It's attached below.

    For further assistance, please send mail to <postmaster>

    If you do so, please include this problem report. You can

    delete your own text from the attached returned message.

                           The Postfix program

    <mailbox@company.com.au>: delivery temporarily suspended: host

        mail. company.com.au [IP address] refused to talk to me: 421 Service

        not available, closing transmission channel

    The following updates were installed on 01/03/12:

    Installed Updates (listed in Windows Update History)

    Update for Microsoft Outlook 2010 (KB2553323) 64-Bit Edition

    Update for Microsoft Office 2010 (KB2566458), 64-Bit Edition

    Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition

    Update for Microsoft Office 2010 (KB2494150), 64-Bit Edition

    Update for Microsoft Office 2010 (KB2202188), 64-Bit Edition

    Update for Microsoft Office 2010 (KB2553385) 64-Bit Edition

    Update for Microsoft Office 2010 (KB2553385) 64-Bit Edition

    Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition

    Security Update for Microsoft Office 2010 (KB2589320) 64-Bit Edition

    Security Update for Microsoft Office 2010 (KB2553091), 64-Bit Edition

    Update for Microsoft Office 2010 (KB2597091) 64-Bit Edition

    Security Update for Microsoft SharePoint Workspace 2010 (KB2566445), 64-Bit Edition

    Security Update for Microsoft Word 2010 (KB2345000), 64-Bit Edition

    Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition

    Update for Microsoft Office 2010 (KB2523113), 64-Bit Edition

    Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition

    Update for Microsoft Office 2010 (KB2553270) 64-Bit Edition

    Update Rollup 6 for Exchange Server 2007 Service Pack 3 (KB2608656)

    Security Update for Microsoft Office 2010 (KB2289078), 64-Bit Edition

    Security Update for Microsoft Office 2010 (KB2584066), 64-Bit Edition

    Update for Outlook Social Connector 2010 (KB2583935), 64-bit Edition

    Update for Windows Server 2008 x64 Edition (KB2522422)

    Cumulative Security Update for Internet Explorer 9 for Windows Server 2008 x64 Edition (KB2530548)

    Windows Internet Explorer 9 for Windows Server 2008 for x64-based systems

    Update for Windows Server 2008 x64 Edition (KB980248)

    Update for Windows Server 2008 x64 Edition (KB2533623)

    Update for Internet Explorer 8 Compatibility View List for Windows Server 2008 x64 Edition (KB2598845)

    Update for Windows Server 2008 x64 Edition (KB2492386)

    Update for Windows Server 2008 x64 Edition (KB975929)

    Update for Windows Server 2008 x64 Edition (KB2563227)

    Update for Windows Server 2008 x64 Edition (KB976470)

    Platform Update for Windows Server 2008 x64-Edition (KB971644)

    Update for Windows Server 2008 x64 Edition (KB2632503)

    Update for Windows Server 2008 x64 Edition (KB2545698)

    Platform Update Supplement for Windows Server 2008 x64 Edition (KB2117917)

    Update for Rights Management Services Client for Windows Server 2008 x64 Edition (KB979099)

    Update for Windows Server 2008 x64 Edition (KB2505189)

    Security Update for Windows Server 2008 x64 Edition (KB2585542)

    Security Update for Windows Server 2008 x64 Edition (KB2654428)

    Security Update for Windows Server 2008 x64 Edition (KB2598479)

    Update for Microsoft XML Core Services 4.0 Service Pack 2 for x64-based Systems (KB973688)

    Update for Windows Server 2008 x64 Edition (KB2633952)

    Security Update for Microsoft .NET Framework 3.5 SP1 on Windows XP, Server 2003, Vista and Server 2008 for x64 (KB2657424)

    Cumulative Security Update for Internet Explorer 8 for Windows Server 2008 x64 Edition (KB2647516)

    Update to .NET Framework 3.5 Service Pack 1 for the .NET Framework Assistant 1.0 x64 (KB963707)

    Security Update for Windows Server 2008 x64 Edition (KB2645640)

    Security Update for Windows Server 2008 x64 Edition (KB2643719)

    Security Update for Windows Server 2008 x64 Edition (KB2660465)

    Microsoft .NET Framework 3.5 Family Update (KB959209) x64

    Security Update for Microsoft .NET Framework 2.0 SP2 on Windows Vista SP2 and Windows Server 2008 SP2 for x64 (KB2633874)

    Also listed in Installed Updates (Control Panel)

    [01]: KB971513 Windows Automation API

    [02]: KB971512 Update for Windows Vista

    [05]: KB960362 Update for Windows Vista

    [113]: KB975467 Security update

    [115]: KB975929 Meiryo UI font?

    [130]: KB980248 Font Update?

    Windows Internet Explorer 9 for Windows Server 2008 for x64-based systems (FAILED)

    Updates were performed from 3<sup>rd</sup> Party Update server (GFI Languard), and stopped / failed with Update Rollup 5 for Exchange Server 2007 Service Pack 3 (KB2602324).

    Hotfix for Microsoft .NET Framework 3.5 SP1 KB958484 was also suspended and then removed.

    After the failure of Update Rollup 5 for Exchange Server 2007 Service Pack 3 (KB2602324, mail flow to Exchange stopped with the following Event 10001 showing in application logs:

    Poison Count is 2 for the message with RecordID xx. The message has reached or exceeded the configured poison threshold of 2. After the Microsoft Exchange Transport service restarted, the message was moved to the poison message queue.

    Update Rollup 6 for Exchange Server 2007 Service Pack 3 (KB2608656) was subsequently installed locally on the Exchange server, and mail transmission resumed .

    We have been unable to receive mail from mail.isp.net since 01/03/12.

    We have upgraded our smarthost (Trend IMSVA) to latest version with no change to the status of this error.

    We also run Trend Scanmail for Exchange, and Trend Micro OfficeScan running locally on the server.

    We have explored DNS as a possible issue, and cannot see anything wrong with DNS settings.

    Thursday, April 26, 2012 9:01 AM

Answers

  • On Fri, 27 Apr 2012 04:19:08 +0000, jpsrstodoulevi wrote:
     
    >
    >
    >Hi Rich,
    >
    >Thanks for your reply.
    >
    >We have default connectors which are unchanged.
    >
    >We also have another receive connector enabled (Name: xxxx anonymous relay - see pic), set to receive mail on local IP of our exchange server 10.x.x.x, and to receive mail from remote servers specified for application servers within our network that relay mail (i.e. also 10.x.x.x.). Our ISP's mail server (that's having the problems connecting to our mail sever) has never been a part of this list of servers on this connector (as its a public IP address 203.x.x.x).
    >
    >There have been no other changes to remote ranges of any of the connectors
    >
    >I haven't found any 421 errors in SMTP logs.
     
    Then it isn't Exchange that's sending the 421 status code. You'll have
    to look elsewhere for the problem. Do you have anything between your
    Exchange server and the ISP that acts as a SMTP proxy or relay?
     
    ---
    Rich Matheisen
    MCSE+I, Exchange MVP
     

    --- Rich Matheisen MCSE+I, Exchange MVP
    Friday, April 27, 2012 9:57 PM

All replies

  • I have Checked mx record of mail.isp.net on mxtoolbox.com type it is showing CNAME not MX.

    Tried to telnet mail.isp.net it is not showing any banner suggest to you check mx record setting of mail.isp.net with your ISP

    Check with your ISP wether they can able to telnet port 25 or 587 to your exchange server as you mentioned mail is forwarded from our ISP mail server.

    Try to disable antivirus services

    Checked default receive connector setting on exchange server

    Girishp

    Thursday, April 26, 2012 10:23 AM
  • On Thu, 26 Apr 2012 09:01:07 +0000, jpsrstodoulevi wrote:
     
    >
    >
    >Hi,
    >
    >We are running Exchange 2007 SP3
    >
    >We have 2 MX records for our organisation, hosted with our ISP e.g.
    >
    >MX 10 mail.company.com.au
    >
    >MX 20 mail.isp.net
    >
    >Primary mail comes directly into our Exchange (through a Trend Smarthost).
    >
    >Secondary mail is forwarded from our ISP mail server.
    >
    >We installed updates on our Exchange 2007 server last month on 01/03/12
    >
    >Since this date, we have been unable to receive mail from mail.isp.net, with the following error logged on the ISP mail server:
    >
    >
    >
    >“delivery temporarily suspended: host mail.company.com.au [IP address] refused to talk to me: 421 Service not available,closing transmission channel”
     
    Do you see that 421 status in your SMTP protocol log? That's usually
    what the Receive Connector sends when the IP address isn't allowed to
    use the connector. Maybe the IP remote ranges has been modified on one
    (or both) of the Receive Connectors? Installing updates won't change
    those lists.
     
    [ snip ]
     
    >We have been unable to receive mail from mail.isp.net since 01/03/12.
    >
    >We have upgraded our smarthost (Trend IMSVA) to latest version with no change to the status of this error.
    >
    >We also run Trend Scanmail for Exchange, and Trend Micro OfficeScan running locally on the server.
    >
    >We have explored DNS as a possible issue, and cannot see anything wrong with DNS settings.
     
    ---
    Rich Matheisen
    MCSE+I, Exchange MVP
     

    --- Rich Matheisen MCSE+I, Exchange MVP
    Thursday, April 26, 2012 9:38 PM
  • Thanks Girishp,

    Apologies for confusion but mail.company.com.au, and mail.isp.net are pseudonyms.

    Regards, John.

    Friday, April 27, 2012 3:43 AM
  • Hi Rich,

    Thanks for your reply.

    We have default connectors which are unchanged.

    We also have another receive connector enabled (Name: xxxx anonymous relay - see pic), set to receive mail on local IP of our exchange server 10.x.x.x, and to receive mail from remote servers specified for application servers within our network that relay mail (i.e. also 10.x.x.x.).
    Our ISP's mail server (that's having the problems connecting to our mail sever) has never been a part of this list of servers on this connector (as its a public IP address 203.x.x.x).

    There have been no other changes to  remote ranges of any of the connectors

    I haven't found any 421 errors in SMTP logs.

    Regards, John.

    Friday, April 27, 2012 4:19 AM
  •  

    As I mentioned in my earlier update Check with your ISP whether they can able to telnet port 25 or 587 to your exchange server as you mentioned mail is forwarded from our ISP mail server.

    Send mail to yahoo and check full headers of the mail in yahoo. Check routing path from which ip you are receiving the mail. It should be your ISP mail server ip.

    Refer below link for How to view email headers in Yahoo

    http://www.johnru.com/active-whois/headers-yahoo-gmail-hotmail-aol.html

    Girishp

    Friday, April 27, 2012 9:09 AM
  • On Fri, 27 Apr 2012 04:19:08 +0000, jpsrstodoulevi wrote:
     
    >
    >
    >Hi Rich,
    >
    >Thanks for your reply.
    >
    >We have default connectors which are unchanged.
    >
    >We also have another receive connector enabled (Name: xxxx anonymous relay - see pic), set to receive mail on local IP of our exchange server 10.x.x.x, and to receive mail from remote servers specified for application servers within our network that relay mail (i.e. also 10.x.x.x.). Our ISP's mail server (that's having the problems connecting to our mail sever) has never been a part of this list of servers on this connector (as its a public IP address 203.x.x.x).
    >
    >There have been no other changes to remote ranges of any of the connectors
    >
    >I haven't found any 421 errors in SMTP logs.
     
    Then it isn't Exchange that's sending the 421 status code. You'll have
    to look elsewhere for the problem. Do you have anything between your
    Exchange server and the ISP that acts as a SMTP proxy or relay?
     
    ---
    Rich Matheisen
    MCSE+I, Exchange MVP
     

    --- Rich Matheisen MCSE+I, Exchange MVP
    Friday, April 27, 2012 9:57 PM
  • Hi Rich,

    Thanks for you reply.

    This has now been resolved.

    As suggested, the smart host had managed to acquire the isp mail server IP in its blocked list, now removed.

    Thnks for your help.

    Regards,

    John.

    Monday, April 30, 2012 1:19 AM