Exchange 2013: inboundproxy@inboundproxy.com, HealthMailbox stuck in Queue RRS feed

  • Question

  • Hi,

    i am currently deploying a new exchange 2013 solution. I already deployed 2 CAS and 2 Mailbox Servers. There is currently no DAG configured. I'm just testing mail flow and i noticed that inbound mail is somehow deferred.

    I just had a look into Queue Viewer and saw a lot of strange objects there...

    Sender Address is always HealthMailbox* or inboudproxy@inboundproxy.com...

    Some Idea why those mails are stuck in the queue?

    • Edited by Marco-H Thursday, November 8, 2012 5:28 PM
    Thursday, November 8, 2012 5:27 PM

All replies

  • Do you have the mailbox named HealthMailbox584.............444@yourdomainname.com in your exchange?

    So the mailflow is normal for other mailbox and you are experience issue in receiving email only for this mailbox?

    Friday, November 9, 2012 2:42 AM
  • HealthMailbox5848e108a81e4770bff43c0f204ea444 is a Domain User Account (user is created by Exchange... i found more info here: http://justaucguy.wordpress.com/2012/09/18/exchange-server-2013-preview-healthmailboxes/).

    Currently the queue is empty. I flushed it yesterday and rebooted both Mailboxservers. But I see anyway a lot of mails in the tracking log with subject for example "Subject: MBTSubmission/StoreDriverSubmission/00000034-0000-0000-0000-0000ef0e5500-MapiSubmitLAMProbe" and from/to is both the same healthmailbox. 

    If i'm not completly wrong i did not see those testmails in Exchange 2010, so I am just curious what those mails exactly are, as I can not find any documentation about this.

    Friday, November 9, 2012 7:00 AM
  • Hi

    Is there any error in you Event Viewer?


    TechNet Subscriber Support in forum

    If you have any feedback on our support, please contacttnmff@microsoft.com

    Zi Feng

    TechNet Community Support

    • Edited by Zi Feng Monday, November 12, 2012 6:26 AM
    Monday, November 12, 2012 6:17 AM
  • hi! could someone please explain this strange inboundproxy@inboundproxy.com mails to me?! our server-queue is full with undelivered messages to this adress! as the thread-opener writes, we have the same strange messages - no sender is in an single message visible! only the recipient "inboundproxy@inboundproxy.com" is given ... i've disabled this queue and no recipient in the company complains about undelivered or non-received mails!? many thx in advance!

    • Edited by dw_at Sunday, February 17, 2013 4:00 PM
    Sunday, February 17, 2013 2:13 PM
  • Did you find a solution for this issue?
    Wednesday, February 20, 2013 10:33 AM
  • Nope, did not find any good explanation on the web... 

    Anyway, we decided to not deploy Exchange 2013 at the current state (i.e. lack of public folders in owa till sp1) but concentrate on office365 for our customers.

    Wednesday, February 20, 2013 11:01 AM
  • How many Mailbox Database you have

    and how many HealthMailbox you have under users container

    can you also list by checking the property of each HealthMailbox, what are the e-mail address under General. Are these domain.local or domain.com

    Thursday, March 7, 2013 4:18 AM
  • Anybody got solution for this? Our exchange got full of this.  I flushed it and now it keep increasing the number.  Our user sent something out, but other end claimed didn't get it.. Please help.
    Thursday, March 14, 2013 10:12 PM
  • run this in PowerShell

    Get-MessageTrackingLog -Server YOURSERVER -Start "07/11/2012 09:00:00" -End "01/1/2013 10:00:00" -Sender "inboundproxy@inboundproxy.com"

    what do you get in RecipientStatus ?

    or export the logs to a text file for easier reading.

    Get-MessageTrackingLog -Server YOURSERVER -Start "07/11/2012 09:00:00" -End "01/1/2013 10:00:00" -Sender "inboundproxy@inboundproxy.com" > C:\tlog.txt

    • Edited by net_tech Wednesday, March 27, 2013 5:27 PM
    Wednesday, March 27, 2013 2:54 PM
  • Problem can easily solved by installing Exchange 2013 CU1

    • Proposed as answer by Mvd12345 Wednesday, April 3, 2013 6:15 AM
    Wednesday, April 3, 2013 6:15 AM
  • Problem can easily solved by installing Exchange 2013 CU1

    I have the same problem, exchange 2013 sends inbound proxy probe on inboundproxy@inboundproxy.com. After installing the package Exchange 2013 CU1 delivery continues. What could be wrong?
    Monday, April 8, 2013 7:17 AM
  • Hi!

    Celan install RTM CU1.
    Every 5 minutes mail from inboundproxy@inboundproxy.com

    Logs are full of this crap and my anti-spam application aswell. How can we stop this? I mean if I want to check txt log files I have to battle trough all this nonsense to get to the relevant data...

    Monday, April 8, 2013 7:35 AM
  • In ECP go to Mail Flow -> Email address policies and change Default Policy’s primary SMTP to your internal AD domain name. (ex. Yourorg.local)

    Create a new email address policy for your external domain name (ex. Yourorg.com) and set its priority to 1

    Don’t forget to apply both policies, delete all stuck messages from the queue and restart exchange topology service.

    Monday, April 8, 2013 1:51 PM
  • In ECP go to Mail Flow -> Email address policies and change Default Policy’s primary SMTP to your internal AD domain name. (ex. Yourorg.local)

    Create a new email address policy for your external domain name (ex. Yourorg.com) and set its priority to 1

    Don’t forget to apply both policies, delete all stuck messages from the queue and restart exchange topology service.

    My server runs only in the domain "Yourorg.local". Server haven't Send Connectors. Default address policy is configured as shown in the picture. That is correct?

    Wednesday, April 10, 2013 8:51 AM
  • Nikita,

    Your default policy is configured correctly.

    Can you open ADSI edit on your DC and expand Users container under your domain? There should be 3 health mailboxes that look like CN=HealthMailbox3a5ab0ddcfaa4b3a8b95c07168fff15b.

    Right click on EACH mailbox and select properties, scroll down to proxyAddress and document Values for each mailbox. Each mailbox should have at least 1 value (ex. SMTP: HealthMailbox3a5ab0ddcfaa4b3a8b95c07168fff15b@yourdomain.local)

    Start Exchange Management Shell and run this command

    Get-MessageTrackingLog -Server YOURSERVER -Start "04/09/2013 09:00:00" -End "04/10/2013 22:00:00" -Sender "inboundproxy@inboundproxy.com" | Out-GridView

    You can copy results and paste them in to Excel for easier navigation. Do you see EventID FAIL for all 3 Health Mailboxes you saw in ADSI?

    • Edited by net_tech Wednesday, April 10, 2013 2:03 PM
    Wednesday, April 10, 2013 1:38 PM
  • Thank you for help. I have 4 healthmailbox's in the ADSI Edith. ProxyAddresses attribute contains SMTP:healthmailbox...@mydomain.local and smtp:healthmailbox...@mydomain.ru. I think it's because I once tried to change default address policy. That is, after I changed the policy back to ".local", all boxes address has changed, except the HealthMailbox... I think it is necessary to remove the value of the smtp:healthmailbox...@mydomain.ru and all will be well. What is your opinion?

    This is results run command, there are many records:

    HAREDIRECTFAIL SMTP inboundproxy@inboundproxy.com {HealthMailbox82a0c6e4d0ed4475b248049e11248e7f@mydom.local} Inbound proxy probe
    FAIL DNS inboundproxy@inboundproxy.com {HealthMailbox7368060463274cfe98783bd26bdfd1c7@mydom.local} Inbound proxy probe

    • Proposed as answer by TBK00000 Saturday, April 13, 2013 11:37 PM
    • Unproposed as answer by TBK00000 Saturday, April 13, 2013 11:38 PM
    Thursday, April 11, 2013 8:06 AM
  • I had the same issue after tweaking the anti-spam rules, my workaround was to add to the whitelist:

    In Exchange powershell:

    Set-ContentFilterConfig -BypassedSenderDomains inboundproxy.com

    • Proposed as answer by TBK00000 Saturday, April 13, 2013 11:40 PM
    Saturday, April 13, 2013 11:39 PM
  • I think I have sorted this based on the information posted by net_tech.

    Messages only started getting stuck in the queue after I installed CU1. I ran the power shell command suggested by net-tech and noticed the messages were only failing on two out of the five health mailboxes.

    Using adsiedit I checked the proxyaddress's for both of the failing health mailboxes and they only had the Primary address listed which is our external email domain name.  The .local address was missing on these two mailboxes.

    I added the missing .local address's flushed the queue, and no more inboundproxy messages have got stuck in the queue.

    Monday, April 15, 2013 10:31 AM
  • We were seeing the same issue with the submission queues filling up with thousands of health messages (and production mail) and found that the anti-malware signatures were missing.  I believe this was supposed to be fixed in CU1, but I guess not.  We added the signature files and the queues cleared up.

    You can use the built-in script .\Update-MalwareFilteringServer.ps1 and either get the files from Microsoft or manually specify the path to the mal-ware files.  e.g. Update-MalwareFilteringServer.ps1 -Identity "EXHB-32763" -EngineUpdatePath "http://forefrontdl.microsoft.com/server/scanengineupdate"

    • Proposed as answer by Jeffrey Kalfut Thursday, April 25, 2013 9:01 PM
    Thursday, April 25, 2013 9:01 PM
  • Does anybody have a solution to this issue? If I use a smarthost, they are routed through that, and thrown away, and not stuck in the que. But its very annoying, for some of my customers, who are not using smarthosts.

    CU1 did not resolve this issue :(

    Best regars Mark Gerlow ------------------------ 7 P's = Proper Prior Planning Prevents P*** Poor Performance

    Monday, June 3, 2013 7:20 PM
  • Mark,

    There is no single solution for this issue, as each case is unique.
    In Nikita’s case someone added provider’s DNS in addition to DC’s DNS on the exchange server.

    Consider sharing the error messages you are seeing in the logs, so we can help you.

    • Edited by net_tech Monday, June 3, 2013 8:46 PM
    Monday, June 3, 2013 8:38 PM
  • The answer to the issue is "it depends"! It depends upon why your Health Mailboxes are generating NDR messages.

    What should happen in Exchange 2013 (unless you have turned off the monitoring emails) is that every Frontend Transport service (on the CAS role) will send an email to every mailbox database, specifically to the HealthMailboxGUID mailbox in each database (the GUID matches the GUID of the mailbox database [Get-MailboxDatabase | FT name,guid]). If there is something wrong with the mailbox then an NDR will be generated. This will queue for delivery to the internet (or go to your smarthost if you have one, where it will queue there instead). After two days it will fail to be delivered. Delivery fails as the owners of inboundproxy.com on the Internet do not have an MX record listed for their domain (good thing too, the registration for this domain makes it look very suspect).

    To work out the issue you need to fix follow my blog post at http://blog.c7solutions.com/2013/06/queues-building-to-inboundproxycom.html. In brief, you export the queued messages and examine them for the reason for the NDR. In the case that I document the HealthMailboxes had @domain.local addresses whereas my Exchange Server was @domain.com and I had removed the .local accepted domain and entry in email address policy. It is not important to have a .local policy as is posted earlier in this thread, just need to make sure the HealthMailboxes have routable email addresses.

    I also have a HealthMailbox with corrupt AD properties, so for that one I had to do a different fix. Once you fix all the issues (you get lots of NDR's, they could be to do with one or more errors in your HealthMailboxes) then messages will not queue for inboundproxy.com

    Brian Reid C7 Solutions Ltd (www.c7solutions.com)

    Thursday, June 20, 2013 11:39 AM
  • I guess its coming when you running journaling.

    Monday, July 1, 2013 12:37 PM
  • The Problem is the Journal

    Exchange 2013

    In ECP go to Server > Database > go to properties from your Mailbox

    under maintenance disable Journal Mails

    Tuesday, December 10, 2013 7:41 PM
  • Hi,

    How did you add the signature files and clean the queues? No my AntiMalware can't update and make the messages stuck in queue. I get the following warning when I start to update:

    Warning: Unable to process update request because engine metadata is not available.  Attempting to synchronize metadata.
    Please try to run the cmdlet again later.

    Thank you
    Wednesday, December 11, 2013 1:52 AM