Exch 2010sp1 Slow SMTP Queue Outbound
We are having problems with extremely slow delivery of email on our outbound SMTP delivery. We have the following setup.
3 HT/CAS servers with WNLB. All 3 have an outbound connector setup to point to Postini for email filtering. We have a TMG 2010 server between them and the internet. We seem to get inbound email quickly and all internal email is very fast.
Outbound sits in the queue for ever before being sent. It appears only 2 or 3 "active" connections per HT server at one time. This has only become a problem since moving to 2010 from 2003 and from ISA 06 to TMG 2010. I am not sure where the
setting might be to increase the connections allowed or if that is the problem. There are no errors reported it just seems to run slow. We do have TLS enabled if the other end can handle it. This is not a resource or bandwidth issue either.
I've gone through the connector setting and don't see anything restricting the number of connections. As an example it may take up to 20 minutes for an email to be delivered out of the queue and the queue only contains about 20 messages per server.
We have around 800 users so we are not talking about thousands of users. Any ideas?
Thanks in advance.
September 12th, 2011 12:37pm
You should not have many connections from your HT since you deliver mail to postini.
could it be that the shadow queue function trick you thinking mail delivery is slow?
http://technet.microsoft.com/en-us/library/dd351027.aspx
lasse at humandata dot se, http://anewmessagehasarrived.blogspot.com
Free Windows Admin Tool Kit Click here and download it now
September 12th, 2011 1:56pm
I don't think that is the problem. There is only one queue that is filling up on each server and it is the outbound "smarthostconnectordelivery" to postini. Each message sits in these queues for up to 20 minutes before going out. No messages
in the queue have errors and everthing will go out it just takes a long time.
September 12th, 2011 2:41pm
what if you configure a HT to send directly to Internet (and allow it in FW), does it queue up anywhat or is mail delivered as expected?.
lasse at humandata dot se, http://anewmessagehasarrived.blogspot.com
Free Windows Admin Tool Kit Click here and download it now
September 12th, 2011 3:06pm
Ok I removed the smarthost and all the DnsConnectorDelivery queue's fire up just fine. All of them can go to active and mail is delivering very rapidly. So is there something that throttles a smarthost to only deliver a few emails at a time
or a per queue max? I have never seen more than 2 active emails in the postini queue at one time.
September 12th, 2011 4:01pm
What should I be looking for in the logs? I see normal connection info. Would there be a pause or something?
Free Windows Admin Tool Kit Click here and download it now
September 12th, 2011 4:48pm
After more research and reading up on the postini docs, postini recommends not using a smarthost but use the private DNS method in the connector.
"Smarthost solutions for Microsoft Exchange can cause mail queueing delays.
Private Outbound DNS Service is designed to ease setup and prevent queueing
delays."
http://www.postini.com/webdocs/outbound/en/outbound_config_en.pdf
Here is a post as well from other users experiencing queuing and resolved using the private dns method.
Edge Transport queueing mail with status Ready, extremely slow delivery - help please!
http://social.technet.microsoft.com/Forums/en-US/exchangesvrtransport/thread/86380772-9f08-4c3b-a56d-70d92e945b39
Here is a post I found for a user explaning the behavior with postini
"Postini has problems taking delivery from an SMTP connector. They aren't actually doing store-and-forward-- they were acting more like a layer 7 proxy between the remote destination SMTP server and your sending SMTP server. If the remote SMTP server had
rejects a recipient, for example, Postini will return an error that puts the SMTP connector into retry state, "clogging up" the SMTP connector's queue. They haven't changed this behavior, so you're going to have to go thru stupid configuration tricks to route
around their brain-damage"
http://www.google.com/support/appsecurity/bin/answer.py?hl=en&answer=138629
In either case I would take the issue up with postini or do the private dns method since it's explictly mentioned as the preferred method on their doc.
James Chong MCITP | EA | EMA; MCSE | M+, S+ Security+, Project+, ITIL msexchangetips.blogspot.com
September 12th, 2011 8:34pm
Hi Carpadum
Any update for your issue, above gave some good information.
If you have other issue or question, please feel free let us know.
Regards!
Gavin
TechNet Subscriber Support
in forum
If you have any feedback on our support, please contact
tngfb@microsoft.com
Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if
a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
Free Windows Admin Tool Kit Click here and download it now
September 13th, 2011 5:59am