Messages with Unreachable Destinations
How are you referencing the smart host that Exchange is using? IP address or host name? Whichever it is, change it. If you have to enter an IP address it needs to be entered in the format of [123.456.78.90]. I presume you have the frontend server listed as the sole bridgehead in the SMTP connector? I have also seen this caused by AV software - McAfee is notorious for it. Something scanning SMTP traffic which shouldn't be. Simon.Simon Butler, Exchange MVP Blog | Exchange Resources | In the UK? Hire Me.
November 19th, 2011 10:15am

Thanks for the reply Simon. It is specified by IP address in [123.456.78.90] format. I hadn't thought about AV. That server has Symantec Corp Ed, which I do need to upgrade to SEP. Funny thing is, we are in the process of switching SPAM filter vendors. This has been happening on and off for the last year with the smart host connecting to the old SPAM filter. I changed the address to a different smart hose about a month ago to a different product, and it's done it several times on this product too. This tells me it isn't the SPAM filtering gateway causing this, so AV makes sense. I'll see what I can do to try to remedy this. Joel
Free Windows Admin Tool Kit Click here and download it now
November 19th, 2011 12:54pm

How are you referencing the smart host that Exchange is using? IP address or host name? Whichever it is, change it. If you have to enter an IP address it needs to be entered in the format of [123.456.78.90]. I presume you have the frontend server listed as the sole bridgehead in the SMTP connector? I have also seen this caused by AV software - McAfee is notorious for it. Something scanning SMTP traffic which shouldn't be. Simon.Simon Butler, Exchange MVP Blog | Exchange Resources | In the UK? Hire Me.
November 19th, 2011 5:41pm

I have an Exchange 2003 environment with 5 mailbox servers and one Exchange Front End server. The FE server has an SMTP connector to deliver to a Smart Host for external delivery. Occassionally, with more frequent occurance, I find that mail is stuck in a "Messages with Unreachable Destinations" queue. This starts on the FE server, and then they start to pile up on the mailbox servers. I have set up Exchange notifications to send me an alert when messages sit in queue for too long. This is fine - usually gives me notice before I hear from end users that messages aren't going out. But what would be causing this? I don't see anything in the event log. The SPAM filter/SMTP gateway is reachable. I restart Simple Mail Transfer Protocol on the Exchange Front End and mailflow starts again. Is there anything I need to look at, additional logging, etc? Thanks, Joel
Free Windows Admin Tool Kit Click here and download it now
November 19th, 2011 7:26pm

Thanks for the reply Simon. It is specified by IP address in [123.456.78.90] format. I hadn't thought about AV. That server has Symantec Corp Ed, which I do need to upgrade to SEP. Funny thing is, we are in the process of switching SPAM filter vendors. This has been happening on and off for the last year with the smart host connecting to the old SPAM filter. I changed the address to a different smart hose about a month ago to a different product, and it's done it several times on this product too. This tells me it isn't the SPAM filtering gateway causing this, so AV makes sense. I'll see what I can do to try to remedy this. Joel
November 19th, 2011 8:20pm

Make sure you are following the "Best Practices" when installing Symantec Endpoint on server OS's. Best Practices for Installing Symantec Endpoint Protection (SEP) on Windows Servers - http://www.symantec.com/business/support/index?page=content&id=TECH92440&locale=en_US
Free Windows Admin Tool Kit Click here and download it now
March 10th, 2012 9:49am

@Simon, what AV software do you recommend on Exchange? For Exchange itself, either Forefront or GFI Mail Security. To protect the file system, there isn't really much between them. I have AVG on a number of sites, works well, as does Sophoes and Kapersky. What you want to try and do is have something different on Exchange (ie the "mail" AV) than you have on the workstations. Both Forefront and GFI are multi-engined. Simon.Simon Butler, Exchange MVP Blog | Exchange Resources | In the UK? Hire Me.
March 10th, 2012 11:27am

@Simon, what AV software do you recommend on Exchange? @thomas_symantec, v11 installs with the recommended exlusions for Exchange applied. I checked the following document and verified the exclusions were set. http://www.symantec.com/business/support/index?page=content&id=tech102400 Our Exchange is not set up as a cluster.
Free Windows Admin Tool Kit Click here and download it now
March 10th, 2012 1:39pm

This issue persists. Late last year, I had added additional folders to be excluded from AV scanning. Messages continue to get stuck about once a week. This morning, I had finally had it with messages getting stuck, so I upgraded to Symantec Endpoint Protection v11.0.7 (not comfortable with v12.1 yet). Guess what? 2 hours later, I had to get on and restart SMTP again. This morning, I copied sysinternals process explorer to the server and am watching the TCP connections for inetinfo.exe. When messages got stuck, I flipped to process explorer and saw that a connection to an LDAP server was "closed_wait". After restarting SMTP, that connection went away. Since I only monitored this during one event with this tool, I don't know if this is a clue or what.
March 10th, 2012 4:03pm

On Wed, 29 Feb 2012 18:23:24 +0000, Joe IT wrote: >@Simon, what AV software do you recommend on Exchange? Forefront Protection does a fine job. I'm not trying to act as a shill, it's something we use and it's pretty good. --- Rich Matheisen MCSE+I, Exchange MVP --- Rich Matheisen MCSE+I, Exchange MVP
Free Windows Admin Tool Kit Click here and download it now
March 10th, 2012 6:10pm

I have operated a standard policy for over seven years when it comes to anything by Symantec on Exchange servers - if Symantec is installed on the server, then it is the cause of the problem (whatever it is), unless shown otherwise by the complete removal of the product and a reboot of the server. In most cases, the problem goes away with the removal of the Symantec product. Therefore the only thing I can suggest to you is to remove Symantec's excuse for AV, reboot, ensure that everything Symantec has been removed and then monitor. All the time the Symantec product is installed, in my eyes it is going to be the primary (And only) suspect as to the cause of the issue. Simon. Simon Butler, Exchange MVP Blog | Exchange Resources | In the UK? Hire Me.
March 11th, 2012 6:46am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics