For some reason, as of today or recently, all outgoing email is stuck in the queue.. its in a retry state with no errors there.. I had some event logs in app log that pertained to invalid certificates for the transport service.. I thought I had fixed them, but email is still stuck, not sure what else to try. Certificate wise.. I have two certificates showing up when i do the get-exchangecertificates.. is this correct? We have one exchange server, behind the firewall etc. These two certs are the internal one, for our ENT CA server, with services SMTP, says valid.. subject of exchange02.domain.local, certficate domains exchange02.domain.local. The other is for the godaddy, external certificate (owa, etc).. it has certificate domains wan1.domain.com and www.wan1.domain.com).. it is valid and set for IMAP, POP, IIS, SMTP... The subject is also.. wan1.domain.com, OU=Domain control validated, O=wan1.domain.com For this second one, how would i change the part that has certificate domains as www.wan1.domain.com, this was obviously a mistake, or is it even hurting things? (IE: this isnt whats affecting outgoing email, and incoming is fine, so maybe i can ignore it till it expires later this year) Initially i had like 4 certs here, 2 were invalid, one was the default SMTP cert.. i since fixed it with the first one listed above.. this cert is in the exchange servers computer personal store and appears ok. Any thoughts on what to do for the stuck emails? (I ran the troubleshooter, but no errors were reported on this attempt). Items are sitting in the queue with a status of ready and the domains are either Active or in a Retry state. Edit.. i did notice the error of: 451 4.4.0 primary target IP address responded with "421.4.4.2 Unable to connect" in the main queue for all domains.. Thanks

I also have this error (perhaps non related).. Eventid 1022: Anti-spam agents are enabled, but the list of internal SMTP servers is empty. If there are any MTAs between this server and the Internet, populate this list by using the Set-TransportConfig cmdlet in the Exchange Management Shell. I'm not sure why this would be the case.. I enabled smtp verbose logging.. i do see Error Code: 10060 throughout the log file "connection attempt failed" etc.. For my sendConnector.. i do notice that for the FQDN we have it set to wan1.domain.com.. and for the receive connector it is set to Exchange02.domain.local... This seems backwards to me, though this hasnt been touched since it stopped working either? --- More related.. i have this error as well: The Microsoft Exchange Mail Submission Service is currently unable to contact any Hub Transport servers in the local Active Directory site. The servers may be too busy to accept new connections at this time *this may have been because i tried restarting the transport service shortly before this though.

I will answer (mostly), my own thread.. I found the problem.. though i'm not sure why.. perhaps someone would know.. We have a dual wan connection router/gateway.. I had disabled wan2 of the router.. now in our settings, everything is set to wan1.domain.com, not wan2... wan1 was the enabled port and wan2 was the disabled one. I'm not sure why disabling wan2 would have caused this issue. I also checked the firewall settings for port 25, this shouldnt have mattered, as its an incoming one.. We used to have an issue, long time ago, that outgoing emails couldnt be sent unless they went through wan2 (verizon dsl connection), because wan1's comast connection wasnt a true static ip and remote sites would reject the emails.. I thought this was resolved when comcast went to a "true static" ip and we received an address.. Perhaps Comcast is not doing true static ip addresses as of yet, despite giving us a "static one" and this caused the issue? On the send connector, i do see it says to use DNS MX records.. for our dns mx records i have them set to wan1, followed by wan2 in that order (followed by rollernet backupmx servers).. This seems like it would be fine as well.