Re: Exchange mailing to A records intermittently instead of MX records ???
- From: "Al Mulnick" <amulnick_No_SPAM@xxxxxxxxxxx>
- Date: Thu, 4 Aug 2005 14:44:45 -0400
That would be consistent with lookup failures. Basically, there are several
cache points in the lifetime of a domain lookup. When they expire, you have
to look again. If you fail that time, then you fail back to the application
which starts to NDR messages. After x amount of time, it would check DNS
again, and this time might succeed.
DNS can fail for all kinds of reasons. Some configuration, others for other
influences such as firewalls, routers, switches, etc.
One thing to check would be the way you have DNS setup. If it's 2k3, make
sure you're not falling prey to the EDNS0 issues that can happen in some
situations. Also, be sure it's not a TCP vs. UDP thing going on. That's
harder to track in a sniff, but you'll basically be looking for data
requests that are too big for the UDP packet to hold.
Look for issues along the route for the DNS lookups as well.
Is it possible for some spam measures to be interfering? It is, but it
would be odd to do so at the DNS level. It should at least give you the
records back and then tell you to fail or otherwise that it could not accept
messages from you.
Good luck,
Al
"Denis" <denis@xxxxxxxxxx> wrote in message
news:eqVsadRmFHA.3552@xxxxxxxxxxxxxxxxxxxxxxx
> Thank you for your answer, and sorry for the delayed response: I was
> absent for awhile.
>
> Let me anwser some of your questions first.
>
> Note that we are using Exchange 2003, not Exchange 2000
> 2) We chose the multi-NIC structure to offload our internal networks. The
> massive amounts of e-mail (but not SPAM!) we are sending used to clog up
> some NICs.
> 1+3) Infrastructure issues have been in the back of my mind for awhile,
> but they don't seem to make sense, in light of the following: we are
> getting "server failure" messages back in the DNS logs and "sniffed" DNS
> traffic. However, these messages seem to refer to the failure of the
> server hosting the records for that particular domain. What's mind
> boggling too is that e-mail messages would go out fine for that domain (so
> the domains would resolve fine), and then all of a sudden, for the Xth
> message it would fail, as well as for all subsequent messages for that
> domain, until awhile later, where resolution woudl proceed fine again.
> Domain resolutions for other domains during that period would work fine.
> It is as if some domains occasionally would limit the number of requests
> allowed. Is that even possible ?
>
> I will load and activate netmon. I will also install sniffers in various
> locations on our network and try to crossmatch packets.
>
> "Al Mulnick" <amulnick_No_SPAM@xxxxxxxxxxx> wrote in message
> news:eziJyL9hFHA.2484@xxxxxxxxxxxxxxxxxxxxxxx
>> Which version of Exchange 2000 are you using?
>>
>> Some thoughts:
>> SMTP is designed to check for MX records first, and then if it can't find
>> one, it should resort to an A record. If that fails, it should die
>> trying and send a NDR.
>>
>> 1) if this just started happening, I'm guessing something changed. What
>> is your DNS architecture as it relates to Exchange VS's? i.e. is VS1
>> your internal VS and does it use internal DNS? What about VS2?
>> Has there been any changes to the DNS architecture as of late? What
>> about firewalls?
>>
>> It *sounds* like DNS lookups are failing. I know you checked that, but
>> that would be the behavior I would expect if DNS failed. You may consider
>> using netmon to trigger on some of the lookups and see if you're getting
>> failures there. Increase the logging as well.
>>
>> 2) help me understand why you chose the dual-nic/dual VS configuration.
>> I'm not a fan of that configuration, but I understand there can be times
>> when it's useful. I consider that configuration rarely worth the
>> increased complexity and troubleshooting effort.
>>
>> 3) Verify that your physical infrastructure is working correctly. NIC,
>> switches, hubs, firewalls, etc. should all be checked. Those failures
>> could easily be caused by physical issues.
>>
>> al
>>
>>
>> "Denis" <denis@xxxxxxxxxx> wrote in message
>> news:Oo3NDt8hFHA.1252@xxxxxxxxxxxxxxxxxxxxxxx
>>> Actually, the information came from "Configuring SMTP in Microsoft
>>> Exchange 2000 Server", Chapter 4
>>> Can be found at:
>>> http://www.microsoft.com/downloads/details.aspx?familyid=7c3fffe1-3761-4e7a-b6ca-f31fe957c024&displaylang=en
>>>
>>>
>>> "Al Mulnick" <amulnick_No_SPAM@xxxxxxxxxxx> wrote in message
>>> news:eAoi1cwhFHA.1248@xxxxxxxxxxxxxxxxxxxxxxx
>>>> Which KB article?
>>>>
>>>> "Denis" <denis@xxxxxxxxxx> wrote in message
>>>> news:eAmK3zvhFHA.576@xxxxxxxxxxxxxxxxxxxxxxx
>>>>> We are experiencing very bizarre stuff on our exchange servers when
>>>>> mailing
>>>>> to external domains.
>>>>>
>>>>> SMTP delivery is working fine and then all of a sudden we start
>>>>> getting
>>>>> failure reports back.
>>>>> We've been digging around and tracking, and we find that all of a
>>>>> sudden the
>>>>> SMTP virtual server is trying to deliver to the IP address of the A
>>>>> record
>>>>> for the domain, instead of to the IP address of the MX record. As in
>>>>> most
>>>>> cases this is the web server, we get a response back indicating that
>>>>> the
>>>>> server cannot relay for that domain, which is normal.
>>>>>
>>>>> My question is: why does the SMTP connector decide to send to the A
>>>>> record
>>>>> all of a sudden, instead of to the MX record ???
>>>>> Can we tell exchange to only attempt mailing to MX records ?
>>>>>
>>>>> I looked into the DNS caches and the information is correct.
>>>>> I ran DNSDIAG on our Exchange servers, against the various
>>>>> destinations and
>>>>> on the various virtual SMTP servers, and they all come back with the
>>>>> appropriate MX information. I don't know where to look anymore.
>>>>>
>>>>> BTW: after awhile it will revert sending to the MX records, as if
>>>>> nothing
>>>>> happened ...
>>>>>
>>>>> Our Exchange servers are multihomed systems. There is a single SMTP
>>>>> Virtual
>>>>> Server (VS) connector for each NIC. The SMTP VS on the external
>>>>> connector
>>>>> looks at our internal DNS servers, while the SMTP VS on the internal
>>>>> connectors looks to external DNS servers. (Setup according to one of
>>>>> MS's KB
>>>>> articles).
>>>>>
>>>>> Any ideas ?
>>>>>
>>>>> Thanks.
>>>>> Denis.
>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>>
>>>
>>
>>
>
>
.
- References:
- Prev by Date: Mutilple Servers in different locations?
- Next by Date: Cannot connect to Exchange Srvr using SMTP
- Previous by thread: Re: Exchange mailing to A records intermittently instead of MX records ???
- Next by thread: Mutilple Servers in different locations?
- Index(es):
Relevant Pages
|
