Chest pains often mean heart attacks, but not always. Similarly, e-mail problems often mean trouble with the Exchange
server, but not always. There are other systems that interact with the Exchange server that you might need to examine first. This tip looks at those "behind the scenes" systems and possible problems that can occur.
Your Spam handling software
Most Spam software may be configured to receive and filter mail directly to the Exchange server. When users are not receiving mail, check both the Spam mail filter software and operating system logs to ensure that all necessary services are operating properly. The Spam software may also be configured to isolate mail using predefined rules, and because of this a recipient's mail may be isolated. If all logs show no errors and users' mail has not been isolated, temporarily set up your firewall to send all SMTP traffic to the Exchange server to verify that SMTP traffic is being received.
The network firewall also fits into the scheme of things. Check the firewall logs to ensure that there are no errors with SMTP traffic. Also, have there been any recent changes to the configuration? Were any patches or upgrades applied recently? Sometimes restarting the firewall may help to resolve any issue with SMTP traffic. If that fails, check the last thing -- a patch, upgrade or configuration change -- that you did. It's not always the last thing you did that causes the problem, but that's the way to bet.
Your antivirus Software
If users are encountering problems such as corrupted attachments in their received mail, the Antivirus software may be an issue. Were any changes or updates made to the Antivirus software lately? Check with Antivirus vendor to see if any problems exist with the latest updates and what to do about them. Again, it's the latest thing you did that can cause you trouble.
The Network Router could be experiencing some problems, thereby preventing users from receiving SMTP mail. Were any recent updates done to the IOS? If possible, telnet into the router's configuration program and ensure that all interfaces are running.
Here are some SMTP transmission codes that may be helpful when trying to troubleshoot SMTP mail issues:
- 2xx or 3xx message code indicate normal transmission of message
- 4xx codes are temporary problems that can be resolved by resending the message.
- 5xx codes are permanent negative responses requiring some repair before another attempt to send. Responses with the 4xx and 5xx codes are accompanied by text describing the problem.
And here is an example of a log text found in the SMTP log file:
4/2/01 11:44:31 AM : A connection was accepted from pop3.test.com.
4/2/01 11:44:31 AM : <<< IO: |HELO pop3.test.com
4/2/01 11:44:31 AM : <<< HELO pop3.test.com
4/2/01 11:44:31 AM : >>> 250 OK
4/2/01 11:44:31 AM : <<< IO: |MAIL From:<firstname.lastname@example.org>
4/2/01 11:44:31 AM : <<< MAIL From:<email@example.com>
4/2/01 11:44:31 AM : >>> 250 OK - mail from <firstname.lastname@example.org>
4/2/01 11:44:31 AM : <<< IO: |RCPT To:<email@example.com>
4/2/01 11:44:31 AM : <<< RCPT To:<firstname.lastname@example.org>
4/2/01 11:44:32 AM : >>> 250 OK - Recipient <email@example.com>
4/2/01 11:44:32 AM : <<< IO: |DATA
For additional information on SMTP logging including a detailed log file visit the Microsoft Web site.
Adesh Rampat has 10 years experience with network and IT administration. He is a member of the Association Of Internet Professionals, the Institute For Network Professionals, and the International Webmasters Association. He has also lectured extensively on a variety of topics.