Mail Flow Troubleshooter in Exchange Troubleshooting Assistant (ExTRA) - A closer look

Published 08-07-2006 04:49 PM 39.4K Views

Have you tried the "Exchange Mail Flow Troubleshooter" in Exchange Troubleshooting Assistant v1.0 (ExTRA)? This is a new troubleshooter that you can use to troubleshoot common mail flow problems you see on Exchange servers. It is designed to identify the root cause of detected symptoms so that you can take a right course of corrective actions quickly.


For example, the mail flow troubleshooter can identify common root causes such as:

  1. Messages backing up in remote delivery queues due to bad DNS configuration or unintentional third party software settings

  2. Messages backing up in the Messages awaiting directory lookup queue due to heavy distribution group expansions or permissions inheritance blocks

  3. Messages can not be received from the Internet due to metabase corruption


For this blog post, I would like to introduce some of the features of this troubleshooter for Exchange 2000 Server and Exchange Server 2003.


When you select "Mail Flow Troubleshooter" at the Task Selection screen, you will be presented with the selections of symptoms you would like to troubleshoot.




1. Users are receiving unexpected non-delivery reports when sending messages


When you or your users receive a non-delivery report, this is the one you would like to select. The tool will further prompt you what DSN code the non-delivery report contains and provide you with guidance on what the DSN code generally means and what actions are suggested.


For example, for the DSN code 5.1.6, you will see the following message in the output report:


"The user directory attributes, such as homeMDB or msExchHomeServerName, may be missing or corrupted. Troubleshooting: Verify the integrity of the user directory attributes, and then run the Recipient Update Service again to make sure that the attributes that are required for transport are valid."


For some DSN codes, the tool checks whether the records in DNS are consistent. In this v1.0, not many troubleshooting functions for non-delivery reports have been automated but we expect that more will be in future releases.


2. Expected messages from senders are delayed or are not received by some recipients


You would like to select this when you or your users see symptoms like the following:


- Your organization is not receiving any messages from the Internet

- Some users can receive mails from the Internet but some users can not


The possible root causes of this kind of issues (or mail flow issues in general) can vary from a transient network condition to a suboptimal SMTP configuration. Thus the mail flow troubleshooter executes a wide variety of troubleshooting steps.



Troubleshooting Steps


- 'Ping' the designated gateway/bridgehead server to check general network health

- Test connectivity over port 25 and other designated SMTP ports to the designated gateway/bridgehead server

- Check SMTP service / SMTP virtual server status

- Check filtering configuration (Sender ID, IMF, Recipient, Connection, Sender)

Mail Acceptance

- Send a test mail from the designated gateway/bridgehead to the designated address

- Check for known SMTP proxies that may be blocking SMTP conversations

Message Tracking

- Scan message tracking logs beginning from the sending server to the destination server to see how far the test message has traveled (start the queue troubleshooter if a backup is detected)

Domain Routing

- Verify that local domains are correctly registered in the metabase (e.g. an error will be logged if a local domain is registered as an external domain in the metabase)


Here are a few examples of the result output for this symptom.



3. Messages destined to recipients are delayed or are not received by some recipients


This is the opposite direction of #2 in terms of the mail flow. You may want to select this when:


-      No messages are going out to the Internet

-      You can not send messages to a specific domain

-      You can not send messages to a specific external address


Here are the major steps the mail flow troubleshooter executes to troubleshoot this symptom.



Troubleshooting Steps

Message Tracking

- Locate the most recent message submitted by the specified sender to the specified recipient

- Scan message tracking logs beginning from the sending server to see how far the message traveled (start queue troubleshooting if a backup detected)

Exchange Gateway

- Check SMTP service / SMTP virtual server status

- Check SMTP connector configuration

Domain Routing

- Check address space (remote domain) settings in SMTP connector and metabase


4. Messages are backing up in one or more queues on a server


We call this the "Queue" troubleshooter. It can be launched directly from the Task selection screen as well as it may be triggered by selecting #2 and #3 above. In many cases when we troubleshoot issues like "mails are not coming from the Internet" or "mails are not going out to the Internet," we find out that messages are actually backing up in a queue on an internal Exchange server. In these cases, the mail flow troubleshooter triggers the "Queue" troubleshooter automatically.


For this first release, we mainly focused on developing the troubleshooting steps for the following SMTP queues.

-      Remote delivery

-      Messages awaiting directory lookup

-      Local delivery


That said, we have general troubleshooting steps for other queues such as "Messages pending submission" and "Messages waiting to be routed" and expect adding specific troubleshooting steps for those queues in future releases.



Troubleshooting Steps

Queue Status

- Detect any retry/frozen queues and also queues with a large number of messages

Remote Delivery

- Test whether DNS servers can be accessed from the "problem" server

- Check whether DNS returns valid records for the remote hosts

- Test connectivity to the remote hosts (ping, port 25)

- Check remote SMTP virtual server configuration/status

- Throw various SMTP commands (e.g. BDAT)

- Check metabase for event sink registrations

- SMTP Proxy existence

- Detect antivirus software blocking SMTP ports

- Link state check

Messages awaiting directory lookup

- Categorizer performance

- DL expansion checks

- Check for common destinations in messages

- Check file version for known bugs

- Check journaling configurations

- Check whether permissions inheritances are correct

- Investigate disk performance

- DC/GC availability

Local Delivery

- Check for any dismounted databases

- Check for missing SMTP system mailboxes

- Event 326/327 occurrence

- Common issues (PF hierarchy, Missing working directory, etc.)


Here are some examples of the result output for this symptom.



Thanks for your interest in the new tool. Please feel free to post comments to this blog post. Also visit newsgroup for more discussions.


- Haruya Shida

Not applicable
Why does the "Updates and Customer Feedback" option in ExTRA not actually allow you to provide customer feedback ? Maybe it should be changed to just "Updates"..

I keep getting a strange error when collecting perfmon data but I'm not sure where to send it..
Not applicable
Hi rich - Yes, you are right. The customer feedback part is not enabled (yet). Please feel free to send the details of the perfmon error to the newsgroup so we can take a look at it.  
Not applicable
When I forward mail to another user by way of the Forwarding address, Forward to: options in the Delivery Options dialog, the IMF filter seems to not work.  The mailbox threshold is ignored and all messages are delivered regardless of thier SLC rating.  Any ideas why or how to prevent this?  
Not applicable
Can you share any real case in troubleshooting mailflow problem with ExTRA? Did the tool managed to figure out the root cause?
Not applicable
How would you do the same mail flow trobleshooting in PowerShell?
Not applicable
Feedback on this tool: I'm trying to use the tool to track a 'missing' message that was sent internally at my company between an Exchange 2003 user and an Exchange 5.5 user.

The message should have been sent to a Distribution Group, then to the recipient in Exchange 2003. In this case, the recipient has their mail redirected to a Contact which forwards email to the Exchange 5.5 organisation. In case it's relevant, we are using Quest EMW.

I have used message tracking on Exchange 5.5 to show that the email was never received for this user, although his colleagues on the DL did receive a copy.

I wasn't able to get enough detailed information from the Exchange 2003 message tracking tool in System Manager so I have been running the ExTRA tool to search for evidence that the message left the Exchange 2003 organisation correctly. So far, I haven't had any luck in finding the message(s).
Version history
Last update:
‎Jul 01 2019 03:16 PM
Updated by: