Are you using root hints for DNS or forwarders? If forwarders try upping the timeout to 5 seconds. I had issues where it would timeout too fast and then fallback to the A record for ‘domain.com’ which is usually a website address. I know 5 sounds like a long time but it really hasn’t impacted performance for anything other than fixing the issue on exchange.
From: [email protected] [mailto:[email protected]] On Behalf Of Steve Ens Sent: Wednesday, October 8, 2014 1:00 PM To: Micheal Espinola Jr Subject: Re: [Exchange] 421 4.2.1 Unable to connect errors Flushed my DNS cache on my DC this morning.....voila. Mail hung in the queue magically starts to appear. I had flushed the Exchange servers already but hadn't "thunk" to do it on the DC. On Wed, Oct 8, 2014 at 11:49 AM, Candee <[email protected]<mailto:[email protected]>> wrote: Can you telnet into the receiving server and send a message? On Tue, Oct 7, 2014 at 10:08 PM, <[email protected]<mailto:[email protected]>> wrote: I was leaning towards this too, yet I can send to most domains. Sent from my BlackBerry 10 smartphone. From: Micheal Espinola Jr Sent: Tuesday, October 7, 2014 7:55 PM To: exchange Reply To: [email protected]<mailto:[email protected]> Subject: Re: [Exchange] 421 4.2.1 Unable to connect errors Have you also tested the sending domain? I'm partial to this being an RDNS-related issue. -- Espi On Tue, Oct 7, 2014 at 5:06 PM, <[email protected]<mailto:[email protected]>> wrote: Receiving Sent from my BlackBerry 10 smartphone. From: Micheal Espinola Jr Sent: Tuesday, October 7, 2014 6:55 PM To: exchange Reply To: [email protected]<mailto:[email protected]> Subject: Re: [Exchange] 421 4.2.1 Unable to connect errors is animikisee.ca<http://animikisee.ca> the sending or receiving domain? -- Espi On Tue, Oct 7, 2014 at 4:23 PM, Steve Ens <[email protected]<mailto:[email protected]>> wrote: Looks to be listed on the mailpolice sites. Never heard of those before. I turned off blacklisting on the animikisee.ca<http://animikisee.ca> site altogether. Still same thing. On Tue, Oct 7, 2014 at 5:56 PM, Micheal Espinola Jr <[email protected]<mailto:[email protected]>> wrote: Do your tested results show anything different on this site? http://www.blacklistalert.org/ -- Espi On Tue, Oct 7, 2014 at 1:02 PM, Steve Ens <[email protected]<mailto:[email protected]>> wrote: Yes, already tried that. I can do a MX lookup, but cannot telnet to the server. Also getting this in the logs Error Code: 10061, Error Message: No connection could be made because the target machine actively refused it That seems to point to us being blacklisted, but I come up clean on the mxtoolbox tests. On Tue, Oct 7, 2014 at 2:48 PM, Kennedy, Jim <[email protected]<mailto:[email protected]>> wrote: What are the domains? Could be bad bounces from spam to non-existent domains Your server can not contact them, so it tried alternates either in dns or per the RFC’s (for example A record of domain.com<http://domain.com>) and that failed. So it is still trying. Do an MX lookup from your transport server to verify your DNS is working. Then try telnet port 25 from the transport server to that IP to verify connectivity. What do you get? From: [email protected]<mailto:[email protected]> [mailto:[email protected]<mailto:[email protected]>] On Behalf Of Steve Ens Sent: Tuesday, October 7, 2014 3:42 PM To: [email protected]<mailto:[email protected]> Subject: [Exchange] 421 4.2.1 Unable to connect errors Odd errors in my mail queue. Just started appearing yesterday. Most mail gets sent, but from certain domains I get these errors. "Attempted failover to alternate host, but that did not suceed." Anyone see this before? Exchange 2010 on Windows 2008 R2.
