Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

Internet Information Services Simple Mail Transfer Protocol Service May Be Unable to Send Mail


View products that this article applies to.

This article was previously published under Q292278

↑ Back to the top


Symptoms

The Internet Information Services (IIS) Simple Mail Transfer Protocol (SMTP) service installed on an Internet Security and Acceleration (ISA) Server 2000-based server may not be able to send mail, and the following error may be logged in the event log:
Event ID 4000
Source: SMTPSVC
Type: Warning
Description: Message delivery to the remote domain your.domain.com failed. An internal DNS error caused a failure to find the remote server. 0000: c00402e7

↑ Back to the top


Resolution

To resolve this behavior, add a second Domain Name System (DNS) packet filter for the outbound Transmission Control Protocol (TCP) port 53:

Name: DNS TCP
Allow Packet Transmission
Custom: Protocol: TCP
Direction: Outbound
Local port: All ports
Remote port: Fixed port
Remote port number: 53
Default Internet Protocol (IP) addresses for each external interface on the ISA Server computer
All remote computers

↑ Back to the top


More information

ISA Server is configured with packet filters for inbound and outbound SMTP traffic. The default DNS client packet filter is also in place. From ISA Server, you can use telnet for the outbound SMTP traffic on port 25 and you can resolve names by means of DNS. The SMTP service receives mail, but outgoing mail remains in the queue.

When you trace how the SMTPSVC service delivers mail, this service uses a TCP DNS query for the mail exchanger (MX) record of the domain to which it is attempting to deliver mail. The default DNS filter in ISA Server is only enabled for User Datagram Protocol (UDP) queries. The addition of a second filter for DNS on TCP port 53 enables the DNS queries to work.

↑ Back to the top


Keywords: KB292278, kbprb

↑ Back to the top

Article Info
Article ID : 292278
Revision : 2
Created on : 1/15/2006
Published on : 1/15/2006
Exists online : False
Views : 345