Any suggestion is appreciated.
Best Regards
Chen Qiang
Check the related hotfix from here:
http://support.microsoft.com/default.aspx?scid=kb;EN-US;934709
More optimistically, the same behavior can come from a virus scanner that
is erroneously set to scan the queue folder. None of the SMTP service
folders should be scanned.
Finally, ensure that all of your DNS servers are functioning without
error. Note that this pertains to the DNS servers used _by your
mailserver_ -- not necessarily the DNS servers used by your personal
workstation. Try installing a local caching DNS server on the IIS SMTP
box itself if you have not already done so.
--Sandy
------------------------------------
Sanford Whiteman, Chief Technologist
Broadleaf Systems, a division of
Cypress Integrated Systems, Inc.
------------------------------------
"CQ" <C...@discussions.microsoft.com> wrote in message
news:91637ECB-B018-4F34...@microsoft.com...
The way this problem was described, it has nothing to do with outbound
TLS. "Bulk e-mails" are rarely sent to remote servers that require an
encrypted connection.
When messages are stuck in the queue, that means they were already
accepted for relay.
You're also mixing together SSL/TLS and SMTP AUTH terminology, which are
not necessarily related at all.
-- Sandy
"Sanford Whiteman" <swhitemanlis...@cypressintegrated.com> wrote
in message news:op.uzmv6...@gw02.broadleaf.local...
We've configured IIS5-7 SMTP hundreds of times and relay millions of
messages daily through IIS SMTP servers.
Relay permissions in any modern mailserver relate to inbound connections.
That's because the meaning of "relay" is "accept and queue a message with
a non-local recipient domain". Once a message has been queued and is
waiting to be serviced by an outbound connection, relay has been allowed.
You would have to have a complex, deliberate, and misguided policy set to
allow messages to be accepted and queued, but be ignored by outbound
connections because the submitting connection did not fit a requirement --
a requirement that you did not bother to enforce during the inbound stage.
> If the 2 are not related, why is the checkbox on the outbound SMTP tab?
The checkbox for outbound TLS and the radio buttons for outbound AUTH are
not mutually exclusive nor interdependent. That's why there are two
different interface widgets. That they are both "related" to mail
transmission and therefore to each other is obvious... and that they would
appear on the same Outbound Security form is unsurprising because they are
different forms of security.
If you are communicating with remote MXs that require authentication, you
would know it. You don't send "bulk mail" to domains that require this
level of special handling, and such domains should be hard-coded as
individual Remote Domains if the server may connect to any server that
does not have this requirement.
If you are communicating with remote MXs that require explicit encryption
(STARTTLS), you would also know it, and those domains should be hard-coded
as Remote Domains as above. Also note that RFC 2487 prohibits a
publicly-referenced mailserver from requiring STARTTLS.
> I was just trying to give the guy suggestions to try, because using
> the SSL cert worked for me.
TLS and AUTH are independent factors, as are inbound relay and outbound
connection requirements.
Telling somebody to use TLS and/or AUTHed outbound connections to unknown
remote domains is going to cause more problems than it solves.
Telling them to install a server cert (which is only necessary for the
inbound connection) when messages are already being successfully queued
does not follow.
-- Sandy