0

Question

Outbound emails sent through EXCH-S01 or EXCH-S02 are always routed to EXCH-S02 before leaving the organization network in Exchange 2010 DAG. Why?

Configuration

DAG Configuration

This is a simple DAG with two exchange servers and a fileshare witness (not included in the figure). S1 and S2 are the exchange servers hosting OWA1 and OWA2 respectively.

System Information

Send Connector: Internet

AddressSpaces                : {SMTP:*;1}
AuthenticationCredential     : 
Comment                      : 
ConnectedDomains             : {}
ConnectionInactivityTimeOut  : 00:10:00
DNSRoutingEnabled            : True
DomainSecureEnabled          : False
Enabled                      : True
ErrorPolicies                : Default
ForceHELO                    : False
Fqdn                         : email.fabrikam.ca
HomeMTA                      : Microsoft MTA
HomeMtaServerId              : EXCH-S02
Identity                     : Internet
IgnoreSTARTTLS               : False
IsScopedConnector            : False
IsSmtpConnector              : True
LinkedReceiveConnector       : 
MaxMessageSize               : unlimited
Name                         : Internet
Port                         : 25
ProtocolLoggingLevel         : None
RequireOorg                  : False
RequireTLS                   : False
SmartHostAuthMechanism       : None
SmartHosts                   : {}
SmartHostsString             : 
SmtpMaxMessagesPerConnection : 20
SourceIPAddress              : 0.0.0.0
SourceRoutingGroup           : Exchange Routing Group (DWBGZMFD01QNBJR)
SourceTransportServers       : {EXCH-S02, EXCH-S01}
TlsAuthLevel                 : 
TlsDomain                    : 
UseExternalDNSServersEnabled : True

Receive Connector "EXCH-S02\From EXCH-S01"

RunspaceId                              : c5d80334-209b-4974-b6ef-105e3db469b4
AuthMechanism                           : Tls, Integrated, BasicAuth, BasicAuthRequireTLS, ExchangeServer
Banner                                  : 
BinaryMimeEnabled                       : True
Bindings                                : {0.0.0.0:25}
ChunkingEnabled                         : True
DefaultDomain                           : 
DeliveryStatusNotificationEnabled       : True
EightBitMimeEnabled                     : True
BareLinefeedRejectionEnabled            : False
DomainSecureEnabled                     : False
EnhancedStatusCodesEnabled              : True
LongAddressesEnabled                    : False
OrarEnabled                             : False
SuppressXAnonymousTls                   : False
AdvertiseClientSettings                 : False
Fqdn                                    : EXCH-S02.fabrikam.ca
Comment                                 : 
Enabled                                 : True
ConnectionTimeout                       : 00:10:00
ConnectionInactivityTimeout             : 00:05:00
MessageRateLimit                        : unlimited
MessageRateSource                       : IPAddress
MaxInboundConnection                    : 5000
MaxInboundConnectionPerSource           : 20
MaxInboundConnectionPercentagePerSource : 100
MaxHeaderSize                           : 64 KB (65,536 bytes)
MaxHopCount                             : 60
MaxLocalHopCount                        : 8
MaxLogonFailures                        : 3
MaxMessageSize                          : 10 MB (10,485,760 bytes)
MaxProtocolErrors                       : 5
MaxRecipientsPerMessage                 : 200
PermissionGroups                        : ExchangeUsers, ExchangeServers, ExchangeLegacyServers
PipeliningEnabled                       : True
ProtocolLoggingLevel                    : None
RemoteIPRanges                          : {10.1.0.3, 10.1.0.1}
RequireEHLODomain                       : False
RequireTLS                              : False
EnableAuthGSSAPI                        : False
ExtendedProtectionPolicy                : None
LiveCredentialEnabled                   : False
TlsDomainCapabilities                   : {}
Server                                  : EXCH-S02
SizeEnabled                             : EnabledWithoutValue
TarpitInterval                          : 00:00:05
MaxAcknowledgementDelay                 : 00:00:30
AdminDisplayName                        : 
ExchangeVersion                         : 0.1 (8.0.535.0)
Name                                    : From EXCH-S01
DistinguishedName                       : CN=From EXCH-S01,CN=SMTP Receive Connectors,CN=Protocols,CN=EXCH-S02,CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=fabrikam,CN=
                                          Microsoft Exchange,CN=Services,CN=Configuration,DC=fabrikam,DC=ca
Identity                                : EXCH-S02\From EXCH-S01
Guid                                    : a040ff87-900f-4a21-ad68-c9c095940686
ObjectCategory                          : fabrikam.ca/Configuration/Schema/ms-Exch-Smtp-Receive-Connector
ObjectClass                             : {top, msExchSmtpReceiveConnector}
WhenChanged                             : 4/8/2017 9:10:54 AM
WhenCreated                             : 1/21/2012 10:15:06 PM
WhenChangedUTC                          : 4/8/2017 1:10:54 PM
WhenCreatedUTC                          : 1/22/2012 3:15:06 AM
OrganizationId                          : 
OriginatingServer                       : DC01.fabrikam.ca
IsValid                                 : True

Exchange Server EXCH-S01

RunspaceId                        : c5d80334-209b-4974-b6ef-105e3db469b4
Name                              : EXCH-S01
DataPath                          : D:\Exchange Server\V14\Mailbox
Domain                            : fabrikam.ca
Edition                           : Enterprise
ExchangeLegacyDN                  : /o=fabrikam/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Configuration/cn=Servers/cn=EXCH-S01
ExchangeLegacyServerRole          : 0
Fqdn                              : EXCH-S01.fabrikam.ca
CustomerFeedbackEnabled           : 
InternetWebProxy                  : 
IsHubTransportServer              : True
IsClientAccessServer              : True
IsExchange2007OrLater             : True
IsEdgeServer                      : False
IsMailboxServer                   : True
IsE14OrLater                      : True
IsProvisionedServer               : False
IsUnifiedMessagingServer          : False
NetworkAddress                    : {ncacn_vns_spp:EXCH-S01, netbios:EXCH-S01, ncacn_np:EXCH-S01, ncacn_spx:EXCH-S01, ncacn_ip_tcp:EXCH-S01.fabrikam.ca, ncalrpc:EXCH-S01}
OrganizationalUnit                : fabrikam.ca/EXCH-S01
AdminDisplayVersion               : Version 14.3 (Build 123.4)
Site                              : fabrikam.ca/Configuration/Sites/fabrikam
ServerRole                        : Mailbox, ClientAccess, HubTransport
ErrorReportingEnabled             : 
StaticDomainControllers           : {}
StaticGlobalCatalogs              : {}
StaticConfigDomainController      : 
StaticExcludedDomainControllers   : {}
CurrentDomainControllers          : {}
CurrentGlobalCatalogs             : {}
CurrentConfigDomainController     : 
ProductID                         : 02064-110-8022196-75615
IsExchange2007TrialEdition        : False
IsExpiredExchange2007TrialEdition : False
RemainingTrialPeriod              : 00:00:00
IsValid                           : True
ExchangeVersion                   : 0.1 (8.0.535.0)
DistinguishedName                 : CN=EXCH-S01,CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=fabrikam,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=fabrikam,DC=
                                    ca
Identity                          : EXCH-S01
Guid                              : 72736c62-2931-4128-bca5-73b233142f3b
ObjectCategory                    : fabrikam.ca/Configuration/Schema/ms-Exch-Exchange-Server
ObjectClass                       : {top, server, msExchExchangeServer}
WhenChanged                       : 4/8/2017 5:23:00 PM
WhenCreated                       : 5/21/2011 8:29:21 PM
WhenChangedUTC                    : 4/8/2017 9:23:00 PM
WhenCreatedUTC                    : 5/22/2011 12:29:21 AM
OrganizationId                    : 
OriginatingServer                 : DC01.fabrikam.ca

Exchange Server EXCH-S02

RunspaceId                        : c5d80334-209b-4974-b6ef-105e3db469b4
Name                              : EXCH-S02
DataPath                          : D:\Exchange Server\V14\Mailbox
Domain                            : fabrikam.ca
Edition                           : Enterprise
ExchangeLegacyDN                  : /o=fabrikam/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Configuration/cn=Servers/cn=EXCH-S02
ExchangeLegacyServerRole          : 0
Fqdn                              : EXCH-S02.fabrikam.ca
CustomerFeedbackEnabled           : 
InternetWebProxy                  : 
IsHubTransportServer              : True
IsClientAccessServer              : True
IsExchange2007OrLater             : True
IsEdgeServer                      : False
IsMailboxServer                   : True
IsE14OrLater                      : True
IsProvisionedServer               : False
IsUnifiedMessagingServer          : False
NetworkAddress                    : {ncacn_vns_spp:EXCH-S02, netbios:EXCH-S02, ncacn_np:EXCH-S02, ncacn_spx:EXCH-S02, ncacn_ip_tcp:EXCH-S02.fabrikam.ca, ncalrpc:EXCH-S02}
OrganizationalUnit                : fabrikam.ca/EXCH-S02
AdminDisplayVersion               : Version 14.3 (Build 123.4)
Site                              : fabrikam.ca/Configuration/Sites/fabrikam
ServerRole                        : Mailbox, ClientAccess, HubTransport
ErrorReportingEnabled             : 
StaticDomainControllers           : {}
StaticGlobalCatalogs              : {}
StaticConfigDomainController      : 
StaticExcludedDomainControllers   : {}
CurrentDomainControllers          : {}
CurrentGlobalCatalogs             : {}
CurrentConfigDomainController     : 
ProductID                         : 02064-110-8022196-75900
IsExchange2007TrialEdition        : False
IsExpiredExchange2007TrialEdition : False
RemainingTrialPeriod              : 00:00:00
IsValid                           : True
ExchangeVersion                   : 0.1 (8.0.535.0)
DistinguishedName                 : CN=EXCH-S02,CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=fabrikam,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=fabrikam,DC=
                                    ca
Identity                          : EXCH-S02
Guid                              : 0f25a4ee-2e54-4c9c-840d-a1ab5f107cfa
ObjectCategory                    : fabrikam.ca/Configuration/Schema/ms-Exch-Exchange-Server
ObjectClass                       : {top, server, msExchExchangeServer}
WhenChanged                       : 9/20/2014 10:20:32 AM
WhenCreated                       : 1/21/2012 5:58:57 PM
WhenChangedUTC                    : 9/20/2014 2:20:32 PM
WhenCreatedUTC                    : 1/21/2012 10:58:57 PM
OrganizationId                    : 
OriginatingServer                 : DC01.fabrikam.ca

I will be happy to provide more information if required.

What I've done so far

  1. Reset the activation preference.
  2. Noticed HomeMtaServerId set to EXCH-S02 in the send connector. But realized Exchnage Server 2010 does not use that parameter anymore.

I am very eager to find out what is causing this.

Lordbalmon
  • 121
  • 1
  • 7

2 Answers2

2

When you send an email Exchange will use any server with the hub transport role to send and process the email. That might be the same server you are on, it might be one of the others.

I have seen an email go between two users on the same mailbox server (which also has the hub transport role) go through another hub transport server.

The DAG preference has nothing to do with hub transport. Neither does client access role.

If the email has left your environment to go to an external server via the second server then the Send Connector must have both servers listed as source servers.

Sembee
  • 2,884
  • 1
  • 8
  • 11
  • I added more information. Both servers have the "HubTransport" Role, why would one get picked every time? – Lordbalmon Apr 08 '17 at 22:19
  • This is why both servers are being used: SourceTransportServers : {EXCH-S02, EXCH-S01} If you only want email to leave the Exchange org via one server then you need to remove the other from the list of source transport servers. If you two or more servers listed then I believe Exchange will round robin them. – Sembee Apr 10 '17 at 14:38
0

If both have hub role then both can send out. However, if only one is sending out then the clients are probably the culprits. When you press CTRL and right click on outlook from any client, select connection status. What does it show for server name? If after checking a few of them they all show s02 as their server then whenever they email the hub on that server will be the one sending it.

Jon
  • 339
  • 2
  • 10
  • I tried using OWA from Server 1, yet the mail exits through Server 2 – Lordbalmon Apr 27 '17 at 18:32
  • Where are you seeing that email goes out to the internet via server2? Also you mention you have a DAG. How many DBs are you hosting and which server has the active copies? Clients will connect to the server that has the active copy of their mailboxes. If you connected to owa1 but mail went out from server2 then perhaps server2 has the active copy of their mailbox. – Jon Apr 28 '17 at 15:06
  • All active databases are on DB01. I find route information from headers in the delivered email – Lordbalmon May 01 '17 at 22:47
  • Hmm, I'm running out of ideas. Okay have you looked at your DNS entries for your mail servers? Since you have 2 hub transports servers then you should have 2 MX records in DNS. They get a priority number. First do you have 2 MX records? Second are each the same priority? – Jon May 02 '17 at 13:24
  • first of all thank you for trying, have been struggling alone for so long. There were 2 MX records but we removed one. Even if we had not removed it, I don't think MX would affect sending. – Lordbalmon May 02 '17 at 16:20
  • Have you made sure all services are running on both servers? Run the following command on both servers and check to see if requiredservicesrunning = true: test-servicehealth – Jon May 02 '17 at 19:59
  • Okay I found the answer and it does have to do with DNS but not MX records in it. Just the A records for those servers. Exchange will use round robin when trying to load balance the listed transport servers. You can't really change how round robin decides which one it picks even if it's picking the same one every time. Round robin is the poor man's load balancer so you can't expect great balancing. You can implement a third party load balancer and that will balance things so email is sent from both transport servers more evenly. Unless it's affecting business then leaving it as is won't hurt. – Jon May 03 '17 at 18:47
  • Hmmm, load balancing could not be the culprit. Dns round robin needs two dns records with the same priority. – Lordbalmon May 07 '17 at 12:19
  • Jon, how do exchange servers proxy up and down? Do they use receive connectors? – Lordbalmon May 07 '17 at 12:19
  • Exchange is doing round robin on its own backend. It is not using regular round robin that you would implement yourself. Read the following link and search for "round robin". https://technet.microsoft.com/en-us/library/aa998825(v=exchg.141).aspx – Jon May 08 '17 at 14:14
  • Also normal round robin just has to have 2 A records with same name. There is no "priority" since this is poor man's round robin. It's up to DNS to decide where to send the request to. The link I gave will provide you with most answers regarding hub transport and its inner workings. – Jon May 08 '17 at 14:21