Guide to Mail Flow issues Exchange

In some situations email stops flowing to your user mailboxes and it can sometimes be difficult to determine which component is having an issue. This guide will help you locate and correct any issues.

First it is best to do a quick test of each internal software component to verify they are all running as expected. Telnet client is a very useful tool for this. You can install this quickly and easily on any Windows machine by using the Windows Add Features under control panel to install the telnet client. Next perform the following command line telnet connections to ascertain which component may be at fault:

a) Test Hexamail

If the test succeeds you should see a response of the form

If this test fail to connect then follow these steps:

1. Check the Hexamail service is running in Windows Services
2. Check the Hexamail service is not paused
3. Check the Hexamail process is running in Windows Task Manager (show processes for all users) (hexamailguard.exe/hexamailnexus.exe/hexamailserver.exe)
4. Check the Hexamail Admin/SMTP Server/Network/Port (redo the above test if the port is different)
5. Check the Hexamail Admin/SMTP Server/Network Advanced bindings. If there is a bind to host then redo the above test if using the bindhost instead of 127.0.0.1
6. Check the Hexamail SMTP Server/Network Disallowed IP addresses do not exclude the IP you are testing from
7. Check the Hexamail SMTP Server/Log (Debug loglevel) does not report a temporary IP block on the IP you are testing from

b) Test Exchange (same machine as Hexamail)

If the test succeeds you should see a response of the form

If this test fail to connect then follow these steps:

1. Check the Exchange SMTP SMTP Transport service is running in Windows Services. This of course changes with each version of Exchange. Under Exchange 2016 it is called "Microsoft Exchange Frontend Transport" and more information about Exchange 2016 services can be found here Under prior versions of Exchange it is called "Simple Mail Transfer Protocol (SMTP) service" and more information about Exchange services can be found here
2. Check the SMTP transport process is running in Windows Task Manager (show processes for all users). This can be inetinfo.exe in earlier versions of Exchange

b) Test Exchange (different machine to Hexamail)

If the test succeeds you should see a response of the form

If this test fail to connect then follow these steps:

1. Check the Exchange SMTP SMTP Transport service is running in Windows Services. This of course changes with each version of Exchange. Under Exchange 2016 it is called "Microsoft Exchange Frontend Transport" and more information about Exchange 2016 services can be found here Under prior versions of Exchange it is called "Simple Mail Transfer Protocol (SMTP) service" and more information about Exchange services can be found here
2. Check the SMTP transport process is running in Windows Task Manager (show processes for all users). This can be inetinfo.exe in earlier versions of Exchange

If the above tests work from their respective machines then all services are correctly running. You now need to test access to the SMTP port from within your network. To do this choose another machine (separate to the Hexamail and Exchange machines) and on that machine perform the following test(s):

If the test succeeds you should see a response of the form

If the Exchange machine is different to the Hexamail machine:

If the test succeeds you should see a response of the form

If either test fails follow these steps:

1. Check the local Windows Firewall on the machine for which the test failed is not blocking TCP port 25 (SMTP). If required add a rule to allow port 25 TCP traffic to the machine
2. Check the any local AV scanner on the machine for which the test failed is not blocking TCP port 25 (SMTP). If the AV is scanning SMTP traffic try restarting the AV and redo the test. If it still fails try disabling SMTP scanning and see if the test then works.

If the LAN testing works, you now need to test access to the SMTP port from outside your network. To do this choose another machine external to your network, e.g. a laptop on a separate Internet connection. First we need to identify the WAN name of your mailserver. To do this we use nslookup to identify the MX server responsible for delivering mail for your domain. You need to know your mail domain name (the part after the @ in your email address). Then on the command line do:

Where domain.com is your email domain (like hexamail.com). That should give you a list of servers that are responsible for delivering email for your domain. Alternatively use MX Toolbox to lookup your SMTP servers for your domain:
MX Toolbox Lookup

Because many ISPs block port 25 connections from DSL lines etc it may be easier to test the server using an online SMTP testing tool. We will use MX Toolbox. Go to the website and type in the server name you want to test and press TEST
MX Toolbox Server Test

If the test succeeds you should see a response of the form

If either test fails follow these steps:

1. Check the router/firewall on your network is not blocking TCP port 25 (SMTP). If required add a rule to allow port 25 TCP traffic to the Hexamail machine
2. Check the router/firewall AV SMTP scanner. If you are doing SMTP scanning on your firewall you need to reboot the firewall to verify that this is not causing issues. You may also want to disable this feature and retest to see if it is causing the mail flow problems.

If all the connectivity tests above function correctly you can try sending in an email from an external account (like gmail.com, yahoo, Office 365 etc) to test whether it arrives at your internal/local mailbox.

If the email does not arrive check:

1. The Hexamail Admin/SPAM Blocker/Quarantine in case the email has been blocked. If it has change the rule that blocked it to prevent further false positives.
2. Check the Hexamail Admin/SMTP Relay/Log page for any warnings or errors. Typically these are warnings from Exchange (like insuffient disk space, called backpressure or resource issues), recipient addressing issues, or Exchange Content Filtering or Sender blocking issues. Most can be fairly easily resolved by googling the error code shown in the log.