If you have been using IIS SMTP, you will notice that it is actually quite hard to troubleshoot SMTP related issues. Ranging from event id 4000, to mail stuck in pickup, queue and bad mail folders. Normally, I would suggest users to try the following:
XFOR: How to Test Outbound Mail Flow With a File in the Pickup Folder
http://support.microsoft.com/?id=297700
The above simply test the basic function of SMTP. Just create a plain text file with the specified format. If SMTP is working, the mail will be delivered. Now, normally when mails get stuck in the server, it is mostly due to DNS issue. Meaning the SMTP component can't resolve the recipient's email domain MX record. In IIS 5.1 and below IIS SMTP only support TCP DNS queries, if it failed the mail will not be delivered. Only W2k3 or IIS 6.0 support either TCP or UDP Mode. So, to test the whether is DNS issue, try the following kb:
XCON: Windows 2000 and Exchange 2000 SMTP Use TCP DNS Queries
http://support.microsoft.com/?id=263237
The entire process is not that user friendly and required you to do certain troubleshooting. Today or I mean just now, I came across this new diagnostic tool called SMTPDiag, sent by Chris Adam to Brett's mailing list. Awesome Tool ! It helps you to troubleshooting the DNS resolution issues, further test the connection to the remote hosts and more. It DOES NOT need Exchange 2003, it only needs SMTP component.
The tool is super tiny :) only 96k ! here's the sample output of the diagnostic process.
D:\Tools\SmtpDiag>SmtpDiag.exe “sender@sender.com“ “blabla@gmail.com“ /v
Searching for Exchange external DNS settings.
Computer name is XXXXX.
Failed to connect to the domain controller. Error: 8007054b << you can ignore this
Checking SOA for gmail.com.
Checking external DNS servers.
Checking internal DNS servers.
Checking TCP/UDP SOA serial number using DNS server [xxx.xxx.xxx.xxx].
TCP test succeeded.
UDP test failed. << W2K behavior
Serial number: 2004092100
Checking TCP/UDP SOA serial number using DNS server [xxx.xxx.xxx.xxx].
TCP test succeeded.
UDP test failed.
Serial number: 2004092100
SOA serial number match: Passed.
Checking local domain records.
Starting TCP and UDP DNS queries for the local domain. This test will try to validate that DNS is set up correctly for inbound mail. This test can fail for
3 reasons.
1) Local domain is not set up in DNS. Inbound mail cannot be routed tolocal mailboxes.
2) Firewall blocks TCP/UDP DNS queries. This will not affect inbound mail,but will affect outbound mail.
3) Internal DNS is unaware of external DNS settings. This is a valid configuration for certain topologies.
Checking MX records using TCP: sender.com.
A: sender.com [xxx.xxx.xxx.xxx]
Checking MX records using UDP: sender.com.
A: sender.com [xxx.xxx.xxx.xxx] << amazingly this test domain, can query via UDP
Both TCP and UDP queries succeeded. Local DNS test passed.
Checking remote domain records.
Starting TCP and UDP DNS queries for the remote domain. This test will try to validate that DNS is set up correctly for outbound mail. This test can fail for 3 reasons.
1) Firewall blocks TCP/UDP queries which will block outbound mail. Windows 2000/NT Server requires TCP DNS queries. Windows Server 2003 will use UDP queries first, then fall back to TCP queries.
2) Internal DNS does not know how to query external domains. You must either use an external DNS server or configure DNS server to query external domains.
3) Remote domain does not exist. Failure is expected.
Checking MX records using TCP: gmail.com.
MX: gsmtp171.google.com (10)
MX: gsmtp57.google.com (20)
A: gsmtp171.google.com [64.233.171.27]
A: gsmtp57.google.com [216.239.57.27]
Checking MX records using UDP: gmail.com.
MX: gsmtp171.google.com (10)
MX: gsmtp57.google.com (20)
Both TCP and UDP queries succeeded. Remote DNS test passed.
Checking MX servers listed for blabla@gmail.com.
Connecting to gsmtp171.google.com [64.233.171.27] on port 25.
Received:
220 mx.gmail.com ESMTP 73si601551rna
Sent:
ehlo sender.com
Received:
250-mx.gmail.com at your service
250-SIZE 20971520
250 8BITMIME
Sent:
mail from: <sender@sender.com>
Received:
250 OK
Sent:
rcpt to: <blabla@gmail.com>
Received:
250 OK
Sent:
quit
Received:
221 mx.gmail.com closing connection
Successfully connected to gsmtp171.google.com.
Connecting to gsmtp57.google.com [216.239.57.27] on port 25.
Received:
220 mx.gmail.com ESMTP v71si245850cwb
Sent:
ehlo sender.com
Received:
250-mx.gmail.com at your service
250-SIZE 20971520
250 8BITMIME
Sent:
mail from: <sender@sender.com>
Received:
250 OK
Sent:
rcpt to: <qbernard@gmail.com>
Received:
250 OK
Sent:
quit
Received:
221 mx.gmail.com closing connection
Successfully connected to gsmtp57.google.com.
This is a so kewl !!!! Try it out !
Remember this article ?
Programs that connect to IP addresses that are in the loopback address range may not work as you expect in Windows XP Service Pack 2
http://support.microsoft.com/?id=884020
With SP2, it lock down all loopback address except 127.0.0.1. This might affect quite a number of program including IIS5.1 if you binding it to other loopback address and so on.
You need to get the hotfix by ringing Microsoft PSS. But just know I found this download @ MS download site:
http://www.microsoft.com/downloads/details.aspx?FamilyID=17d997d2-5034-4bbb-b74d-ad8430a1f7c8&displaylang=en
This is the hotfix for the above KB, so you can skip the PSS call.
Don't you hate it when the scheduled Microsoft webcasts happened while you were sleeping? Well, if you are located in Asia like me, then you know how I felt. If it's on weekends, I will stay up late, till about 3am just to attend one that I don't want to miss :) Of coz, you can view it on demand (after quite a 'long' time), wouldn't it be nice if we can download it and view it at anytime you like. This is true during the past with Interwise, but now with the Placeware (live meeting) you can't download it, you either get a popcorn watch it live or view the by demand online after it's been recorded.
So I rant!! few times since last year :) all I get were 'we are working on it....bla bla bla'. I ping Chris few weeks ago, and he forwarded me a cool link on how to download webcasts, it works !!! I have tested it with 5 IIS webcasts. All you need is the vbs script + net-transport download agent ! don't forget to change this constant in the script -
Const EVENTPAGE = "http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032255809&Culture=en-US"
Change it to the webcast URL that you wish to download.
The complete steps:
a) create the vbs script
b) install net-transport
c) change the constant value
d) execute the vbs script
e) open net-transport, specify where to save it, number of connections use, and etc.
f) open the downloaded webcast with Windows Media Player.
It's out !! AuthDiag 1.0, which stands for Authentication and Access Control Diagnostics, the RC version was out there for quite a while, but I didn't really have time to test it, but it should be pretty similar to SSLDiag, which diagnose IIS SSL related issues. Both are MUST have tools, if you are administrating IIS servers.
From the download page...
AuthDiag 1.0 offers a robust tool that offers a efficient method for troubleshooting authentication on IIS 5.x and 6.0. It will analyze metabase configuration and system-wide policies and warn users of possible points of failure and guide them to resolving the problem. AuthDiag 1.0 also includes a robust monitoring tool called AuthMon designed at capturing a snapshot of the problem while it occurs in real-time. AuthMon is robust and specially designed for IIS servers removing any information not pertinent to the authentication or authorization process.
UrlScan 2.5 and IIS 6.0 (Level 200)
The UrlScan security tool goes hand-in-hand with IIS 4.0, 5.0, and 5.1, but how does the latest version of the tool apply to IIS 6.0? Join this webcast and find out!
The Ins and Outs of Web Service Extensions in IIS 6.0 (Level 200)
Learn how to successfully add ISAPI-based components and CGI applications to the Web Service Extensions list in IIS 6.0. Also learn troubleshooting techniques for discovering why some applications—such as Perl applications—do not work after installation.
Successfully Using WebDAV in IIS 6.0 (Level 200)
Get the scoop on Web Distributed Authoring and Versioning (WebDAV) publishing and file management. Learn where WebDAV can be used most effectively, as well as how to use Secure Sockets Layer (SSL) to protect data from unauthorized viewers.