One of the common problems that an Exchange administrator has to deal with is the failure of outbound external messages to be delivered. This will cause complaints from the senders and can cause issues with the server itself.
As a minimum you should keep an eye on the queues, as this can indicate whether there is a problem. There are monitoring tools within Exchange that can alert you to messages in the queues, but watch the thresholds carefully or you will get false positives.
Collecting the Evidence
There are a number of bits of information that you can collect which help with diagnosing problems.
- The Non-Delivery Report (NDR)
This is the most important item as it will show the SMTP diagnostic code. If the users are complaining, ask them to send you the complete NDR so that you can see what the server reported as the problem.
- Message Tracking Logs.
Exchange can track what it did with the message. This needs to be enabled before the problem, and as it has such a low overhead, it is a good idea to have it running all the time, retaining at least 30 days worth of logs. Exchange 2003 - Exchange 2007
- SMTP Diag tool.
This is a download from Microsoft and can tell you loads about the SMTP status as seen by the Exchange server.
- SMTP Logs.
The logs that the SMTP server creates are limited but can show if the connection was made.
For Exchange 2003, Enable the logging in ESM, Servers, <your server>, Protocols, SMTP. Right click on the SMTP Virtual Server and choose Properties. The logging settings are on the first tab.
For Exchange 2007 and 2010, it is part of the protocol logging. Set the log location on the properties of the Server, and enable logging on the properties of the Send Connector (for outbound email) and the recieve connector (for inbound logging)
Inbound email diagnostics is limited, there are a few things that you can do though.
There are lots of tools for outbound diagnostics and your server can give you lots of data to look at the problem.