Top 10 Best Practices for Securing Microsoft Exchange Server

Troubleshooting Common Microsoft Exchange Server Issues

Overview

This guide covers quick diagnostics and step‑by‑step fixes for frequent Exchange Server problems: mail flow delays, queues, OWA/ECP ⁄₅₀₀ errors, transport service failures, database mount problems, and Back Pressure. Commands assume Exchange Management Shell and administrative Windows access.

1) Mail flow delays or stuck messages

Symptoms: messages queued, long delivery times, Send/Receive delays.

Troubleshooting steps

1. Check queues
   • Get-Queue | Format-Table Identity,Status,MessageCount -AutoSize
2. Inspect message tracking
   • Get-MessageTrackingLog -Start (Get-Date).AddHours(-1) -ResultSize 100 | Select Timestamp,EventId,Source,Recipients
3. Check transport service health
   • Get-Service MSExchangeTransport
   • Get-TransportService | Format-List Name,BackPressureState
4. Look for disk pressure (Back Pressure)
   • Check free space on drive hosting TransportRoles\data\Queue\mail.que
   • Event IDs: 15006 / 15007 indicate low disk space.
5. Immediate remediation
   • Free disk space or move/compact queue DB:
     • eseutil /d “\mail.que” /t “\mail.que.compact”
   • Pause/resume mail flow during maintenance:
     • Set-ServerComponentState -Identity-Component HubTransport -State Draining -Requester Maintenance
     • After fixes: Set-ServerComponentState -Identity -Component HubTransport -State Active -Requester Maintenance
6. Tune outbound concurrency (if sending to single destination)
   • Set-TransportService -MaxPerDomainOutboundConnections
   • Edit Edgetransport.exe.config: SmtpConnectorQueueMessageCountThresholdForConcurrentConnections

2) OWA/ECP 503 or IIS 500 (Service Unavailable / Maintenance)

Symptoms: OWA/ECP show 503 or 500 maintenance page after reboot or updates.

Checks & fixes

1. Check IIS app pools
   • In IIS Manager: start MSExchangeOWAAppPool and MSExchangeECPAppPool if stopped.
2. Verify certificates and backend binding
   • In IIS > Exchange Back End > Bindings > port 444: ensure a valid Microsoft Exchange cert is bound.
3. Restart IIS gracefully
   • iisreset /noforce
4. Check Exchange server component states
   • Get-ServerComponentState -Identity
   • If components are Inactive, set to Active with Set-ServerComponentState.
5. Wait for .NET optimization after patching/reboot
   • Allow 20–40 minutes for .NET NGen/Optimization tasks to complete after updates; start missing Exchange services manually in meantime.

3) Transport service stops, binding or port conflicts

Symptoms: MSExchangeTransport or FrontEndTransport crashes or won’t start; Event IDs ⁄₁₀₁₉.

Resolution

1. Check for port 25 conflicts
   • netstat -ano | findstr “:25”
   • Identify process holding port 25; stop or reconfigure it.
2. Verify receive connector roles
   • Get-ReceiveConnector | Select Name,Bindings,TransportRole
   • If a connector incorrectly uses HubTransport on port 25, run:
     • Set-ReceiveConnector -Identity “” -TransportRole FrontendTransport
3. Restart Transport services
   • Restart-Service MSExchangeTransport
   • If worker processes exit repeatedly, examine Application log for Watson/exception details.

4) Databases won’t mount or dismounted DBs

Symptoms: mailbox DBs dismounted, DAG replication errors, failed mounts.

Steps

1. Check database state
   • Get-MailboxDatabaseCopyStatus * | Format-Table Name,Status,CopyQueueLength,ContentIndexState
   • Get-MailboxDatabase -Status | Select Name,Mounted
2. Examine Event Viewer for ESE / system errors
   • Look for ESE Event IDs (e.g., 455, 530) and VSS/backup related events.
3. Attempt soft repair
   • Dismount-Database -Identity ; Mount-Database -Identity
4. If database corruption suspected
   • Use Eseutil /mh to check integrity; Eseutil /r for repair if appropriate (follow full backup guidance).
5. DAG-specific
   • Check replication and witness server; reseed copy if needed:
     • Update-MailboxDatabaseCopy -Identity “\” -DeleteExistingFiles

5) Services slow to start after patching/reboot

Symptoms: many Exchange services stuck, high CPU, performance issues.

Actions

1. Start critical Exchange services manually
   • Start-Service MSExchange* (selectively start replication, transport, store-related first)
2. Monitor .NET Runtime Optimization
   • Wait for NGen background compilation to finish before rebooting repeatedly.
3. Review recent updates
   • If problem followed Windows/.NET updates, ensure all required Exchange cumulative updates are applied and check known CU issues.

6) General diagnostics checklist

1. Event Viewer: Application and System logs — note Exchange-specific Event IDs.
2. Services: Ensure Exchange services are Running.
3. Disk space: system, transport queue, and database drives.
4. Network/DNS: nslookup, Test-NetConnection to AD, domain controllers, and SMTP next hops.
5. Message tracking & queues: Get-MessageTrackingLog, Get-Queue.
6. Backups: confirm no backup process is locking DB files.
7. Updates/CUs: confirm compatibility between Windows updates and Exchange CUs.

Quick command summary

• Get-Queue
• Get-MessageTrackingLog -Start (Get-Date).AddHours(-1)
• Get-TransportService | Format-List Name,BackPressureState
• Get-ServerComponentState -Identity
• Set-ServerComponentState -Identity -Component HubTransport -State Draining -Requester Maintenance
• Get-MailboxDatabaseCopyStatus *
• eseutil /mh “\database.edb”

When to escalate

• Persistent corruption indicated by ESE errors or failed Eseutil repairs.
• Repeated service crashes with unhandled exceptions in Application log.
• Major DAG replication failure or data loss risk.
• Complex transport issues after exhausting above steps — open a Microsoft Support case with logs (Set-ExchangeDiagnosticInfo, message tracking, and Transport logs).

If you want, I can tailor this into a step‑by‑step runbook for your specific Exchange version (2016, 2019) and topology (single server vs DAG).