Problem with message queue

Question

Hi

The organization has Exchange 2013 and 2016 servers. Exchange 2019 servers have recently been added. Migration is planned in the future.

I see that emails are stuck on Exchange 2013 in the queue for transmission to the Exchange 2019 server :

[[PS] C:\Windows\system32>Get-Queue MAILMBX02\221361 | fl lasterror

LastError : [{LRT=10.04.2024 17:35:02};{LED=441 4.4.1 Error encountered while communicating with primary target IP address ess: "421 4.4.2 Connection dropped due to Socket Error."

Attempted failover to alternate host, but that didn't not succeed. Either there are no alternate hosts, or delivery failed to all alternate hosts. The last endpoint int attempted was 10.107.227.153:2525};{FQDN=mail06.main.msa.com};{IP=10.107.227.153}]

All emails are addressed to migrated mailboxes. On mail05 in the log "C:\Program Files\Microsoft\Exchange Server\V15\TransportRoles\Logs\Hub\ProtocolLog\SmtpReceive\RECV2024100414-1.LOG" I see:

TLS negotiation failed with error Algorithm Mismatch

TLS 1.0, 1.1, 1.2 are enabled on all Exchange servers

What could be the causes of this condition? What is the configuration error?

Answer 1

Hi,

Welcome to Microsoft Q&A community.

TLS Algorithm Mismatch: The error "TLS negotiation failed with error Algorithm Mismatch" indicates that there might be a mismatch in the TLS algorithms supported by the Exchange 2013 and Exchange 2019 servers. Ensure that both servers support the same TLS algorithms and that they are configured correctly.

Socket Error: The error "421 4.4.2 Connection dropped due to Socket Error" suggests that there might be network connectivity issues between the servers. Verify that there are no firewall rules or network policies blocking the communication between the Exchange 2013 and Exchange 2019 servers.

Failover Issues: The message "Attempted failover to alternate host, but that didn't succeed" indicates that the failover mechanism is not working as expected. Ensure that there are alternate hosts configured and that they are reachable.

Concurrent Connections: Exchange Server is designed to create concurrent or parallel connections to send messages to multiple destinations. If the server is configured to send all messages to a single destination, such as Exchange Online, it may limit the number of parallel and total connections, causing delays. You can change the settings to optimize performance and avoid building large queues.

Antimalware Engine: Sometimes, the antimalware engine can cause issues with email transmission. Disabling the antimalware engine temporarily and restarting the Exchange Transport Service might help resolve the issue.

To address these issues, you can:

Verify and align the TLS algorithms supported by both Exchange 2013 and Exchange 2019 servers.

Check network connectivity and ensure there are no firewall rules or network policies blocking communication.

Ensure that alternate hosts are configured and reachable for failover.

Optimize the settings for concurrent connections to improve performance.

Consider temporarily disabling the antimalware engine and restarting the Exchange Transport Service.

If you need further assistance, feel free to ask!

Answer 2

All servers are located in the same domain. The situation is different.

The email that came to the organization was sent to the Exchange 2013 server for processing, and the mailbox is located on the Exchange 2019 server. And this email is in the queue and cannot be transferred to the Exchange 2019 server for the described reason.

Answer 3

This is solved problem:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client]

"Enabled"=dword:ffffffff

"DisabledByDefault"=dword:00000000