Exchange 2010: Message Queued with 451 4.4.0 Dns query failed
We discussed this error earlier here https://msexchangeguru.com/2013/11/23/451-4-4-0-dns-query-failed-the-error-was-smtpsend-dns-nonexistentdomain-nonexistent-domain/
We also know this issue can come because of multiple reasons. So today I discovered another fix so I am sharing here.
Infra:
This infrastructure has windows 2012 R2 domain controllers with AD integrated DNS on it.
We are migrating from Exchange 2007 to Exchange 2010. This is customer choice, I would have chosen Exchange 2013.
Mixed mode with Exchange 2007 and windows 2008 non R2 DCs.
Issue:
Until migration everything was working fine.
Post cut over we got few secure domains had Message Queue with 451 4.4.0 DNS Query failed
Troubleshooting:
Did the nslookup and look for the mx record. Mx record was present and telnet to this record was working. This means DNS Query was working.
I created the send connector and pointed to one of the MX record hostname.
Restart the transport service on all exchange 2010 servers
But still the messages were queued up with the same error.
Resolution:
Turn off the EDNS0 feature on Windows-based DNS servers. To do this, take the following action:
Open the command prompt with run as administrator,
Type the following command, and then press Enter:
dnscmd /config /enableednsprobes 0
Did the same on all domain controllers.
Selected the message to retry or restart transport fixed my issue.
Root cause:
This issue occurs because of the Extension Mechanisms for DNS (EDNS0) functionality that is supported in Windows Server DNS.
EDNS0 allows larger User Datagram Protocol (UDP) packet sizes. However, some firewall programs may not allow UDP packets that are larger than 512 bytes. Therefore, these DNS packets may be blocked by the firewall.
Reference: http://support.microsoft.com/kb/832223
This applies to domain controllers post windows 2008 R2 and above which is why windows 2008 non R2 domain controllers were working fine.
Prabhat Nigam
Microsoft Solutions Architect
Team@MSExchangeGuru
November 19th, 2014 at 12:20 am
Hi Prabhat,
Great work and thanks for sharing your knowledge.. I am a regular at your site 🙂
Regards,
Pithoo
January 28th, 2015 at 2:51 am
[…] https://msexchangeguru.com/2014/11/14/e2010451-4-4-0-dns-query-failed/ […]
April 27th, 2015 at 9:57 am
You won’t believe it guys, I had the same problem. Tried your solution, didn’t work on my. As soon as I checked Register this connection DNS address on my NIC properties in the EDGE server, all messages were processed ….
April 27th, 2015 at 11:42 am
You should not uncheck this checkbox
July 20th, 2015 at 6:09 pm
In my lab I ran into this problem. It turns out I had added Google’s public DNS server (8.8.8.8) as the secondary DNS server on my Exchange 2013 server and that caused this problem. Once I removed it, left the secondary DNS server blank, my queue processed.
July 23rd, 2015 at 9:18 am
Big thanks to tmack! I was struggling with this for the past couple of days and removing the Google DNS entry fixed it! Cheers!