Bad NIC Settings Cause Internal Messages to Queue with 451 4.4.0 DNS query failed (nonexistent domain)

 Hello All

I’ve come across this with my LAB  yesterday & it can be a real head scratcher. However, the resolution is actually pretty simple and just wanted to share with you all.

Scenario:

I have 3 Exchange servers in the environment,  One is Hybrid server internet facing and another Two is in DAG. - All are exchange 2016 servers. Am able to send directly out & receive in from the internet just fine but is unable to send email to/through another internal Exchange server. 

This issue may also manifest itself as intermittent delays in sending between internal Exchange servers.

In either scenario, messages will be seen queuing & if you run a “Get-Queue –Identity QueueID | Formal-List” you will see a “LastError” of “451 4.4.0 DNS query failed. The error was: SMTPSEND.DNS.NonExistentDomain; nonexistent domain”.

[PS] C:\Windows\system32>Get-Queue

Identity          DeliveryType          Status MessageCount Velocity RiskLevel OutboundIPPool NextHopDomain

--------          ------------          ------ ------------ -------- --------- -------------- -------------

cmex01\4          SmtpDeliveryToMailbox Retry  1            0        Normal    0              DAGCM

cmex01\Submission Undefined             Ready  0            0        Normal    0              Submission

[PS] C:\Windows\system32>Get-Queue -Identity 4 | fl

Status                           : Retry

MessageCount                     : 1

LastError                        : [{LED=451 4.4.0 DNS query failed. The error was: SMTPSEND.DNS.NonExistentDomain;

                                   nonexistent domain DAGCM -> DnsDomainDoesNotExist:

                                   InfoDomainNonexistent};{MSG=};{FQDN=mailbox database

                                   0415508227};{IP=};{LRT=8/19/2023 8:37:31 PM}]

========================================================================

Resolution:

This issue can occur because the Properties of the Exchange Server’s NIC have an external DNS server listed in them. 

AM not Removing the external DNS server/servers NIC  & leaving only internal (Microsoft DNS/Active Directory Domain Controllers in most customer environments) DNS Server NIC 

Howeever in Exchnage Admin Center  --  Selected the Hybrid Server --> Edit Properties--> DNS Lookup and make it use the external DNS of my PUBLIC DNS  IP configured in Secondary NIC  and Intenal DNS to my Domain Controller IP 

also make sure the below settings is checked on the Send Connector outbound to Internet

USE THE EXTERNAL DNS LOOKUP SETTINGS ON SERVERS WITH TRANSPORT ROLES

followed by restarting the Microsoft Exchange Transport Service should resolve the issue.

=============================================================

Summary:

The Default Configuration of an Exchange Server is to use the local Network Adapter’s DNS settings for Transport Service lookups.

Because the default behaviour is to use the local network adaptor's DNS settings, Exchange was finding itself using external DNS servers for name resolution. Now this seemed to work fine when it had to resolve external domains/recipients but a public DNS server would likely have no idea what your internal Exchange servers resolve to

The error we see is due to the DNS server responding....

I hope this would be helpful for some one to resolve the issue quickly and Happy learning 😊