Event ID 4000 Source SMTPSVC
| Event ID | 4000 |
| Source | SMTPSVC |
| Type | Warning |
| Description | Message delivery to the remote domain '<domain name>' failed. The error message is '<error message>'. |
| English, please! | Request a translation of the event description in plain English. |
| Comments |
Mihai Andrei
(Last update 7/7/2008): - Error message: "The remote SMTP service rejected AUTH negotiation" - See M940207. - Error message: "Unable to open the message for delivery" - This behavior can occur if there are multiple e-mail recipients on an outbound message, and the RCPT TO command for a recipient's address does not work and returns the status code 552. See M281704 for a hotfix applicable to Microsoft Windows 2000. Ionut Marin (Last update 4/2/2007): See M324958 to find out how to block open SMTP relaying and clean up Exchange Server SMTP queues on SBS, and M310380 to find out how to prevent Exchange 2000 from being used as a Mail Relay in Windows 2000. See M820284 and M884421 for information on how to fix this problem. M323350 has information on how to test SMTP services manually in Windows Server 2003. From a newsgroup post: "If you have verified that you are closed to relay per M310380, then you may have a compromised account that is being used for authentication. Turn SMTP Protocol Logging to Maximum in the Server -> Diagnostics Logging and check for Event ID 1708. This event will identify the account being used. Common culprits are local administrator accounts with blank passwords, username = test\password = test, and others". This problem may be caused by the NAT router if you are using one. From a newsgroup post: “I am running SMTPSVC under Windows 2000 Professional SP4. I own a Netgear RT314 router. I learned that the router's DNS server does not listen to TCP queries. This explains why SMTPSVC, which by default sends TCP DNS queries, does not work if it sends its query to the router's DNS server. If SMTPSVC forwards the query, to an external DNS server (which obviously handles TCP DNS queries), SMTPSVC works correctly. I received two suggested solutions for this problem: 1. Leave the external DNS servers configured in the NIC. 2. Configure the SMTPSVC to use UDP for DNS queries. How to accomplish this, is explained in M330070”. From a newsgroup post: "We use a monitoring tool called Event Sentry. We were asked by the monitoring team to enable SNMP. Well what we did not realize was that this application would suck up about 5000 UDP ports effectively killing all other UDP traffic including DNS". Ken B. (Last update 12/29/2006): I was getting this error at random times on a Windows XP Pro SP2 with IIS and the MS SMTP service. Mail would queue up and not go out. Sometimes rebooting the PC would fix the problem. The real fix for the problem was to disable the Symantec Corporate Edition "Internet mail" (SMTP) scanning service. I have seen these SMTP scanners cause problems like this before. Michael Hopkins (Last update 12/17/2006): I am running the SMTP service on a Win2K machine. I was getting the error "unable to bind to the destination server in DNS" and all the mail was sitting in the queue. What I did to resolve the problem was to restart the "DNS Client Service" on the machine running SMTP. The DNS Client just gets wonky sometimes and will not do lookups properly to route mail. It looks like everything is ok because you can go to the command line and use nslookup to resolve A records or MX records just fine. It just will not play right with SMTP until you restart it. P.S. the first time I saw this problem was actually on an Exchange server. Simon Tremblay (Last update 11/5/2006): My problem was that my TCP Port on the Outbound Connections of the Delivery Tab of my Default SMTP Virtual Server was set to 26 and not 25. Changing it to 25 and restarting the SMTP service fixed the problem. Why bother deciphering Event logs when GFI EventsManager can do everything for you? Free trial here! Brian P. (Last update 9/27/2006): I was updating the Symantec Antivirus clients across all my client PCs and setup the client on my network as a monitoring box. I used the SMTP server on the box to send alerts so I would still get alerts if the Exchange server died. The default AV client configuration had the "Internet mail" protection turned on. This was getting in the way of the SMTP service when it tried to send mail. I disabled the "Internet mail" protection and all was well. Anonymous (Last update 1/19/2005): In IIS, go to the Default virtual SMTP server properties -> Delivery tab -> Advanced, and check that "smart host" points to your exchange server. This fixed the problem for us. Woodrow Wayne Collins (Last update 1/3/2005): - Error message: "The remote server did not respond to a connection attempt" - There was a malformed email stuck in the queue, every so often it would try to resend thus generating these errors. To fix the problem, we simply deleted the email. Charles J. Palmer (Last update 4/7/2004): I moved my already working mail relay machine over to a new DMZ and domain and started getting a lot of these messages. I found that the problem was caused by the fact that I was using internal DNS servers that were relying solely on the ROOT HINTS. When I changed the relay to use an external DNS server, all of the messages started flowing fine. I fixed the configuration of the internal DNS servers to act as forwarder, shifted the mail relay back and everything was ok. Anonymous (Last update 1/23/2004): Error message: "The connection was dropped by the remote host." - See M286673. Anonymous (Last update 10/14/2003): Error message: The remote server did not respond to a connection attempt. - no info Adrian Grigorof (Last update 10/14/2003): - "The connection was dropped by the remote host." - self explanatory (though systems with ZoneAlarm installed may experience this problem). See also M264891. - "Unable to bind to the destination server in DNS" - See M290290 and M279616. M812292 indicates that this problem may occur if Exchange 2000 Server tries to use custom sinks that were previously installed and are no longer used or available. See also the Exchange 2000 Server Message Categorizer and Non-Delivery Report Troubleshooting whitepaper. Jan Jonsson (Last update 8/1/2003): - "Unable to bind to the destination server in DNS" - We solved this by changing the DNS server. Don McNicol Microsoft says that after you re-install the Simple Mail Transfer Protocol (SMTP) service or re-install Internet Information Services (IIS) on a Microsoft Windows 2000-based computer, mailboxes on that server may no longer be able to send mail to each other. This issue can occur if the SMTP service for Windows 2000 has been re-installed, but the Exchange 2000 SMTP service extensions have not been restored. To do: 1. Make sure that the SMTP service is installed. 2. Re-install Exchange 2000. 3. Reapply any Exchange 2000 service packs or fixes. I confirm that this has fixed this problem for me. Why bother deciphering Event logs when GFI EventsManager can do everything for you? Free trial here! Anonymous The error occurred after I have altered the port that IIS SMTP V Server uses to 26. Peter Fry Error: "An internal DNS error caused a failure to find the remote server." - This error comes up on the server running SMTP when the DNS server it is set to go through to resolve queries does not accept TCP queries. See M263237. K.s. Gopalakrishnan People upgrading to Win 2000, may experience this problem. Configure DNS entry for your local area network properly. DNS resolver in Windows 2000 has changed, and DNS resolution takes priority over NetBIOS resolution (DNS is using TCP/UDP port 53). Be sure to configure your firewall to allow these ports. If you cannot see local area connection on windows 2000, refer to M254631. Anonymous See M292278. Anonymous Error message: "An internal DNS error caused a failure to find the remote server." - I had this exact problem, "Unable to bind to the destination server in DNS", on a 2000 smtp only server (no Exchange) with two netowork interfaces. When attempting to deliver mail, a DNS lookup is performed via whichever NIC is bound first in the binding order. This can cause the return of an invalid or incorrect MX record. See M249104. Rick Cantrell See M262168 - "How to Disable 8BitMIME in Windows 2000 SMTP Service". |
| Links | M249104, M254631, M262168, M263237, M264891, M277770, M279616, M281704, M286673, M290290, M292278, M310380, M323350, M324958, M330070, M812292, M820284, M884421, M940207, Exchange 2000 Server Message Categorizer and Non-Delivery Report Troubleshooting |
| Search | Google Web - Microsoft Support - Bing - EventID.Net Queue - More links... |
| Feedback | Send comments - Notify me when updated |
| Print version |