Mail socket error 10061

Hi Guys,
  • Remove From My Forums

  • Question

  • Hi Guys,

    We have a hybrid of Exchange 2010 with Exchange Online. Hybrid server as well as Edge is in version 2016.

    Users sometimes complaining that email are delivered with significant delay. After checking Tracking logs on O365 there are bunch of following errors with eventid DEFER:

    ‘[{LED=450 4.4.316 Connection refused};{MSG=Socket error code 10061};{FQDN=smtp.our_domain.com};{IP=<our_ip_Addr>};{LRT=7/13/2016 8:52:55 AM}]’

    smtp.our_domain.com is out Exchange 2016 Edge server.

    Has anyone seen something like that before?

    We had issue with delays previously, but it was due to below parametrs that were set not correctly:

    MaxInboundConnectionPerSource
    MaxInboundConnectionPercentagePerSource

    I changed these, but still was getting compains about message delays, after investigating found that «450 4.4.316 Connection refused; MSG=Socket error code 10061».

    Anyone knows what could it be? Appreciate any help.

    Pawel

Answers

  • Hi All,

    Case solved :) Opened a case at MS for O365, they told me however that case is mostly related to my on-premise environment (which being honet I knew but I was somehow counting for their help/pointers), although the support engineer told me he is almost certain
    it is IP ranges that are causing the problem, as they are not allowed to communicate to our on premise infrastructure.

    Aaaaaand seems he was right :) he send me that article:

    https://support.office.com/en-us/article/Office-365-URLs-and-IP-address-ranges-8548a211-3fe7-47cb-abb1-355ea5aa88a2?ui=en-US&rs=en-US&ad=US#BKMK_EXO

    Instead of allowing only specific IPs we allowed all the traffic on 25 port form outside, after that change even doing tests and sending thousands of messages — haven’t seen the error any more.

    Thank you all for your help in that thread!

    Kindest regards,

    Pawel

    • Edited by

      Monday, August 1, 2016 10:36 AM
      forgotten to tell thank you :)

    • Marked as answer by
      Pawel Jarosz aka Zaicnupagadi
      Monday, August 1, 2016 10:36 AM

Источник

When using their emails, users may have experienced “runtime error 10061“. This error is primarily the fault of the destination computer, which refuses the connection with the clients PC. This means that the error arises when the user tries to connect to a currently inactive service on a foreign host which is not running server software. Though this may seem complicated, the actual reasons for this are simple enough and the resolutions are therefore not too complex. Read on for steps on how to tackle this problem.

What Causes Error 10061

The errors which may arise from this can be displayed as follows:

The connection to the server has failed. Account: ‘your_e-mail account’, Server:’your_SMTP_server’, Protocol:SMTP, Port: 25, Secure(SSL): NO,Socket error: 10061, Error Number: 0x800ccc0e

This is when you attempt to send an email to an SMTP server. Another error is:

The connection to the server has failed. Account: ‘your_e-mail_account’,Server:’your_POP3_server’, Protocol:POP3, Port: 110, Secure(SSL): NO, Socket error: 10061, Error Number: 0x800ccc0e

This time this is from a POP 3 server. Both of these are email examples, however the error may display itself alternatively, such as

WSAECONNREFUSED (10061)

All of these mean the same thing, the connection is refused by a foreign host. To see steps to resolve this, read below.

How To Fix Runtime Error 10061

Step 1 – Test To See if Your Internet is Working

The main cause of this error is when the user’s own internet connection is not working. The easiest way to solve this would be to test their internet connection. To do this:

  1. Open up your internet browser
  2. Go to a search engine, such as Google, and type a random word that you know shows results

If it was not possible to complete the 2nd step, your Internet is probably not working. This will result in the error 10061 appearing. This is easily rectified, you can either ring your ISP and ask them to identify the problem, or you can try to figure out why your internet is not connected. Either way, once you have established what is wrong and have fixed it, retry these steps again. If it still produces an error, please carry on to the next step.

Step 2 – Ensure your firewall is not blocking the Winsock connection

Winsock is basically the way Windows defines how the Windows software should connect to the network, in particular TCP/IP. It is the link between an internet protocol, such as FTP, and Windows software. As you could imagine, if this were to be blocked by anything, Windows software would not to connect to the internet. One program that could be blocking this could be a firewall. Although unlikely, firewalls are designed to prevent unauthorised access and therefore could see Winsock as a potential threat. To unblock Winsock, follow these steps:

  1. Locate your firewall in the navigation bar (next to the clock)
  2. Right click and look for an “Exception List” or similar

In the exception list, if Winsock is not already displayed, make sure you add it. This means the firewall will not block it from accessing the Internet. Of course, all firewall software is different so if in doubt contact your software manufacturer. When you have completed this step, proceed to step 1 again and validate the process. If this has not fixed it, please continue to step 3.

Step 3 – Clean Out Viruses

Download this antivirus program

Viruses are a huge cause of the 10061 error because of the way which these rogue pieces of software infect your PC and corrupt all sorts of settings. One of the biggest problems is that they often block access to the Internet, which can cause the 10061 error. To fix this problem, it’s advisable that you clean out your PC with a reliable antivirus program, such as our recommended “XoftSpy“.

Step 4 – Clean Out The Registry

Download this registry cleaner

Another big cause of Runtime errors is down to the “registry” of your system. The registry is a large database which stores files and settings that your PC requires to run, and is what Windows uses every day to help it recall such information as your desktop wallpaper and even your latest emails. Unfortunately, the registry is also one of the biggest causes of problems for your computer, as it’s constantly becoming corrupted and leading your computer to run with many errors as a result. To fix this problem, it’s advisable you use a registry cleaner to scan through the part of your PC and repair any of the damaged settings that are inside it. You can use our recommended registry cleaner below:

Источник

This is a repro of a customer reported issue where they were having issues sending email from Office 365 to on-premises Exchange servers.  Apparently this had been working previously with no issues, then mailflow started to have problems.  Some email was flowing from Office 365, but some was delayed or not delivered at all.

There were no issues sending email from the on-premises Exchange servers to Office 365.  The issue was the mail flow from cloud to on-premises.

In order to look at the mail queues on-premises, we can use the Get-Queue cmdlet or the Queue Viewer.  Queue Viewer can be found under the Exchange toolbox, which is built into the Exchange 2010 MMC and as a separate Start Menu item in Exchange 2013/2016.

Reviewing Office 365 Message Queues

Reviewing the Queues in Office 365 is also straightforward.  In the below example note that the focus is on the Mail Flow, and then message trace.  There are pre-canned queries to search emails from the last 24 or 48 hours.  This can also be customised to suit the specific requirement.  This was sufficient to troubleshoot this issue.  For more complex situations please review Andrew’s excellent EOP blog, specifically the Parsing an extended message trace post.

Office 365 Message Trace

After entering the relevant time slot, and expected recipient the trace was executed.  Multiple messages were then seen in the queue.

Taking one message as example, we can see that the message delivery to on-premises failed and that a specific error code  of 4.4.316 was reported.  We can see this by clicking to expand the entry using the arrow on the left hand side of the Message Events table.

Office 365 Message Trace Details

If we drill into the Message Events table, and expand the Defer event entry we can see the below details:

Office 365 Message Trace Details - Focus On Message Events

The reported error was:

Reason: [{LED=450 4.4.316 Connection refused};{MSG=Socket error code 10061};{FQDN=smtp.tailspintoys.ca};{IP=13.92.177.139};{LRT=3/16/2017 4:59:18 PM}]. OutboundProxyTargetIP: 13.92.177.139. OutboundProxyTargetHostName: smtp.tailspintoys.ca

IP 13.92.177.139 corresponds to the on-premises Exchange infrastructure.

IP 104.47.34.97  is the Office 365 IP address which is attempting to send the email to on-premises.

Reviewing the reported error LED=450 4.4.316 Connection refused};{MSG=Socket error code 10061, indicates that Office 365 was unable to connect to on-premises Exchange so let’s verify that configuration.

Reviewing On-Premises Infrastructure

As always, start with the simple things.  The IP address of 13.92.177.139 is correct and does point to the on-premises Exchange servers.  This was validated using nslookup.   We can see the name which was used by Office 365 in the Message Event details — smtp.tailspintoys.ca.  This resolves to the external IP of the on-premises environment.  Since email is encrypted between Office 365 and on-premises Exchange we also need to verify the certificate used by the encrypted SMTP connection to ensure that it is valid.

Reviewing the certificate bound to the SMTP service we can see that the name on the certificate is also correct – mail.tailspintoys.ca.  Also we ensure that the certificate is within the validity period, has a private key and chains correctly to the issuing CA.  We can check the chaining on the Certification Path tab.  Some CA vendors have their own tools to assist with this validation process.  Check with the CA vendor which issued your certificate.

On-Premises Exchnage SMTP Certificate

Also the certificate was not changed recently.  Changing or updating the certificate which is used requires that the Exchange Hybrid Wizard is executed to update the new certificate thumbprint in Office 365.

What is logged in the Exchange Receive Connector logs?  We need to review this to ensure that the Office 365 traffic is being processed by the correct receive connector.  It is recommended that you enable the SMTP send and receive logging on all Exchange servers so that log data is available to troubleshoot an issue.  Else you then need to enable the logging and wait for the issue to re-occur.  The logs will be located under the Exchange installation folder, which is slightly different between Exchange 2010 and 2013/2016.

Exchange 2010

C:Program FilesMicrosoftExchange ServerV14TransportRolesLogsProtocolLogSmtpReceive

Exchange 2013/2016

C:Program FilesMicrosoftExchange ServerV15TransportRolesLogsFrontEndProtocolLogSmtpReceive

C:Program FilesMicrosoftExchange ServerV15TransportRolesLogsMailboxProtocolLogSmtpReceive

We can take the sending IP address from the Message Events and then search for it in the SmtpReceive log.  In the example the IP we wish to search for is 104.47.34.97.  The IP is shown below so you can see where it was obtained.

Reviewing Message Events to Obtain Sending IP Address

There were no connections from this IP address on any of the Exchange logs.  This means that the traffic was not getting to Exchange.

Now that we have done our due diligence and validation, time to speak to the firewall administrators.

Office 365 IP and URL Restrictions

Microsoft documents the IP addresses and URLs which are required to access the various components of Office 365.  The addresses and IPs are often modified, and you can subscribe to the RSS feed to be notified of changes.

Note: Microsoft is developing a REST-based web service for the IP address and FQDN entries on this page. This new service will help you configure and update network perimeter devices such as firewalls and proxy servers. You can download the list of endpoints, the current version of the list, or specific changes. This service will eventually replace the XML document, RSS feed, and the IP address and FQDN entries on this page. To try out this new service, go to Web service.

Office 365 IP Address and URLs

The firewall admins were asked to review the drop log on their devices to review the connections from the Office 365 IPs identified above.  And lo!  The firewall was indeed blocking these connections.

In this case the customer did not update the firewall correctly when they made a recent change to their external firewall ACLs.  For some reason they removed some of the EOP IP objects from the ACL.  As a result only some of the EOP servers were allowed to communicate with the on-premises SMTP endpoint.

Once the firewall objects had been corrected, all email was then delivered without further issue.

Cheers,

Rhoderick

Источник

Понравилась статья? Поделить с друзьями:
  • Mail okko tv код ошибки 1
  • Mail from error 501
  • Mail feedback ошибка xiaomi
  • Mail error 554
  • Mail error 451