Exchange error 421.4.4.2, unable to connect, Attempted to failover… Fixed!

Print Friendly, PDF & Email

Users complain that they can’t send email. You dig through your exchange queues and logs, and you stumble across this:
451 4.4.0 primary target IP address responded with “421.4.4.2 unable to connect.” Attempted failover to alternate host, but that did not succeed. Either there are no alternate hosts, or delivery failed to all alternate hosts.

The root cause of this is that something, be it a hardware or software firewall, or antivirus product, something is blocking outbound traffic on port 25.

You ready for me to read your mind? In our particular case, and in at least 3 other cases I have confirmed with other IT persons, we had installed antivirus software from McAfee on our Exchange server. McAfee has a feature which watches for Mass Mailing worms – this is great on your desktop! But not so great on your Exchange server, as all of your SMTP outbound mail needs to leave on port 25. McAfee’s software does this by watching for outbound traffic on Port 25. Although I don’t know what the exact threshold is, eventually it decides there is too much traffic, assumes your computer may be infected, closes the port on your computer (in this case, our Server), and mail stops flowing. Here is my solution for the McAfee software:

All you need to do to fix this is open up McAfee from the System Tray, then find the Access Protection Properties, they look like the menu pictured above. Then choose Antivirus Standard Protection on the left, and uncheck Prevent Mass Mailing Worms from sending mail on the right. I would uncheck both the BLOCK and REPORT options, otherwise you can expect some pretty large log files.

I first encountered this and posted a solution on TechNet in October, but thought it was worth revisiting as it was a heck of a process to narrow down! At least one user there has confirmed it to be the solution for them.