From time to time, you might find that messages get “stuck” in your email security gateway server and don’t get delivered to your Exchange server. This usually happens with new installations or when the system receives a sudden, high load of email.
It can also happen if the Exchange server goes down for a while. Once it’s back up, the spam filtering gateway tries to deliver the accumulated mail in a larger-than-normal spurt.
Possible Cause
Exchange has a built-in message throttling mechanism which can kick in at the most inopportune time. By default, Exchange 2007 (and 2010) will accept up to 5000 connections, of which only 2% can come from the same source. So, 2% of 5000 = 100 simultaneous connections – max.
If the Exchange were receiving mail directly from the Internet, then there would be nil chance of a backlog because the mail comes from a variety of sources. But when you put an anti-spam gateway in front, all mail is funneled through one IP: the gateways. So when the system is under heavy load, Exchange could throttle the gateways attempts to relay a higher amount of clean mail. Its therefore important to increase the connection source to something like 20% to prevent such a situation. One other tip: reduce the load on Exchange and improve its performance by disabling all of its spam filtering capabilities – let your spam filter gateway do the job you bought it for.
This Microsoft KB article talks about managing the throttling issues:
http://technet.microsoft.com/en-us/library/bb232205(EXCHG.80).aspx
These are the relevant settings in Exchange 2007 & 2010:
Set-ReceiveConnector > MaxInboundConnection
This parameter specifies the maximum number of inbound SMTP connections that this Receive connector allows at the same time. The default value is 5000.Set-ReceiveConnector > MaxInboundConnectionPercentagePerSource
This parameter specifies the maximum number of SMTP connections that a Receive connector allows at the same time from a single source messaging server. The value is expressed as the percentage of available remaining connections on a Receive connector. The maximum number of connections that are permitted by the Receive connector is defined by the MaxInboundConnection parameter. The default value of the MaxInboundConnectionPercentagePerSource parameter is 2 percent.Set-ReceiveConnector > MaxInboundConnectionPerSource
This parameter specifies the maximum number of SMTP connections that a Receive connector allows at the same time from a single source messaging server. The default value is 100.
Assuming Exchange has no direct exposure to the Internet on port 25, this means you can safely increase the MaxInboundConnectionPercentagePerSoure to a value higher than 2%.
