I got bit in the rear again by the Back Pressure feature in Exchange 2010 this week. I want to set something up to alert me in the future when this happens again.
Background
Some people had been reporting delays receiving emails from people outside the organization for the past couple of weeks, but it was transient enough to not throw up any concrete red flags. Yesterday, finally, we had a solid outage where no external emails were coming in, and upon troubleshooting I found that Back Pressure was in force on our Edge Transport server. The problem was RAM overutilization, and a quick reboot solved the problem. After going back through the Event Logs, however, I realized that the Edge server had been slipping in and out of Back Pressure repeatedly over the past couple of weeks, thus the intermittent delays people were seeing with receiving email from the outside.
What I've tried
Whenever Exchange detects an overutilization condition (e.g., not enough free RAM or disk space), it logs Event ID 15004 in the Application event log. In the Event Viewer, I used the built-in "Attach Task To This Event..." feature to set up a Scheduled Task with the Action "Send an email..." that would email me whenever this event was logged (initially BackPressure only blocks external emails but allows internal emails to keep flowing). However, the "Send an email..." action requires you to specify an SMTP server. The problem is that our Edge server is not domain-joined and is out on the perimeter of our network, so I couldn't use our internal domain-joined SMTP server. I also had no success using the Edge server's own SMTP server ("localhost") as I couldn't figure out how to authenticate to it (where do you even configure it and what username/password would you use?). I was, however, able to use Gmail's SMTP relay to send the notification messages, but the Catch-22 is that once BackPressure is applied, all emails from the outside are blocked, so the notification messages relayed via Gmail are also blocked as being from the outside and I never see them.
I have a couple of things in place to help, but neither is foolproof. The first is a daily test email that gets sent to me every day at 8 AM...if I don't see it I know there's a problem, but instead of just a once-a-day test I want to know as soon as the Edge server starts having problems. I also have Nagios monitoring a few metrics on the Edge server, but it can't cover all the scenarios that Exchange uses to trigger a BackPressure situation.
Being notified whenever Event ID 15004 is logged on the Edge server is the Holy Grail, now I just need to figure out a way to make that happen reliably.
Is there a way to set up BackPressure email notifications from a non-domain-joined perimeter Edge server?
0 Answers