I recently ran into an issue where the Microsoft Exchange FrontEnd Transport service refused to stay started. As a result, no external mail was being delivered to the Exchange server.
From the Services app, I could start the service, but it would stop within a couple of seconds.
When reviewing the Application logs in the Event Viewer I ran into a few separate errors with a source of MSExchangeFrontEndTransport. The first error was merely a symptom of a broken Front End Transport and not the root cause. We ignored this one and moved on.
Inbound direct trust authentication failed for certificate %1. The source IP address of the server that tried to authenticate to Microsoft Exchange is [%2]. Make sure EdgeSync is running properly.
The second error gave us the clue we needed. This error indicated something else was already listening to port 25.
The address is already in use. Binding: 0.0.0.0:25.
Finding the port 25 conflict
To determine the conflicting service open command prompt as an administrator and run the following command.
Netstat -ano | findstr :25
Netstat shows all ports open to our server, what address has the port open, and the process ID (or “PID”) of the service or process that is using the port. We then pipe the output of Netstat into FindStr (“Find String”) which looks for any instances of “:25” and returns it. In our case, Netstat returned the following.
TCP 10.0.0.1:25 10.0.0.2:389 ESTABLISHED 2645
The important value here is the last. 2645 is the process ID of the service or process that is holding port 25 open. We can discover what this process is by running the following from a command prompt.
Tasklist /fi "PID eq 2645" Image Name PID Session Name ========================= ======= =============== Simple Mail Transport Protocol 2645 Services
In this command, the tasklist returns all processes running on the server and then filters that output for the process ID equal to 2645. From this output, we can see the Simple Mail Transport Protocol (SMTP) has taken over port 25.
Note: Alternatively, you can open Task Manager and go to the Details tab. From the Details tab, you can then sort by the PID column and match the PID (returned by Netstat) to a process or service.
Getting the FrontEnd Transport to start
Now that we have identified the root cause of the service not starting we can remediate. In our particular case, the Simple Mail Transport Protocol should not have been installed on an Exchange 2016 server.
Simple Mail Transport Protocol is a Windows Server feature that can be installed to provide a basic SMTP service for Windows. It ties into Internet Information Services (IIS). Microsoft Exchange does not use this service.
Our first step was to uninstall this unnecessary feature. To do this we launched the Server Manager. From the Server Manager window, we clicked Manage in the top right and selected Remove Roles and Features.
This launches the Remove Roles and Features Wizard. On the Server Selection page, select the server you are managing and click Next.
Bypass the Server Roles page by clicking Next.
On the Features, page deselect the SMTP Server and click Next.
On the Confirmation page confirm that only the Simple Mail Transport Service (SMTP) is being removed and click the Remove button. The service will now be removed. Once complete click the Close button.
At this point, I would recommend restarting your Exchange server to get a clean startup of your Exchange services. Once restarted, the Microsoft Exchange FrontEnd Transport service should be started (and remain started).
Have you seen this issue before? What did you do to fix it? Drop a comment below or join the conversation on Twitter @SuperTekBoy