After an upgrade to Exchange Server 2013 Service Pack 1 you may discover that external email flow has stopped working.

If your inbound email is via a smart host you may notice queuing of mail on that server, or when testing inbound external using the Microsoft Remove Connectivity Analyzer the test may fail.

exchange-2013-sp1-front-end-transport-01In the Application event log of the Exchange server the following event may be logged.

Log Name: Application
Source: MSExchangeFrontEndTransport
Date: 26/02/2014 4:18:38 PM
Event ID: 7012
Task Category: Components
Level: Warning
Keywords: Classic
User: N/A
The service state for frontend transport is inconsistent. Current state – Inactive. Expected state – Active.

To resolve the issue, restart the Microsoft Exchange Frontend Transport service.


After the service has restarted you should find the following event log entry.

Log Name: Application
Source: MSExchangeFrontEndTransport
Date: 26/02/2014 4:19:40 PM
Event ID: 7009
Task Category: Components
Level: Information
Keywords: Classic
User: N/A
Retrieved the service state. Host service – FrontendTransport, Service state data – Active.

In addition, the Remote Connectivity Analyzer Inbound SMTP test should now be successful, and the test emails should arrive in the inbox of the email address you use for testing.


About the Author

Paul Cunningham

Paul is a former Microsoft MVP for Office Apps and Services. He works as a consultant, writer, and trainer specializing in Office 365 and Exchange Server. Paul no longer writes for


  1. James

    Thank you!!!!

    Just spent all day patching my servers due to the out-of-band emergency security update MS just published only to get that sinking feeling after patching my Edge server when incoming email from the Internet stopped working.

    Happened to see the error in the event log which led me to this article!

  2. Mohd Izhar


    I have single exchange 2013 with CAS and MBX in same box and Edge server 2013. External emails are working fine but inbound emails are getting stuck in edge server with the error -“451 4.4.0 DNS query failed. The error was: SMTPSEND.DNS.NonExistentDomain nonexistent domain”

    Need help.

  3. Bamkele

    Hi Paul

    I am experiencing the issue of port 25 not opening. I setup a new Exchange server 2013 SP1 and we want to decommission the other one see log below. This log comes up when I restart the FrontEnd service.

    Process MSExchangeFrontendTransport.exe (PID=19780). Object [CN=Exchange Routing Group (DWBGZMFD01QNBJR),CN=Routing Groups,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=”NAME OF OUR COMPANYs,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=corp,DC=”OUR DOMAIN”,DC=com]. Property [RoutingMasterDN] is set to value [“THE SERVER THAT WE WANT TO DECOMMISSION”
    DEL:34490536-775c-49d5-9741-6bccfb45dc55], it is pointing to the Deleted Objects container in Active Directory. This property should be fixed as soon as possible.

  4. welani

    Removing all receive connectors and recreating the with original setting could help? Because the moment I create the one with port 25, the Front end service fails.

  5. welani

    How can I safely change to another port. If I change to say 26, and on the router too, there are no NDRS and the mail doesn’t come too. Something internet related seems to be using port 25 making it unavailable for smtp.

    1. Avatar photo
      Paul Cunningham

      Trying to use port 26 for SMTP isn’t going to work. Every other server on the internet uses port 25 for SMTP.

  6. Welani

    I have a problem receiving external emails and discovered that the Frontend Transport service fails. In the events I get an errors “Failed to start listening (Error:10048).Binding:” “The address is already in use. Binding:” then “Inbound direct trust authentication failed for certificate %1. The source IP address of the server that tried to authenticate to Microsoft Exchange is [%2]. Make sure EdgeSync is running properly.”

    My situation is that I migrated from exchange 2010 to 2013 and everything has been working fine until some 4 days ago when I noted that my ISP server is bouncing back emails coming to my exchange 2013 with message “The system : host (mypublicaddress) said 550.5.7.1 Unable to relay for myemailaddress(in reply to RCPT TO command)

    Have tried to uninstall all roles from the legacy 2010 but nothing is working for me. I am able to sendreceive internal mail, but can only send out and not receive.

    Please assist.

  7. ravi

    i have multi role exchange servers 2013. total 4 servers and they all are in cluster.
    here is what i planned for SP1 installation.

    1) install SP1 on one server at a time and reboot the server make sure server can be functional after reboot.

    currently i am on build 775.38.

    Anything else to consider?

  8. Naresh

    Thanks for the resolution. Why does this fail BTW? What causes it to go in to inconsistent state? Is there a root cause that triggers that condition?

  9. Mahesh

    below test passed:

    Test Steps
    Attempting to retrieve DNS MX records for domain ‘’.
    One or more MX records were successfully retrieved from DNS.
    Additional Details
    MX Records Host, Preference 10
    Elapsed Time: 72 ms.

    Test Steps
    Attempting to resolve the host name in DNS.
    The host name resolved successfully.
    Additional Details
    IP addresses returned:

    Below tests failed:

    Testing inbound SMTP mail flow for domain ‘’.
    The Microsoft Connectivity Analyzer failed to test inbound SMTP mail flow.
    Additional Details
    Elapsed Time: 21321 ms.

    Testing Mail Exchanger
    One or more SMTP tests failed for this Mail Exchanger.
    Additional Details
    Elapsed Time: 21249 ms.

    Testing TCP port 25 on host to ensure it’s listening and open.
    The specified port is either blocked, not listening, or not producing the expected response.
    Tell me more about this issue and how to resolve it
    Additional Details

    A network error occurred while communicating with the remote host.
    Elapsed Time: 21047 ms.


    i have a exchange 2010 setup in our lab and registered DNS on
    I could able to send a mail externally , but receive is not happening from external.

    my understanding is we need to do NAT in firewall i.e. is map a private IP to public ip in firewall and port 25 to be opened.

    This setup is for our testing purpose (not for company) i don’t have firewall and public ip.Is there a way i can achieve or could able to receive mails from externally, if so could you please inform me how to achieve the same.

    i am stuck here!!!


    1. Avatar photo
      Paul Cunningham is a private IP address that is not reachable from the internet. You need to put your public IP address in DNS instead.

  10. Sven-Erik Lie

    We had the same problem. Solution for us :

    Make sure that DNS ip is set on the new FrontendTransportService (In our case the ip is the same as on TransporService)

    Get-TransportService InternalDNSServers (DNS Server IP)

    Get-FrontendTransportService InternalDNSServers (DNS Server IP)

  11. Dave R

    You saved my life! I had a custom relay receive connector and as soon as I disabled it the Transport Service started…. Vodka Time!!

  12. Jan Aarts

    Thanks for the headsup !!

  13. Walden Gajo

    Thanks for the info. This would have been a mind-boggling event specially if the install is through the command prompt :-).

  14. Mihail Stacanov

    Did you restart server right after upgrade?

    I believe there is clearly stated that it’s necessary to restart server after upgrade.

    1. Avatar photo
      Paul Cunningham

      Command line setup for the SP1 upgrade does not prompt for a restart.

      1. Mihail Stacanov

        Ahh, for sure 🙂

Leave a Reply