Small Business server 2003 - Exchange error

Server Loops?  Do you have more than one server, if so how many?

Numeric Code: 4.4.6

Possible Cause: The max hop count was exceeded for the message. This code may also occur if a loop situation exists between a sending server and a receiving server that are not in the same organization. In this scenario, the message bounces back and forth until the hop count is exceeded.

http://support.microsoft.com/default.aspx?scid=kb;en-us;284204

You can try incrementing the hop count to see if this helps:
The maximum hop count property is set per virtual server, and you can manually override the default setting of 15.

Set the Message Hop Count
1. Click Start, point to Programs, point to Microsoft Exchange, and then click System Manager.  
2. If administrative groups are enabled, expand the administrative group in which the server that you want to use is located.
3. In the console tree, click Server, expand your server, and double-click Protocols.
4. Double-click SMTP, right-click the SMTP Virtual Server that you want to work with, and then click Properties.
5. On the Delivery tab, click Advanced.
6. In the Advanced Delivery dialog box, type a new value in the Maximum hop count box. Valid values are between 10 and 256.
7. Click OK, and then click OK again.

This is an odd message for a Small Business Server because you don't have the full functionality of AD and Exchange for building large organizations.  My assumption is that either you have multiple Virtual Servers on the box and are using one to forward to another for a triggered message stamp or something like that, or the Virtual Server has a smarthost entry.  The best method for delivering your mail outbound is to use an SMTP connector.  If you're using DNS for delivery but are using the virtual server to inform Exchange of that, replace that method with the SMTP connector as outlined below but just keep the DNS entries and ignore the smarthost entries.

First, retreive the info from your virtual server:
In the Exchange System Manager, click the + next to your ServerName, the + next to Protocols, and the + next to SMTP
Right click the virtual server --> Properties
Delivery Tab --> Advanced button
Note and copy the entry for Smart host.

Next
In the Exchange System Manager, right click the top of the tree in the left-hand pane --> Properties.
Check Display administrative groups.
Then, click the + next to Administrative Groups, the + next to your Groupname, the + next to Routing Groups, the + next to your RoutingGroupName, the + next to connectors.

Right click connectors --> New --> SMTP connector
In the General Tab, select the radio button for "Forward all mail through this connector to the following smart hosts"
Paste the smarthost entry.
Clcik Add, and add your server to the Local bridgeheads
Check the rest of the tabs to determine if you want to change any entries; the defaults work just fine.  Your Connected Routing Groups tab should remain empty.

Go back to the virtual server and remove the smarthost entry.
In services, stop and start Simple Mail Transport Protocol; don't worry about it taking a while to stop . . . it takes a little bit of time.

Check your email.

It appears that most of the emails that are showing up in the event viewer are either to invalid internal addresses, or some form of spam.  I was wondering if the server had been compromised?  Its behind a netgear fvs318 firewall - which, having a Cisco background, I dont have much confidence in.

In that case, go here to clean up the server: http://www.amset.info/exchange/spam-cleanup.asp

Ok, this is happening at a couple of my clients now, and at my office.  I dont want to have an open relay server, but if I switch to "only the list below" e-mails to me start bouncing.  How can I fix this?

What do you have in there now?

"all except the list below"

And the list below is empty, right.

yes

I jmust want to verify that the site has one SBS running Exchange sitting behind a netgear, so it receives its email directly from the web?

That particular site has 1 server.  Its an sbs server, and its behind a netgear firewall.  I'm at my office right now, it has 3 servers, 1 exchange 2003, also behind a netgear firewall.  Same prob at both locations I suspect.

Are the Exchange servers connected in any fashion?
Do they both receive mail directly from the web?

Sorry.  Its two different organizations.  There is no relationship between the two, other than that I do work at both locations.

Switch back to "Only the list below" and leave it empty.
Click on the authentication tab and ensure that anonymous is selected.
Stop SMTP and start SMTP.
Then test your mail.

I'm pretty sure thats the configuration I had.  I'll try it again....

Can you bounce the netgear too?

It failed again.  Sent from my gmail acct.


_____________________________________________________________________________
Technical details of permanent failure:
PERM_FAILURE: SMTP Error (state 10): 550 5.7.1 Unable to relay for dan@xxx.com

  ----- Original message -----

Received: by 10.38.89.40 with SMTP id m40mr1081331rnb;
       Fri, 27 May 2005 23:32:35 -0700 (PDT)
Received: by 10.38.181.35 with HTTP; Fri, 27 May 2005 23:32:35 -0700 (PDT)
Message-ID: <8defa9b9050527233273c49140@mail.gmail.com>
Date: Sat, 28 May 2005 01:32:35 -0500
From: Daniel Kuhlman <dkuhlman@gmail.com>
Reply-To: Daniel Kuhlman <dkuhlman@gmail.com>
To: dan@xxx.com
Subject: Test 1:32am

Bounced the netgear, sent another email from gmail, it bounced again.

I've already read that article, but I dont see how it applies to me.  What specifically should I be looking for?  Is this a firewall issue?

It seems to me that your server is only accepting relay connections.
Your firewal isn't acting as an SMTP server, so I wouldn't think it's a firewall issue.  I don't know if the netgear has an SMTP type of fixup like a pix, but you might want to check.

On the virtual server, check the Access Tab, Connection button to ensure it's set to All except the list below and ensure the list is empty.
On the authentication button, ensure that Resolve anonymous email is NOT selected.

I'll check a couple of things. . . .

Thats how its setup.  I ran the "exchange server best practices tool" and followed the recomendation.  It said to do pretty much what your saying.  But I can't get it to work....  I await your response.

In your Global Settings, right-click Message Delivery --> Properties --> Connection Filtering Tab
Check the list and the Exception, Accept, and Deny buttons for restrictions.

They are all blank.

Enable message tracking and see what's stopping the messages.  If you have the filter--I can't think of the name of it right now--(message filtering?)--it might be responsible for the errors.

I just recently installed the Intelligent message filter, but it was doing the exact same thing before.  I dont think the filter has anything to do with it.  I dont have the filter installed at the other client, and messages bounce there if its not open.

Did you enable message tracking?

How do I enable message tracking?

In the Exchange System Manager, right click the server --> Properties -->General Tab
Click Enable Message Tracking
OK

Then, to check messages, in the system manager, go to Tools --> Message Tracking Center
Complete the dialog boxes to find the specific mail.

Ok, I got it working with "Only the list below".  I had to add the servers IP address to the allow list.   I also added 127.0.0.1 for good measure.

Is the configuration I mentioned above ok to have?

Yes.  I assume the checkbox for "Allow all computers which successfully authenticate. . . . " was unchecked.
Are you receiving any more NDRs?

Allow all computer which successfully authenticate was checked.  No more NDRs