July 25, 2008 12:41pm pdt

1. Sembee 82,150
2. kieran_b 79,762
3. Chris-Dent 41,250
4. Richard_... 32,553
5. tigermatt 31,593
6. war1 30,075
7. peakpeak 28,985
8. mass2612 26,150
9. Network... 21,650
10. LegendZM 21,540
11. mattee76 19,800
12. grblades 18,240
13. cshepfam 18,050
14. fgrushev... 16,350
15. darkstar3d 15,900

1. Sembee 355,027
2. kieran_b 79,762
3. war1 54,736
4. Chris-Dent 53,312
5. tigermatt 48,993
6. darkstar3d 45,525
7. mass2612 39,150
8. grblades 35,250
9. peakpeak 34,385
10. Richard_... 32,553
11. ATIG 32,075
12. rid 31,920
13. TechSoEasy 29,410
14. LeeDerby... 28,752
15. rakeshmig... 26,123

10.10.2007 at 08:22AM PDT, ID: 22884322

	[x] Attachment Details

[x]

The Solution Rating System

With so many solutions, how can you tell which solutions are most likely to help you and which ones are not? To provide you with a tool to use, we rate our solutions based on various elements that most accurately determine if a solution is a quality solution. To explain what factors affect the solution rating, here are the elements we take into consideration when formulating our solution rating.

The Grade of the Solution
The Zone Rank of the Expert Providing the Solution
The Number of Author and Expert Comments
The Number of Experts Contributing
The Feedback of the Community

Your Input Matters
Because of the way the system is set up, the most important variable in this equation is you. As a member of Experts Exchange, you are able to cast your vote on the quality of the solutions in regard to how complete, accurate, helpful and easy to understand each solution is. When you provide your feedback, each rating is adjusted accordingly. So, if you see a solution that has a poor rating that you think is a good solution, let us know by rating it. As you do, the rating will be adjusted and will become more accurate for other members of our site.

If you have any suggestions that you would like to make for our rating system, please ask a question in the Suggestions Zone of Community Support.

Thank you!

7.4

A configuration error in the e-mail system caused the message to bounce between two servers or to be forwarded between two recipients.

Zones: Simple Mail Transfer Protocol (SMTP), Exchange Email Server

Tags: between, two, error, bounce, caused

Hey guys,

I need some help with this, cause I've been trawling everything from end to end, and I just ... don't ... get it !

A short summary of our environment:

We have an internal Exchange server, which is Exchange 2003. That has an SMTP connector to our Exchange server on the DMZ, which in turn sends mail to the internet. The one on the DMZ I'm told is an Exchange 2000, and it might have been upgraded from version 5.5.

What happens is basically that I receive an NDR containing this:
----------------------------------------------------------------------------------------------------
Your message did not reach some or all of the intended recipients.

Subject:      Subject
Sent:      10-10-2007 07:49

The following recipient(s) could not be reached:

Username on 10-10-2007 17:02
A configuration error in the e-mail system caused the message to bounce between two servers or to be forwarded between two recipients. Contact your administrator.
<fqdn of dmz exchange server #4.4.6>

----------------------------------------------------------------------------------------------------

The following eventlog shows up in the Application eventlog on the internal server

Event Type:      Error
Event Source:      MSExchangeTransport
Event Category:      SMTP Protocol
Event ID:      7010
Date:            10-10-2007
Time:            16:54:41
User:            N/A
Computer:      InternalExchServer
Description:
This is an SMTP protocol log for virtual server ID 1, connection #70. The client at "192.168.100.10" sent a "xexch50" command, and the SMTP server responded with "504 Need to authenticate first ". The full command sent was "xexch50 984 2". This will probably cause the connection to fail.

For more information, click http://www.microsoft.com/contentredirect.asp.

192.168.100.10 is the server in the DMZ.

----------------------------------------------------------------------------------------------------

What I've seen in the SMTP log file

10-10-2007 10:19:25 195.242.120.221 192.168.100.10 EHLO #NAME? 250
10-10-2007 10:19:25 195.242.120.221 192.168.100.10 MAIL +FROM:<zsh-users-return-11978-bbh=ADDRESS-REMOVED> 250
10-10-2007 10:19:25 195.242.120.221 192.168.100.10 RCPT +TO:<VALID USER @ OUR DOMAIN> 250
10-10-2007 10:19:25 195.242.120.221 192.168.100.10 DATA +<tkrat.a5fb7653e65efa90@EXTERNAL DOMAIN 1> 250
10-10-2007 10:19:25 195.242.120.221 192.168.100.10 QUIT FQDN.EXTERNAL.MAILSCANNER 240
10-10-2007 10:19:25 192.168.100.29 - - 220+INTERNAL.FQDN.INTERNAL.EXCHANGE.SERVER+Microsoft+ESMTP+MAIL+Service,+Version:+6.0.3790.1830+ready+at++Wed,+10+Oct+2007+12:19:25++0200+ 0
10-10-2007 10:19:25 192.168.100.29 - EHLO FQDN.DMZ.EXCHANGE.SERVER 0
10-10-2007 10:19:25 192.168.100.29 - - 250-INTERNAL.FQDN.INTERNAL.EXCHANGE.SERVER+Hello+[192.168.100.10] 0
10-10-2007 10:19:25 192.168.100.29 - MAIL FROM:<>+SIZE=5593 0
10-10-2007 10:19:25 192.168.100.29 - - 250+2.1.0+<>....Sender+OK 0
10-10-2007 10:19:25 192.168.100.29 - RCPT TO:<MY E-MAIL ADDRESS> 0
10-10-2007 10:19:25 192.168.100.29 - - 250+2.1.5+MY E-MAIL ADDRESS+ 0
10-10-2007 10:19:25 192.168.100.29 - XEXCH50 1008+2 0
10-10-2007 10:19:25 192.168.100.29 - - 504+Need+to+authenticate+first 0
10-10-2007 10:19:25 192.168.100.29 - BDAT 5593+LAST 0
10-10-2007 10:19:25 192.168.100.29 - - 250+2.6.0++<fTvOSQeSO000004c4@FQDN.DMZ.EXCHANGE.SERVER>+Queued+mail+for+delivery 0
10-10-2007 10:19:25 192.168.100.29 - QUIT - 0
10-10-2007 10:19:25 192.168.100.29 - - 221+2.0.0+INTERNAL.FQDN.INTERNAL.EXCHANGE.SERVER+Service+closing+transmission+channel 0
10-10-2007 10:19:25 130.225.247.86 - - 220+a.mx.EXTERNAL.DOMAIN.2+ESMTP 0
10-10-2007 10:19:25 130.225.247.86 - EHLO FQDN.DMZ.EXCHANGE.SERVER 0
10-10-2007 10:19:25 130.225.247.86 - - 250-a.mx.EXTERNAL.DOMAIN.2 0
10-10-2007 10:19:25 130.225.247.86 - MAIL FROM:<> 0
10-10-2007 10:19:25 130.225.247.86 - - 250+ok 0
10-10-2007 10:19:25 130.225.247.86 - RCPT TO:<zsh-users-return-11978-bbh=ADDRESS-REMOVED@EXTERNAL.DOMAIN.2> 0
10-10-2007 10:19:25 130.225.247.86 - - 250+ok 0
10-10-2007 10:19:25 130.225.247.86 - DATA - 0
10-10-2007 10:19:25 130.225.247.86 - - 354+go+ahead 0
10-10-2007 10:19:30 130.225.247.86 - - 250+ok+1192011672+qp+63457 0
10-10-2007 10:19:30 130.225.247.86 - QUIT - 0
10-10-2007 10:19:30 130.225.247.86 - - 221+a.mx.EXTERNAL.DOMAIN.2

I of course anonymized the log entries.

Now, as far as I know, my users don't receive the mails that generate this NDR.

It doesn't happen to all. But it happens to some.

I found out that the smtp virtual server had a non-existing hostname for sending mails to, when it had unresolved recipients. Removed that, tried resending the mail from the gateway of our external spamcompany. Didn't make a difference. Still received the NDR.

The FQDN of our dmz exchange/smtp server was also wrong I found out. I changed that to a valid one. Didn't make a difference.

Other than that, I can't find anything wrong. I read that the XEXCH50 error was completely normal. So that should be good. And I could live with that, if our users received the mails that generate the NDR's ;)

Please, do anyone have any input at all on this subject ? I'm on my knees here ;o)

Start your free trial to view this solution

Question Stats

Zone: Networking

Question Asked By: JacobSaaby

Solution Provided By: EE_AutoDeleter

Participating Experts: 1

Solution Grade: A

Translate:

Loading Advertisement...

20080236-EE-VQP-29 / EE_QW_1_20070628