• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 986
  • Last Modified:

Exchange Server IMS, event ID 4031

We recently got a whole bunch of event log error ID 4031, source: MSExchangeIMS, SMTP Interface Events, saying that something like the target server reported error 550, unrecognized user, or relay denied, or recipient not exist, any idea?

What is common situation that this error will come up?

We do not allow relay, only to our specified domain. Platform: Exchange 5.5 with sp4 on WIndows 2000 AS, sp2.

Thanks in advance

Robert100

0
robert100
Asked:
robert100
  • 3
  • 2
1 Solution
 
bluezoo7Commented:
Its possible an unauthorized client (i.e., spammer) is attempting (and failing) to send mail from your server.

You can test this yourself by setting up a client outside your network and not part of your domain and then trying to send mail using your mailserver.

Do you get the error consistently? Did you get a batch of them and then they stopped? Could you leave a copy of the exact error? Is the target server your mail server?

0
 
robert100Author Commented:
Thanks.

I got these errors constantly since last week. One of the error messages is as follows:

The following message could not be delivered to <SizeDoesMatter@msn.com>. The destination server reported: 550 5.2.1 SizeDoesMatter@msn.com... Mailbox disabled, not accepting messages From: <> Subject: Undeliverable: GOT A SMALL OR AVERAGE PENIS? DO YOU WANT A MASSIVE PENIS!

This is another one:

The following message could not be delivered to <ibbuinytromte@hotmail.com>. The destination server reported: 550 Requested action not taken:user account inactive From: <> Subject: Undeliverable: Record Low MORTGAGE rates! *Act Fast*                       11060


I agree that it maybe someone tried to use our mail server to relay messages. Any other idea?

Robert100
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
slink9Commented:
The original question says that you do not allow relay.  What have you done to not allow this?
Have you looked at http://support.microsoft.com/default.aspx?scid=kb;en-us;Q193922 or http://support.microsoft.com/default.aspx?scid=kb;en-us;Q257538
0
 
bluezoo7Commented:
I'm with Slink9. I'm suspicious that your mail server is indeed acting as a mail relay.

The error message you posted indicate that someone is sending mail to Internet-based mail servers (hotmail, msn).

MSN and HotMail are rejecting the mail either as a relay or because the recipient's mailbox is overlimit or inactive. The recipient's mail server sends it back to the originating mail server (evidentally yours).

See how the "From" field is blank in the error from MSN? This is a classic spammer technique.

Use Slink's links to verify your relay settings are correct.
0
 
slink9Commented:
Why did you accept an answer that agreed with me and directed you to use the links I posted to verify it?
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell┬« is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now