We help IT Professionals succeed at work.

Check out our new AWS podcast with Certified Expert, Phil Phillips! Listen to "How to Execute a Seamless AWS Migration" on EE or on your favorite podcast platform. Listen Now

x

MSX 2003: All outgoing emails are bouncing immediately back to the administrator account.

mkorten
mkorten asked
on
Medium Priority
2,340 Views
Last Modified: 2008-02-20
Hi people,

All outgoing emails are bouncing immediately back to the administrator account.

Environment:  2003 DC with Exchange 2003,  doing NAT over DSL router. Two nic´s
Second 2003 Server for DFS and AD replication even DC.
One 2000 terminal server.
One 2003 member server for testing purpose.
Only one error in event log while starting up the server: ID 3019 while trying to reconnect a share on Linux samba.

DNS forwarding is ok. Receiving emails works fine. (POPBeamer collecting and forwarding to MSX)
Sending emails to outside accounts over telnet using the SMTP connector on the test server works fine.

ONLY sending emails over the SMTP on the exchange server bounces all the mails back to the administrator account. Sending emails within outlook to external addresses won’t work.

I tried both: the virtual SMTP server and the connector, for each test I did a fresh restart.

Any Help is appreciated

Max
Comment
Watch Question

Commented:
Good info there but we really need the NDR to know why it's bouncing.  :)

OneHump

Author

Commented:
There are no NDR send.

Every Email from any internal Email-account is immediately send to the “admin”. The sender does not get any information.
The header and the additional information from the received email is empty.
For example:
On the dc:
telenet 10.34.63.2 25 (the virtual SMTP, or the connector is bound to any IP, I tried both)
Helo
Mail from:user@xxx.de
ok
Rcpt to:extern@t-online.de
ok
data:
test
.
Quit
After that the email is delivered only to the admin@xxx.de

max

Author

Commented:
hi again

where could I find the non delivered ndr report ?

found something similar
https://www.experts-exchange.com/Networking/Email_Groupware/Exchange_Server/Q_20825961.html


max

Author

Commented:
"SMTP fixup protocol was turned on" I found an answer of kidego,
how do i check this "fixup protocol" ??

Author

Commented:
Testing  around I figured out following:

NDR is generated for non existent INTENAL email addresses
The domain is responsible for email to @xxx.de the default one, and the domain name “x2k3.intranet”
Mails to both addresses work fine, even with NDR.

NDRs from external SMTPs are not received because no mail still leave the domain….

Author

Commented:
#8220 and #8221 should be a Quotation mark (sorry for that I am sending from Germany maby wrong codepage)

Author

Commented:
I have Outlook 2003 (Office) installed ON the Exchange Server.....

Is there a maybe problem with an installed outlook 2003 ON the exchange server ?
I remember something with outlook and exchange 5.5 on the same engine

Author

Commented:
ok Folks,
I am getting totally confused.
In the mean time I installed a new exchange 2003 on the standby server (the one for testing purpose), this one is no DC. Before I installed the exchange I tested over telnet the smtp service, which worked fine. On this Server also was an office 11 installed before. After complete installation I added a second SMTP connector which is responsible only for the new bridgehead to relay too the smarthost smtprelay.t-online.de. (I tested the relay via telnet, to be sure that it is accepting mails on port 25)

BUT the dammed thing delivered every outgoing external email in the same second into the inbox of admin….

HELP please

Commented:
I'm completely lost here, sorry.  :)

Lets start over.  When you send an email to someone on the Internet, does it bounce?  If so, please post the NDR.  If not, what is happening?  Does this also happen when sending between Exchange recipients?

OneHump

Author

Commented:
yes it does, without an NDR, it looks for the sender total normal. the email drops immediately to the admin account.
Between Exhange recipients its working fine, as I wrote above...

In the meantime i played arround with the NDRs and right now it is that an positiv "NDR" "the mail ist delivered to mk1@gmx.tm" is generated, but the email still drops in the admin box....

Max

(what is youre lokal time ?)

Commented:
My time is PST.

An NDR would return an error.  Are you saying that all email sent to the Internet is simply delivered into your postmaster mailbox as is?

OneHump

Author

Commented:
yes so it is! NO ERROR at all.
I found one error with the time service, the engine cant get any time from any timeserver.... dcdiag told me....

(i am in germany, here it is 17:40, I am in about 35 min, back on the maschine with this problem...)

max

Commented:
I lived in Germany for 3 years.  Great country.  Good people, excellent food, beautiful land.

Do you have any 3rd party software installed?  I'm having a hard time understanding why email addressed to one person would be delivered to another.  Can you please send a test message to dagiaramita@yahoo.com?

Thanks,

OneHump

Author

Commented:
Thank You...

ok I am back at my customer...

NO 3rd party software installed on the Testserver. Them Mainengine has only "POPBeamer" installed, to catch all pop account and forward them to MX:25.

From within the exchange I cant mail to outside, but ill try over smtp via telnet.

max

Author

Commented:
something happend,,

the outgoing mail stuck in OUTGOING....

hmmmm

Commented:
I got two messages from you.  Did those messages go into the admin mailbox?

What changed to cause messages to queue in "outgoing"?

OneHump

Author

Commented:
I have no idea

both messages are not send
 sorry the one i did with telnet maby...

ok YOU got one but the one I send to my one account mk1@gmx.tm did not reach me...

Author

Commented:
I removed the "CONNECTOR"
right now i only have smtp vs with is fowarding to smtprealy.t-online.de
but this i had in past before.... and did not work

Commented:
I'm lost again and am not sure I'm equipped to assist you with this.  Let's do this.  Post a new question so others can see it and participate.  I'll stay out of it.  :)

You can ask to have this question deleted by posting in the Community Support Forum.

Sorry, but I'm not able to follow you on this problem.  :)

Best of luck.

OneHump

Author

Commented:
Thank you so far...

do you know how to reach "Kidego" maybe he can help....

Max

Commented:
Yes, I'll pull him into this thread.

OneHump
David WilhoitSenior Consultant, Exchange

Commented:
Hey guys! Ok, are you forwarding to a smart host at this point on the SMTP VS? IF so, take it off the SMTP VS, you only want to do this on the SMTP connector....

D

Author

Commented:
Thank you for joining us, hopefully we (you) will fix this damed mess I made up

You mean "take only the entry in smarthost field out", Not deleting the hole smtp vs? right?
if so, i did already.

In the beginnig I had only ONE Exchange and I tried first with the SMTP VS, No Connector, afterwards I tested with the Connector.
And I just made sure that I only have a Connector, and no entrys in Smarthostfield of SMTP VS.

Still every outgoing Mail is dropped in admin mailbox.

(I am sorry but I have to go to bed for al little while, over here in germany it is three clock in the MORNING...)

Max
(thx to OneHump for calling you)
David WilhoitSenior Consultant, Exchange

Commented:
we'll talk tomorrow then :)
Sounds like you need to turn on message tracking, then send a couple of messages and see why they end up in that mailbox.....
BembiCEO
CERTIFIED EXPERT

Commented:
Oh, let open a german community here :-))) Greetings from Bochum to all Germans

Try to collect a few questions:
> Is there a maybe problem with an installed outlook 2003 ON the exchange server ?
More with outlook as with Exchange. Seen problems with Outlook 2002 on Exchange 2003, but not OL2003 on EX2003. Nevertheless, Microsoft do not recommend it.

What I missed here in all the comments is, you setup the smarthost to mailrelay@t-offline.de (:-)) As I know, you have to authenticate with the T-Online mail relay? Within SMTP VS, you have a button "outgoing security", there you can add a userid and password for authentication. I you use the connector, you have a tab "Enhanced" (Erweitert) and a button Outgoing Security (Ausgehende Sicherheit) with the same settings. And as I have read a while ago, you also have to register to use the T-Online relay to use it.

What you can try is to enable the SMTP Logs (SMTP VS, first tab) to see, what is happening to the connection. The log files logs every SMTP command, which is going out. If the T-Online server rejects the connecting during the connection attempt, it may be, that the mails will stay for this reason in the outgoing queue, until the rentention time is over. After that, the mail is sent back to the sender. This may be the reason, why you get not NDR. If you look into the properties of the mail in the queue, there is also a line at the bottom, which may give you a hint, what happened, like host unreachable or something else.

Also message tracking, as Kidego said, may give a hint. (Properties of the server, tab "General" (Allgemein))



Author

Commented:
Hi Bembi, good morning from Solingen..


Should I uninstall the office 2003 ? would it harm the server ?. (it was so easy to manage the public folders)

Using the smtprelay.t-online.de with telnet was ok. When you connect over the provider t-online you are automatically authenticated, but of course you have to register and to pay for using the mail relay.

Do you know if there is a tool to read the smtp logs a little bit easier.

I just connected to the server and I start testing, when I got the logs I’ll be back and post them…

Max

CEO
CERTIFIED EXPERT
Commented:
Unlock this solution and get a sample of our free trial.
(No credit card required)
UNLOCK SOLUTION

Author

Commented:
Good morning,...

after reading logs and testing, I found the answer of that dammed problem, so far THANKS for the advice to read the trackinglogs.
So ok, what happened: I figured out that I reinstalled the smtp service AFTER the exchange installation, caused by misunderstanding an article from MS how to reinstall smtp. (NEVER DO IT ON AN EXCHANGE)
Reinstalling the hole EX2k3 did not help. So I backed up the 1270 mailboxes. Remove the complete EX2k3, reinstall the NNTP WWW and SMTP Services and last I installed the EX2k3.

Right now everything is working fine, I added a second exchange for replication.

At last I like to know:

What SPAM and Virus tools you advice for the E2K3, at the moment I use XWALL from www.dataenter.at, quiet ok but a little bit to expansive.

Max

Commented:
Very nice work.  
David WilhoitSenior Consultant, Exchange

Commented:
For future reference, when playing with SMTP or any toher service in IIS w/Exchange installed, always reinstall Exchange and reapply the service pack. Uninstallation of Exchange is not necessary in most cases.

D

Author

Commented:
OK ill never forgett..... it was a hard week...
also I had the ability to learn a lot here....
THANKS for support.


But my last question about some good selflearning spamtools for E2K3, do you know some good stuff ?

Max

Author

Commented:
: Kidego
please do a comment here
Q_20953016.html
I´d like to close this threat.

thx
MAX
David WilhoitSenior Consultant, Exchange

Commented:
The spam tool I really like, though I must say most people prefer content filters, is ORF Enterprise Edition. IT does RBL, keyword searching, attachment blocking, RDNS, AD sync, IP and sender whitelist/blacklists, and if you buy it, you can get the new Beta that has the above mentioned features and a much improved log viewer to see which messages have been accepted, blocked, and ignored.  It works on the SMTP VS, so Exchange 200x or Windows 200x SMTP is fine. All for $99 per server. It's not the full answer, but I think it's a great first step. Content filters will give you a VERY high % of false positives, if you don't know the tricks. Investigate those closely. GFI and Clearswift are both decent products, although they tend to be processor hogs. I wouldn't run these directly on Exchange, and as a matter of fact, I know Clearswift MUST have a FE server.

E2K3 has RBL features, have you not tried those yet?

D

Author

Commented:
I did not know,
how do i use them....

M
David WilhoitSenior Consultant, Exchange

Commented:
http://www.msexchange.org/tutorials/Blacklist_Support_Exchange_2003.html

Spamcop and Spamhaus are my favorite zones, but it will be different for every organization. It just depends on what kind of spam you're receiving. "Tweaking" is always a good thing :)

D

Author

Commented:
looks good, but, yes it is true, we have some German spammers, how do I get rid of them, most of the lists are working fine for: penis enlargement, but not for: Schwanzverlängerung
At the moment we got about 2000-2500 GERMAN spam mails in 24 hours.

:)Bembi do you have an idea  


Max
David WilhoitSenior Consultant, Exchange

Commented:
Go into the internet email header of some of the messages, find the IP address of the sending server, and look it up here:

www.openrbl.org

See what DNS blocklists the IP address shows up on. It could be you require different RBL zones to catch your type of spam, just watch what you block, make sure you don't use a zone that's too aggressive. SORBS can be way too aggressive at times, I limit the usage of that zone in my environment.

D
BembiCEO
CERTIFIED EXPERT

Commented:
You may also try GFI Mail Essentials and GFI Mail Security
http://www.gfi.com
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a sample view!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.