Solved

MSX 2003: All outgoing emails are bouncing immediately back to the administrator account.

Posted on 2004-04-11
38
2,182 Views
Last Modified: 2008-02-20
Hi people,

All outgoing emails are bouncing immediately back to the administrator account.

Environment:  2003 DC with Exchange 2003,  doing NAT over DSL router. Two nic´s
Second 2003 Server for DFS and AD replication even DC.
One 2000 terminal server.
One 2003 member server for testing purpose.
Only one error in event log while starting up the server: ID 3019 while trying to reconnect a share on Linux samba.

DNS forwarding is ok. Receiving emails works fine. (POPBeamer collecting and forwarding to MSX)
Sending emails to outside accounts over telnet using the SMTP connector on the test server works fine.

ONLY sending emails over the SMTP on the exchange server bounces all the mails back to the administrator account. Sending emails within outlook to external addresses won’t work.

I tried both: the virtual SMTP server and the connector, for each test I did a fresh restart.

Any Help is appreciated

Max
0
Comment
Question by:mkorten
  • 21
  • 8
  • 6
  • +1
38 Comments
 
LVL 10

Expert Comment

by:OneHump
ID: 10803136
Good info there but we really need the NDR to know why it's bouncing.  :)

OneHump
0
 

Author Comment

by:mkorten
ID: 10804211
There are no NDR send.

Every Email from any internal Email-account is immediately send to the “admin”. The sender does not get any information.
The header and the additional information from the received email is empty.
For example:
On the dc:
telenet 10.34.63.2 25 (the virtual SMTP, or the connector is bound to any IP, I tried both)
Helo
Mail from:user@xxx.de
ok
Rcpt to:extern@t-online.de
ok
data:
test
.
Quit
After that the email is delivered only to the admin@xxx.de

max
0
 

Author Comment

by:mkorten
ID: 10804247
hi again

where could I find the non delivered ndr report ?

found something similar
http://www.experts-exchange.com/Networking/Email_Groupware/Exchange_Server/Q_20825961.html


max

0
 

Author Comment

by:mkorten
ID: 10804437
"SMTP fixup protocol was turned on" I found an answer of kidego,
how do i check this "fixup protocol" ??
0
 

Author Comment

by:mkorten
ID: 10805304
Testing  around I figured out following:

NDR is generated for non existent INTENAL email addresses
The domain is responsible for email to @xxx.de the default one, and the domain name “x2k3.intranet”
Mails to both addresses work fine, even with NDR.

NDRs from external SMTPs are not received because no mail still leave the domain….

0
 

Author Comment

by:mkorten
ID: 10805325
#8220 and #8221 should be a Quotation mark (sorry for that I am sending from Germany maby wrong codepage)
0
 

Author Comment

by:mkorten
ID: 10805930
I have Outlook 2003 (Office) installed ON the Exchange Server.....

Is there a maybe problem with an installed outlook 2003 ON the exchange server ?
I remember something with outlook and exchange 5.5 on the same engine

0
 

Author Comment

by:mkorten
ID: 10809712
ok Folks,
I am getting totally confused.
In the mean time I installed a new exchange 2003 on the standby server (the one for testing purpose), this one is no DC. Before I installed the exchange I tested over telnet the smtp service, which worked fine. On this Server also was an office 11 installed before. After complete installation I added a second SMTP connector which is responsible only for the new bridgehead to relay too the smarthost smtprelay.t-online.de. (I tested the relay via telnet, to be sure that it is accepting mails on port 25)

BUT the dammed thing delivered every outgoing external email in the same second into the inbox of admin….

HELP please
0
 
LVL 10

Expert Comment

by:OneHump
ID: 10814199
I'm completely lost here, sorry.  :)

Lets start over.  When you send an email to someone on the Internet, does it bounce?  If so, please post the NDR.  If not, what is happening?  Does this also happen when sending between Exchange recipients?

OneHump
0
 

Author Comment

by:mkorten
ID: 10814302
yes it does, without an NDR, it looks for the sender total normal. the email drops immediately to the admin account.
Between Exhange recipients its working fine, as I wrote above...

In the meantime i played arround with the NDRs and right now it is that an positiv "NDR" "the mail ist delivered to mk1@gmx.tm" is generated, but the email still drops in the admin box....

Max

(what is youre lokal time ?)
0
 
LVL 10

Expert Comment

by:OneHump
ID: 10814349
My time is PST.

An NDR would return an error.  Are you saying that all email sent to the Internet is simply delivered into your postmaster mailbox as is?

OneHump
0
 

Author Comment

by:mkorten
ID: 10814430
yes so it is! NO ERROR at all.
I found one error with the time service, the engine cant get any time from any timeserver.... dcdiag told me....

(i am in germany, here it is 17:40, I am in about 35 min, back on the maschine with this problem...)

max
0
 
LVL 10

Expert Comment

by:OneHump
ID: 10815014
I lived in Germany for 3 years.  Great country.  Good people, excellent food, beautiful land.

Do you have any 3rd party software installed?  I'm having a hard time understanding why email addressed to one person would be delivered to another.  Can you please send a test message to dagiaramita@yahoo.com?

Thanks,

OneHump
0
 

Author Comment

by:mkorten
ID: 10815114
Thank You...

ok I am back at my customer...

NO 3rd party software installed on the Testserver. Them Mainengine has only "POPBeamer" installed, to catch all pop account and forward them to MX:25.

From within the exchange I cant mail to outside, but ill try over smtp via telnet.

max
0
 

Author Comment

by:mkorten
ID: 10815441
something happend,,

the outgoing mail stuck in OUTGOING....

hmmmm
0
 
LVL 10

Expert Comment

by:OneHump
ID: 10815459
I got two messages from you.  Did those messages go into the admin mailbox?

What changed to cause messages to queue in "outgoing"?

OneHump
0
 

Author Comment

by:mkorten
ID: 10815498
I have no idea

both messages are not send
 sorry the one i did with telnet maby...

ok YOU got one but the one I send to my one account mk1@gmx.tm did not reach me...
0
 

Author Comment

by:mkorten
ID: 10815523
I removed the "CONNECTOR"
right now i only have smtp vs with is fowarding to smtprealy.t-online.de
but this i had in past before.... and did not work
0
 
LVL 10

Expert Comment

by:OneHump
ID: 10815538
I'm lost again and am not sure I'm equipped to assist you with this.  Let's do this.  Post a new question so others can see it and participate.  I'll stay out of it.  :)

You can ask to have this question deleted by posting in the Community Support Forum.

Sorry, but I'm not able to follow you on this problem.  :)

Best of luck.

OneHump
0
Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

 

Author Comment

by:mkorten
ID: 10815562
Thank you so far...

do you know how to reach "Kidego" maybe he can help....

Max
0
 
LVL 10

Expert Comment

by:OneHump
ID: 10816881
Yes, I'll pull him into this thread.

OneHump
0
 
LVL 24

Expert Comment

by:David Wilhoit
ID: 10819148
Hey guys! Ok, are you forwarding to a smart host at this point on the SMTP VS? IF so, take it off the SMTP VS, you only want to do this on the SMTP connector....

D

0
 

Author Comment

by:mkorten
ID: 10819214
Thank you for joining us, hopefully we (you) will fix this damed mess I made up

You mean "take only the entry in smarthost field out", Not deleting the hole smtp vs? right?
if so, i did already.

In the beginnig I had only ONE Exchange and I tried first with the SMTP VS, No Connector, afterwards I tested with the Connector.
And I just made sure that I only have a Connector, and no entrys in Smarthostfield of SMTP VS.

Still every outgoing Mail is dropped in admin mailbox.

(I am sorry but I have to go to bed for al little while, over here in germany it is three clock in the MORNING...)

Max
(thx to OneHump for calling you)
0
 
LVL 24

Expert Comment

by:David Wilhoit
ID: 10819263
we'll talk tomorrow then :)
Sounds like you need to turn on message tracking, then send a couple of messages and see why they end up in that mailbox.....
0
 
LVL 35

Expert Comment

by:Bembi
ID: 10828164
Oh, let open a german community here :-))) Greetings from Bochum to all Germans

Try to collect a few questions:
> Is there a maybe problem with an installed outlook 2003 ON the exchange server ?
More with outlook as with Exchange. Seen problems with Outlook 2002 on Exchange 2003, but not OL2003 on EX2003. Nevertheless, Microsoft do not recommend it.

What I missed here in all the comments is, you setup the smarthost to mailrelay@t-offline.de (:-)) As I know, you have to authenticate with the T-Online mail relay? Within SMTP VS, you have a button "outgoing security", there you can add a userid and password for authentication. I you use the connector, you have a tab "Enhanced" (Erweitert) and a button Outgoing Security (Ausgehende Sicherheit) with the same settings. And as I have read a while ago, you also have to register to use the T-Online relay to use it.

What you can try is to enable the SMTP Logs (SMTP VS, first tab) to see, what is happening to the connection. The log files logs every SMTP command, which is going out. If the T-Online server rejects the connecting during the connection attempt, it may be, that the mails will stay for this reason in the outgoing queue, until the rentention time is over. After that, the mail is sent back to the sender. This may be the reason, why you get not NDR. If you look into the properties of the mail in the queue, there is also a line at the bottom, which may give you a hint, what happened, like host unreachable or something else.

Also message tracking, as Kidego said, may give a hint. (Properties of the server, tab "General" (Allgemein))



0
 

Author Comment

by:mkorten
ID: 10828233
Hi Bembi, good morning from Solingen..


Should I uninstall the office 2003 ? would it harm the server ?. (it was so easy to manage the public folders)

Using the smtprelay.t-online.de with telnet was ok. When you connect over the provider t-online you are automatically authenticated, but of course you have to register and to pay for using the mail relay.

Do you know if there is a tool to read the smtp logs a little bit easier.

I just connected to the server and I start testing, when I got the logs I’ll be back and post them…

Max

0
 
LVL 35

Accepted Solution

by:
Bembi earned 500 total points
ID: 10828330
Yes good morning ;-)

If outlook works, do not worry about, there is an issue with MAPI. I have Outlook installed on all my servers, and it works. As the SMTP protocol has nothing to do with MAPI at this point (outgoing queue), this should not be the reason.

I'm sure, there are a few tools, but you can also import them into access for better reading, simply delete the trailing comments beginning with #. If you want, you can create a import definition to get column headers. But the content is nearly the same as you would use telnet, for every command, which is going out, you get a response line, so Hello, Mail From:, RCPT TO: and so on, but if you get something there, just post it.
0
 

Author Comment

by:mkorten
ID: 10839192
Good morning,...

after reading logs and testing, I found the answer of that dammed problem, so far THANKS for the advice to read the trackinglogs.
So ok, what happened: I figured out that I reinstalled the smtp service AFTER the exchange installation, caused by misunderstanding an article from MS how to reinstall smtp. (NEVER DO IT ON AN EXCHANGE)
Reinstalling the hole EX2k3 did not help. So I backed up the 1270 mailboxes. Remove the complete EX2k3, reinstall the NNTP WWW and SMTP Services and last I installed the EX2k3.

Right now everything is working fine, I added a second exchange for replication.

At last I like to know:

What SPAM and Virus tools you advice for the E2K3, at the moment I use XWALL from www.dataenter.at, quiet ok but a little bit to expansive.

Max
0
 
LVL 10

Expert Comment

by:OneHump
ID: 10842943
Very nice work.  
0
 
LVL 24

Expert Comment

by:David Wilhoit
ID: 10843209
For future reference, when playing with SMTP or any toher service in IIS w/Exchange installed, always reinstall Exchange and reapply the service pack. Uninstallation of Exchange is not necessary in most cases.

D
0
 

Author Comment

by:mkorten
ID: 10843315
OK ill never forgett..... it was a hard week...
also I had the ability to learn a lot here....
THANKS for support.


But my last question about some good selflearning spamtools for E2K3, do you know some good stuff ?

Max
0
 

Author Comment

by:mkorten
ID: 10843353
: Kidego
please do a comment here
Q_20953016.html
I´d like to close this threat.

thx
MAX
0
 
LVL 24

Expert Comment

by:David Wilhoit
ID: 10843603
The spam tool I really like, though I must say most people prefer content filters, is ORF Enterprise Edition. IT does RBL, keyword searching, attachment blocking, RDNS, AD sync, IP and sender whitelist/blacklists, and if you buy it, you can get the new Beta that has the above mentioned features and a much improved log viewer to see which messages have been accepted, blocked, and ignored.  It works on the SMTP VS, so Exchange 200x or Windows 200x SMTP is fine. All for $99 per server. It's not the full answer, but I think it's a great first step. Content filters will give you a VERY high % of false positives, if you don't know the tricks. Investigate those closely. GFI and Clearswift are both decent products, although they tend to be processor hogs. I wouldn't run these directly on Exchange, and as a matter of fact, I know Clearswift MUST have a FE server.

E2K3 has RBL features, have you not tried those yet?

D
0
 

Author Comment

by:mkorten
ID: 10843676
I did not know,
how do i use them....

M
0
 
LVL 24

Expert Comment

by:David Wilhoit
ID: 10843918
http://www.msexchange.org/tutorials/Blacklist_Support_Exchange_2003.html

Spamcop and Spamhaus are my favorite zones, but it will be different for every organization. It just depends on what kind of spam you're receiving. "Tweaking" is always a good thing :)

D
0
 

Author Comment

by:mkorten
ID: 10844550
looks good, but, yes it is true, we have some German spammers, how do I get rid of them, most of the lists are working fine for: penis enlargement, but not for: Schwanzverlängerung
At the moment we got about 2000-2500 GERMAN spam mails in 24 hours.

:)Bembi do you have an idea  


Max
0
 
LVL 24

Expert Comment

by:David Wilhoit
ID: 10844868
Go into the internet email header of some of the messages, find the IP address of the sending server, and look it up here:

www.openrbl.org

See what DNS blocklists the IP address shows up on. It could be you require different RBL zones to catch your type of spam, just watch what you block, make sure you don't use a zone that's too aggressive. SORBS can be way too aggressive at times, I limit the usage of that zone in my environment.

D
0
 
LVL 35

Expert Comment

by:Bembi
ID: 10845729
You may also try GFI Mail Essentials and GFI Mail Security
http://www.gfi.com
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Not sure what the best email signature size is? Are you worried about email signature image size? Follow this best practice guide.
Marketers need statistics and metrics like everybody else needs oxygen. In this article we explain how to enable marketing campaign statistics for Microsoft Exchange mail.
In this video we show how to create a Distribution Group in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >>…
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now