dercoss
asked on
Undeliverable Mail Messages..
I am running Exchange Server as part of Small Business Server 2003 and have started getting email messages saying...
"Your message did not reach some or all of the intended recipients.
Subject: hi Lesley.
Sent: 05/11/2006 03:06
The following recipient(s) could not be reached:
iamjustsendingthisleter@MY
A configuration error in the e-mail system caused the message to bounce between two servers or to be forwarded between two recipients. Contact your administrator"
(where MY_DOMAIN.COM is my actual domain name used...)
I assume this is some sort of spam related issue because all the addresses are using my domain name and just replacing the first part of the email address each time. I am getting about 7 or 8 a day now. Is there anything that might be causing this that I can resolve?
I am using Avast Antivirus on the server and client pc's..
dc
"Your message did not reach some or all of the intended recipients.
Subject: hi Lesley.
Sent: 05/11/2006 03:06
The following recipient(s) could not be reached:
iamjustsendingthisleter@MY
A configuration error in the e-mail system caused the message to bounce between two servers or to be forwarded between two recipients. Contact your administrator"
(where MY_DOMAIN.COM is my actual domain name used...)
I assume this is some sort of spam related issue because all the addresses are using my domain name and just replacing the first part of the email address each time. I am getting about 7 or 8 a day now. Is there anything that might be causing this that I can resolve?
I am using Avast Antivirus on the server and client pc's..
dc
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I've had a dig about and I've found that the emails are all related to 4 virtual SMTP servers that I can see when I got to SERVERS -QUEUES. Should these virtual servers be here at all? They are nothing to do with my server..
dc
dc
some time it may be a Reverse NDR attack. check your NDR rules if any.
and do you have spam filter on your exchange? http://www.microsoft.com/technet/prodtechnol/exchange/downloads/2003/imf/default.mspx
pk
and do you have spam filter on your exchange? http://www.microsoft.com/technet/prodtechnol/exchange/downloads/2003/imf/default.mspx
pk
ASKER
I don't have any NDR rules that I know of. Where would I check for them? I don't have any 3rd party spam filer running either. I have Avast Antivirus fro SBS 2003 installed but I don't think that has a spam filter on it..
dc
dc
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I've worked though the Microsoft suggestions above and so far I haven't had the problem happen reappear. I'll get back tomorrow with an update..
dc
dc
ASKER
Ignore the "happen" between "problem" and "reappear"... oops..
dc
dc
ASKER
Hmm. The problem is still there.
I have worked through some of the above and it appears that when I run Telnet as suggested I get the following
250 2.1.5 user@spam.com
This apparently means my exchange server is an open smtp relay.
I have worked through the steps to stop this but it seems to make no difference. In fact, the settings are just as the article describes them.
What could I be doing wrong here??
dc
I have worked through some of the above and it appears that when I run Telnet as suggested I get the following
250 2.1.5 user@spam.com
This apparently means my exchange server is an open smtp relay.
I have worked through the steps to stop this but it seems to make no difference. In fact, the settings are just as the article describes them.
What could I be doing wrong here??
dc
ASKER
Also, under the PROTOCOLS - SMTP - DEFAULT SMTP SERVER - PROPERTIES - ACCESS, there is an entry for the the internal IP addrress of the server (192.168.0.6) and also one for 127.0.0.1. Is this correct?
dc
dc
you should close relay if it's not relevent for your issue..
at my exchange server i have selected only the list below and the list is empty, and selected allow all computers which sussesfully ath....
pk
at my exchange server i have selected only the list below and the list is empty, and selected allow all computers which sussesfully ath....
pk
ASKER
That's the kb I worked through but I must be doing something wrong because the SMTP Open Relay is apparently still there...
dc
dc
why do you add 127.0.0.1 ? and what happend when you remove 127.0.0.1
pk
pk
ASKER
I don't remember adding it. I have taken in out to see what happens.. I'll be back..
dc
dc
ASKER
I've now found that some of the emails leaving my network get "stuck" on the Exchange Server. If I go into the Queue I can see some emails on various SmallBusiness SMTP Connectors. If I right click and select "force connection" and then refresh it seems the emails are then sent.
I am getting more confused by the day here...
dc
I am getting more confused by the day here...
dc
ASKER
And now my email seems to have dried up completely...
dc
dc
ASKER
I seem to have solved the problem by deleting the existing SMTP connector and running the CEICW again. I think the DNS servers were originally part of the problem. Apparently they should have been changed to new ones according to my ISP. I think my fiddling around just made the problem worse..
I'll see how it goes over the next day..
dc
I'll see how it goes over the next day..
dc
ASKER
A day later and all still seems ok..
dc
dc
ASKER
dc