Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 3227
  • Last Modified:

Problem with greylisting - Exchange Server 2003

Hi,
I am using MS Exchange Server 2003. Everything works fine, al DNS settings etc. are doublechecked, all ok. The server does not have any performance problems: enough memory, processor resources, etc.

However I do have one problem. The problem is greylisting. Sometimes when we send e-mails to servers that use greylisting, our server doesn't cooperate, meaning that the request for resending the e-mail is ignored. This is not always the case, sometime our server does resend the messages.

Now the really strange thing:
Only when I restart the Exchange server, the users receive undeliverable reports of messages that they have send in the past. All these undeliverable reports are from messages that were sent to servers that use greylisting. So I guess these are the undeliverable greylisted messages that our server didn't resend.

Why doesn't my server resend the graylisted messages?
Why do the senders of these messages only get a undeliverable messages after I restart the server?
0
raptim_ict
Asked:
raptim_ict
  • 7
  • 7
1 Solution
 
MATTHEW_LCommented:
Check in SMTP and see what your delivery timouts / retrys are set to.  This should be under the smtp virtual server under servers then protocols.
0
 
raptim_ictAuthor Commented:
Here they are:
Outbound:
First retry interval (minutes): 10
Second retry interval (minutes): 10
Third retry interval (minutes): 10
Subsequent retry interval (minutes) : 15
Delay notification: 12 hours
Expiration time out: 2 days

Local Delay notification and Expiration time out are the same, resp. 12 hours and 2 days.

Thanks, but unfortunately I cannot see a solution here. Some of the non-deliverable reports go back 19 days!
0
 
MATTHEW_LCommented:
What are the error codes listed on the NDR, should be soft error such as 4xx no 5xx.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
raptim_ictAuthor Commented:
I found three different kinds:

<[my server's name] #4.0.0 smtp;450 <[recipient e-mail adress]>: Recipient address rejected: Greylisted>
<[my server's name] #4.7.1 smtp;450 4.7.1 <[recipient e-mail adress]l>: Recipient address rejected: Greylisted, see http://[url on the recipients doman, explaining what greylisting means]>
<tbg-dc01.RIH.local #4.7.1 smtp;451 4.7.1 Temporarily rejected. Try again later.>
...  
         
0
 
MATTHEW_LCommented:
Do your messages sit in the queue for a period of time before being returned to the user?  You may want to try a test a known greylisting email and watch the queue.
0
 
raptim_ictAuthor Commented:
I have watched it for a while. Ofcourse the problem is that greylisted messages are not always blocked....  Our users send about 200 messages an hour, that's 1600 a day, thats 4800 in three weeks. If 10% of the receiving servers uses graylisting, and 10 % isn't handled properly by my server,  that's 48 messages undelivered, that are the numbers I'm talking about.

All I found in the queue list was entrys like
Internet Mail SMTP Connector ([my server name]) - [recipients domain name](SMTP Connector)
The "number of messages" shows "0".

Unfortunately I cannot look into the past, but are queues flushed when you restart the service? Could that be the clue?
0
 
raptim_ictAuthor Commented:
Did I say 4800? That's 24000!, but  about 50 messages are "lost"
0
 
MATTHEW_LCommented:
If the messages are not in the queues then your server has delivered them.  Use message tracking to find some of the messages that bounced by filtering by sender and date / time.  If the message leaves your organization than your server is handling them fine.  Are you using a smart host or anything like that?
0
 
raptim_ictAuthor Commented:
Ok, this is what I find in message tracking .... and that is why it bothers me so much.
When I look at the messages of which I know they were never delivered, in the message tracking is stated that they are delivered.("Message transfered to [mailserver] through MSTP")

The recepients complain that they never received the messages, it are the same messages for which a NDR is generated, only after I restart the service. Now comes the interesting part....
In message tracking I can see that there was an attempt to resend all the messages for which this NDR was generated... this means :

Some of the greylisted messages are kept aside by my server. When I restart the server, all these messages are resent. But because a greylisted messages should be resent within a certain period, the messages are bounced because of a time-out, a NDR is created. So that's what's happening. Thanks so far for making me understand. ....but .... the solution?

At this moment I am using a smart host. One of our clients IT-staff pointed me to that. All the NDR are from messages  dated before I started using the smart host.
When I was waching my queue a few minutes ago, I looked with the smart host configured, and with the smarthost not configured, just to be sure.

0
 
MATTHEW_LCommented:
With the smart host configured all messages should be immdiatly transfered off of your Exchange server to the smart host, unless the smart host uses grey listing.  So it is true that in message tracking that you see the message was transfered out of exchange.  However, once it got to the smart host it may have had a problem, the smart host may have not dealt with the grey listing properly, etc, and then generated an NDR.
0
 
raptim_ictAuthor Commented:
Ok, so would you agree with my thought that this problem will no longer occur now the smart host is configured? I mean the resending after rebooting?
0
 
MATTHEW_LCommented:
I would agree.  If the smarhost is configured.  All mail will flow to the smart host.  There shouldn't be any problems with mail stuck in the queue.  Once the mail is at the smart host it will delver the mail, deal with the resending, graylisting, etc.  NDR's will either be generated by the smarthost or by the remote server.  Unless the smarthost is down exchange should deliver to the smarthost without problem.
0
 
raptim_ictAuthor Commented:
Thanks for thinking with me and sharing your knowledge!
0
 
MATTHEW_LCommented:
No problem.   Good luck.
0
 
redseatechnologiesCommented:
Out of interest, what anti-spam or anti-virus protection do you have?

I had some shocking issues with Symantec mail security when dealing with greylisted sites - rebooting the server would thrown hundreds of NDRs back to my users RE: greylisting servers.
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

  • 7
  • 7
Tackle projects and never again get stuck behind a technical roadblock.
Join Now