?
Solved

Sporadic Duplicate Internal Emails

Posted on 2007-12-06
8
Medium Priority
?
1,040 Views
Last Modified: 2008-02-01
Using SBS 2003, Exchange 2003 SP2, Trend Micro Client/Server/Messaging Security 3.6.  There is no pattern for when it occurs, but users occassionally receive a duplicate email from another internal recipient.  If it occurs with external recipients, noone has reported it.  Message Tracking is enabled on the Exchange Server.  The last time it occurred, there appears to be two messages with different message id's sent to the same user from another user at the same time (though the message tracking center does not reveal the subject line).  The sender only had one instance of the message in their sent items folder.  Neither user has any rules that would cause a duplicate.

I have not seen this problem with other setups running the same software/versions, and the problem occurs infrequently, so I am hesitant to disable antivirus on Exchange.  I am getting enough of a complaint, though, that I need to try to find a resolution.  Any thoughts are greatly appreciated!
0
Comment
Question by:jwhetstone
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2
8 Comments
 
LVL 104

Expert Comment

by:Sembee
ID: 20422343
You can get message tracking to show the subject - you need to change the settings on the Properties of the server in ESM, Servers.

AV software is the usual cause of this. Make sure that any file level AV is not scanning the Exchange directories.

Simon.
0
 
LVL 2

Author Comment

by:jwhetstone
ID: 20430140
Thanks for the tip on enabling the subject display.

Double-checked the AV settings in Trend; all Exchange folders are excluded from the file-level AV, however, there was a scheduled scan on the IS scheduled monthly on Sundays.  Though I don't think it has anything to do with the problem, I have disabled the scheduled scan.  For good measure, I have also added .edb, .stm, .log, and .chk file types to the AV exclusion list.

It seems the problem has been narrowed to emails originating from one user.  This particular user does daily maintenance on Sent Items, so I question whether there was only a single instance of the duplicate email that occurred yesterday in the Sent Items folder.  I have requested that they retain all messages in Sent Items until we an resolve the problem.  They may be using cached exchange, so I am also going to exclude .ost file types from the desktop AV group.
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 20433703
Are you using the POP3 Connector?  If so, this is a normal behavior.  

What happens is that the POP3 host will create a separate message for each person in the cc field without fully modifying the headers.  Then, Exchange downloads these messages and re-reads the headers to make it's own copies of messages for each cc.  Details are here:
http://support.microsoft.com/kb/264249

There's no real way to avoid this unless you have the sender use a distribution list address such as group@yourcompany.com.  You would then have to create the Distribution Group in your Server Management Console.

Alternatively, why not switch to SMTP mail?  The POP3 connector is really designed to just be a transition tool to allow you time to switch to SMTP email anyhow.  You can read more about how to do that here:  http://sbsurl.com/pop2smtp

Jeff
TechSoEasy
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 
LVL 2

Author Comment

by:jwhetstone
ID: 20459295
No, the POP3 connector is not in use.  

An odd thing occurred with this same server yesterday- due to previous Windows updates, the server was restarted.  They are using an external company for spam filtering, so I changed the SMTP server connection settings to only allow connections from that company's IP range.  After restarting the SMTP service, users reported receiving various read receipts and undeliverables as old as two months.  They had never previously received these messages.  Reviewing the message tracking center indicated these messages were processed on this day, but the headers of the messages revealed the date they were actually sent (up to two months prior).  

At this point, I am questioning the integrity of the queues, the SmallBusiness SMTP connector, or possibly the Exchange antivirus component of Trend Micro C/S/M Security 3.6.

I am going to delete and recreate the SMTP connector.  Is there a way to rebuild the queues?
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 20461476
Rebuilding the queues?  Are they not empty?

To delete and recreate the SBS SMTP Connector you just delete it and then rerun the Configure Email and Internet Connection Wizard (CEICW -- which is linked as Connect to the Internet in the Server Management Console > Internet and Email).

If they are using an external SPAM filtering service, then make sure that TrendMicro's SPAM or Content filter isn't enabled.  But does this service also provide AV?  If so, and if you've restricted receiving from only their servers, you don't need to be running AV on your Exchange server at all.  So you can effectively remove the Trend Micro Messaging Security Agent from your server.

Also check to make sure that the users don't have any special settings in Outlook for specific users that might send email in a different format which may cause the message to be sent via both Exchange (locally) and via SMTP through the external SPAM service and back again.

You can use EXInsight to watch for this.  The trial version is good for 15 days... www.exinsight.com

Jeff
TechSoEasy
0
 
LVL 104

Accepted Solution

by:
Sembee earned 1000 total points
ID: 20466605
Old messages generating NDRs is quite common. See this blog posting:

http://theessentialexchange.com/blogs/michael/archive/2007/11/16/exchange-2003-sp2-and-greylisting.aspx

Simon.
0
 
LVL 2

Author Comment

by:jwhetstone
ID: 20468641
Thanks for the link, Simon- I think that is exactly what happened in this instance with the influx of undeliverables.

Thank you for your suggestions, too, Jeff.  I am hesitant to totally remove the Messaging Security agent; the spam filtering service does provide AV for incoming emails, but does nothing for outgoing or other items introduced into the information store from other sources, so I would prefer to maintain the internal layer of protection.

I've got to wonder if the what the two issues are interconnected.  I will apply the hotfix and monitor.  We can consider this one closed for now.

Thanks again for all the input.
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 20468897
Unless you configure Trend Micro's settings from the defaults, it's not scanning outgoing or other items introduced into the information store.  But the basic OfficeScan IS protecting you from those things by virtue of scanning every file accessed on any machine that has TrendMicro installed.

Jeff
TechSoEasy
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A list of top three free exchange EDB viewers that helps the user to extract a mailbox from an unmounted .edb file and get a clear preview of all emails & other items with just a single click on mailboxes.
In this article I discuss my selections of the Top Four free Outlook OST File Viewers available. Open, view and read even damaged OST files by using these tools. They all provide a clear preview of all data such as emails, notes, tasks, calendars, e…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
Suggested Courses
Course of the Month11 days, 14 hours left to enroll

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question