Current user receiving "Your message did not reach some or all of the intended recipients" messages for deleted user
Early last week I went through Active Directories and deleted a number of users that have been gone from the organisation for over a year. I then went into System Manager and ran a clean up then purged all old mailboxes.
Now, one of our users is regularly receviing emails addressed to one of the deleted users:"Your message did not reach some or all of the intended recipients" that are addressed to one of the deleted users. The emails all have different sources. Heres an example of one:
Your message did not reach some or all of the intended recipients.
Subject: FW: Spam Summary Digest: 8 Messages
Sent: 28/01/2008 7:11 a.m.
The following recipient(s) could not be reached:
***DeletedUsername*** on 28/01/2008 7:11 a.m.
The e-mail account does not exist at the organization this message was sent to. Check the e-mail address, or contact the recipient directly to find out the correct address.
<mpex01.mcp.inet #5.1.1>
I do understand that its possible that teh current user receiving the emails may have been delegated to receive the mail of the since-deleted user. I was hoping that the weekly server restart this morning would have solved the issue but it seems it hasn't.
How can this be fixed up? All comments greatly appreciated.
Now, one of our users is regularly receviing emails addressed to one of the deleted users:"Your message did not reach some or all of the intended recipients" that are addressed to one of the deleted users. The emails all have different sources. Heres an example of one:
Your message did not reach some or all of the intended recipients.
Subject: FW: Spam Summary Digest: 8 Messages
Sent: 28/01/2008 7:11 a.m.
The following recipient(s) could not be reached:
***DeletedUsername*** on 28/01/2008 7:11 a.m.
The e-mail account does not exist at the organization this message was sent to. Check the e-mail address, or contact the recipient directly to find out the correct address.
<mpex01.mcp.inet #5.1.1>
I do understand that its possible that teh current user receiving the emails may have been delegated to receive the mail of the since-deleted user. I was hoping that the weekly server restart this morning would have solved the issue but it seems it hasn't.
How can this be fixed up? All comments greatly appreciated.
The only way Person B could be 'receiving' Deleted Person A email messages is if the B's mailbox is actually trying to send mail to the Person A. Check Person B mailbox. It could be that they have a rule that fowards mail to Person A who obviously no longer exists. That's where I would look
Also check your Message Queues on the Exchange Server.
Also check your Message Queues on the Exchange Server.
just checking that the person is getting and NDR(non devlivery receipt) not an actual email from the delted user. Correct?
ASKER
maxis:
The name was removed from AD groups a year ago. The origins of the emails include: Spoofed emails pretending to be coming from their own (deleted) email account, our mail filter software and from outside of the domain. I have looked in our email filter software and the user's name is not anywhere to be found, as it pulls all usernames from AD.
za mkh:
I have logged on as current user 'B', they have no rules at all. There seem to be no emails going from current user B..... the "Your message did not reach some or all of the intended recipients" emails have "Deleted User A" in the From Field
The name was removed from AD groups a year ago. The origins of the emails include: Spoofed emails pretending to be coming from their own (deleted) email account, our mail filter software and from outside of the domain. I have looked in our email filter software and the user's name is not anywhere to be found, as it pulls all usernames from AD.
za mkh:
I have logged on as current user 'B', they have no rules at all. There seem to be no emails going from current user B..... the "Your message did not reach some or all of the intended recipients" emails have "Deleted User A" in the From Field
ASKER
Maxis - was previously delegated to received emails on behalf of deleted user prior to deletion.... and looking at current users 'Deleted Items' folder, has been receiving them in the past.
is this exchange? can you recreate the use and go back to the account and remove the send on behal of permissions, or since you said that you can get into that persoons emai account if its out look you should be able to remove those permissions from there.
My only concern is that the SID has changed, it should not affect it but it may.
Worst case is delete the other users email account and create a new one. That should not cause to much of an issue.
My only concern is that the SID has changed, it should not affect it but it may.
Worst case is delete the other users email account and create a new one. That should not cause to much of an issue.
ASKER
I can get into the Current User's email. The deleted user is gone I guess I could try to recreate the current user, but this an absolute last resort.
Although I'm not 100% sure, I'm pretty sure the delegation was created at Exchnge level in AD.
Although I'm not 100% sure, I'm pretty sure the delegation was created at Exchnge level in AD.
i would then go back to the last 2 suggestions i gave you . But more thatn not i would recreate the current users and recreate them. It is fast and almost painless and will take less time than hunting around
ASKER
I don't understand why I should recreate existing users. Its not the existing user thats causing the problem. Its the deleted user and the delegation set in Exchange on the deleted user's properties in AD
ASKER
I recreated the deleted user. No one sitting in the delegation box on AD. I put the current user in and deleted her again, before deleting the entire deleted user again.
I don't see this as making any difference, but will let you know of the outcome tomorrow at the latest (should receive a spam digest at 7am tomorrow morning if it hasn't worked)
I don't see this as making any difference, but will let you know of the outcome tomorrow at the latest (should receive a spam digest at 7am tomorrow morning if it hasn't worked)
well if the current user had send on behalf of and now you cant turn it off i dont know how else to get that to be relased. If it is a rule in error i can recommend you run a utility as long as it is outlook 2003 or 2007.
Another thought i have is that maybe the current user has in the profile that email address.
it can only be a fowarder, a rule or the actual email address that is causing this.
Another thought i have is that maybe the current user has in the profile that email address.
it can only be a fowarder, a rule or the actual email address that is causing this.
ASKER
The current user does't have the deleted user's email address - that was the first thing I looked for. The only email addy in properties is her own one (and the X400 entry)
There is nothing in AD in the current user's properties that links them to the deleted user. The Send on Behalf/Delegation - that existed in the deleted user's properties.
There are no rules in the current user's profile - I have logged in as her to check.
There is nothing in AD in the current user's properties that links them to the deleted user. The Send on Behalf/Delegation - that existed in the deleted user's properties.
There are no rules in the current user's profile - I have logged in as her to check.
My last though on the subject would be that this current users email is being spoofed, which i have run across and the spoofer is sending it the deleted user. If this is the case then the current user would get the NDR.
The way to check this is to block emails from your domain from being sent to your domain. I have this in my organization for just this reason. so that XXX@domain.you is set in teh email filter to not be allowed.
that should solve the problem either way
The way to check this is to block emails from your domain from being sent to your domain. I have this in my organization for just this reason. so that XXX@domain.you is set in teh email filter to not be allowed.
that should solve the problem either way
ASKER
Our email filter picks up the spoofed emails we get about 20 a day - this current user is getting notification still from the email filter of spoofed emails for the deleted user also.
Other than that, the email subjects coming through are valid (location and topic relevant to our organisation or the spam digests that everyone gets daily).
Other than that, the email subjects coming through are valid (location and topic relevant to our organisation or the spam digests that everyone gets daily).
I wish i could solve this but i have exhausted the knowledge tht i have. If you find an answer please update this so we can help others.
Sorry
Sorry
Here's a question. With Maxis's suggestion of creating the User. I think since delegation was involved, the 'deleted' user is not the cause of the problem but the delegation/rules in the mailbox itself.
What are your retention settings for the deleted mailboxes. in our case we set it for 30 days. So if you still have the mailbox on the Exchange Server, enable it again using System Manager, by assigning it to a new user account that you have created since a mailbox always needs an account.
Log into the mailbox and see what settings are there. Hopefully you will see the delegation or maybe even some rule for this!
Hope this helps.
What are your retention settings for the deleted mailboxes. in our case we set it for 30 days. So if you still have the mailbox on the Exchange Server, enable it again using System Manager, by assigning it to a new user account that you have created since a mailbox always needs an account.
Log into the mailbox and see what settings are there. Hopefully you will see the delegation or maybe even some rule for this!
Hope this helps.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
well thanks for the update, glad all is good with your world. and thanks for the confusion.
ASKER
Welcome!
Lesson learnt: Apply delegation & forwarding at one level only - eg:Outlook OR Exchange.
The joys of inheriting a system from someone else.
Lesson learnt: Apply delegation & forwarding at one level only - eg:Outlook OR Exchange.
The joys of inheriting a system from someone else.
Closed, 500 points refunded.
Vee_Mod
Community Support Moderator
Vee_Mod
Community Support Moderator
You may have deleted the account, however, if someone picks that name they can still try to send am email to that account.