Current user receiving "Your message did not reach some or all of the intended recipients" messages for deleted user

Early last week I went through Active Directories and deleted a number of users that have been gone from the organisation for over a year.  I then went into System Manager and ran a clean up then purged all old mailboxes.

Now, one of our users is regularly receviing emails addressed to one of the deleted users:"Your message did not reach some or all of the intended recipients"  that are addressed to one of the deleted users.  The emails all have different sources.  Heres an example of one:

Your message did not reach some or all of the intended recipients.
      Subject:      FW: Spam Summary Digest: 8 Messages
      Sent:      28/01/2008 7:11 a.m.

The following recipient(s) could not be reached:
      ***DeletedUsername*** on 28/01/2008 7:11 a.m.
            The e-mail account does not exist at the organization this message was sent to.  Check the e-mail address, or contact the recipient directly to find out the correct address.
            <mpex01.mcp.inet #5.1.1>

I do understand that its possible that teh current user receiving the emails may have been delegated to receive the mail of the since-deleted user.  I was hoping that the weekly server restart this morning would have solved the issue but it seems it hasn't.

How can this be fixed up?  All comments greatly appreciated.
bosshognzAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

maxis2cuteCommented:
the person sending the email is probably picking their name from a group.  It may be a group that they created and they should go in and delete that person.
You may have deleted the account, however, if someone picks that name they can still try to send am email to that account.




0
za_mkhIT ManagerCommented:
The only way Person B could be 'receiving' Deleted Person A email messages is if the B's mailbox is actually trying to send mail to the Person A. Check Person B mailbox. It could be that they have a rule that fowards mail to Person A who obviously no longer exists. That's where I would look

Also check your Message Queues on the Exchange Server.
0
maxis2cuteCommented:
just checking that the person is getting and NDR(non devlivery receipt) not an actual email from the delted user.  Correct?
0
The Ultimate Tool Kit for Technolgy Solution Provi

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy for valuable how-to assets including sample agreements, checklists, flowcharts, and more!

bosshognzAuthor Commented:
maxis:  
The name was removed from AD groups a year ago.  The origins of the emails include:  Spoofed emails pretending to be coming from their own (deleted) email account, our mail filter software and from outside of the domain.   I have looked in our email filter software and the user's name is not anywhere to be found, as it pulls all usernames from AD.

za mkh:
I have logged on as current user 'B', they have no rules at all.  There seem to be no emails going from current user B..... the "Your message did not reach some or all of the intended recipients" emails have "Deleted User A" in the From Field
0
bosshognzAuthor Commented:
Maxis - was previously delegated to received emails on behalf of deleted user prior to deletion.... and looking at current users 'Deleted Items' folder, has been receiving them in the past.
0
maxis2cuteCommented:
is this exchange?  can you recreate the use and go back to the account and remove the send on behal of permissions, or since you said that you can get into that persoons emai account if its out look you should be able to remove those permissions from there.  

My only concern is that the SID has changed, it should not affect it but it may.  

Worst case is delete the other users email account and create a new one.  That should not cause to much of an issue.
0
bosshognzAuthor Commented:
I can get into the Current User's email.  The deleted user is gone  I guess I could try to recreate the current user, but this an absolute last resort.  
Although I'm not 100% sure, I'm pretty sure the delegation was created at Exchnge level in AD.
0
maxis2cuteCommented:
i would then go back to the last 2 suggestions i gave you .  But more thatn not i would recreate the current users and recreate them.  It is fast and almost painless and will take less time than hunting around
0
bosshognzAuthor Commented:
I don't understand why I should recreate existing users.  Its not the existing user thats causing the problem.  Its the deleted user and the delegation set in Exchange on the deleted user's properties in AD
0
bosshognzAuthor Commented:
I recreated the deleted user.  No one sitting in the delegation box on AD.  I put the current user in and deleted her again, before deleting the entire deleted user again.

I don't see this as making any difference, but will let you know of the outcome tomorrow at the latest (should receive a spam digest at 7am tomorrow morning if it hasn't worked)
0
maxis2cuteCommented:
well if the current user had send on behalf of and now you cant turn it off i dont know how else to get that to be relased.   If it is a rule in error i can recommend you run a utility as long as it is outlook 2003 or 2007.  

Another thought i have is that maybe the current user has in the profile that email address.  

it can only be a fowarder, a rule or the actual email address that is causing this.
0
bosshognzAuthor Commented:
The current user does't have the deleted user's email address - that was the first thing I looked for.   The only email addy in properties is her own one (and the X400 entry)
There is nothing in AD in the current user's properties that links them to the deleted user.  The Send on Behalf/Delegation - that existed in the deleted user's properties.
There are no rules in the current user's profile - I have logged in as her to check.
0
maxis2cuteCommented:
My last though on the subject would be that this current users email is being spoofed, which i have run across and the spoofer is sending it the deleted user.  If this is the case then the current user would get the NDR.

The way to check this is to block emails from your domain from being sent to your domain.  I have this in my organization for just this reason. so that XXX@domain.you is set in teh email filter to not be allowed.

that should solve the problem either way
0
bosshognzAuthor Commented:
Our email filter picks up the spoofed emails we get about 20 a day - this current user is getting notification still from the email filter of spoofed emails for the deleted user also.  
Other than that, the email subjects coming through are valid (location and topic relevant to our organisation or the spam digests that everyone gets daily).
0
maxis2cuteCommented:
I wish i could solve this but i have exhausted the knowledge tht i have. If you find an answer please update this so we can help others.

Sorry
0
za_mkhIT ManagerCommented:
Here's a question. With Maxis's suggestion of creating the User. I think since delegation was involved, the 'deleted' user is not the cause of the problem but the delegation/rules in the mailbox itself.

What are your retention settings for the deleted mailboxes. in our case we set it for 30 days. So if you still have the mailbox on the Exchange Server, enable it again using System Manager, by assigning it to a new user account that you have created since a mailbox always needs an account.

Log into the mailbox and see what settings are there. Hopefully you will see the delegation or maybe even some rule for this!

Hope this helps.
0
za_mkhIT ManagerCommented:
Also check this KB Article ... http://support.microsoft.com/kb/312433

0
bosshognzAuthor Commented:
OK problem solved.

Explanation:

User D was cleaned out of Active Directories & Exchange as a result of clean up of exited employees.
User A starts receiving NDR messages regarding a non-existant user - User D whenever 'All Staff' emails were sent, Spam Digests, & other work-related emails came in (not all emails though).
User A happens to play a PA type role to several other users - including User B.   As a result User B's email was forwarded to User A at an Exchange level. Users A, Y & Z could send on User B's behalf at Exchange level.
User B ALSO had a rule at an Outlook level directing his email to User D, and User D was also delegated to send on his behalf.

I removed the Outlook level rules and delegations. And all is right with the world again!

I found it pays to log on as the user and look in detail at the email messages - I hadn't noticed that some of them weren't actually addressed to her.

Interesting though to note - at Outlook Level I could see User D, A, Y & Z as delegates, but at Exchange level I could only see users A, Y & Z.  Weird.

Hope I didn't confuse too many, and thanks everyone for the input.  
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
maxis2cuteCommented:
well thanks for the update, glad all is good with your world.  and thanks for the confusion.
0
bosshognzAuthor Commented:
Welcome!

Lesson learnt:  Apply delegation & forwarding at one level only - eg:Outlook OR Exchange.

The joys of inheriting a system from someone else.
0
Vee_ModCommented:
Closed, 500 points refunded.
Vee_Mod
Community Support Moderator
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.