SmallPrint
asked on
Enable diagnostic Logging on Exchange, NDR sent to my exchange users
I installed AVG on our exchange server last night and ran into some issues that made me enable Diagnostic Logging on Exchange System Manager.
For the time that logging was enabled on ESM, several users received a Non-Delivery Report from emails that were sent out a few weeks ago.
All of the NDR relate to the same receipient address, and I just tried to send out an email to the same domain and my message was just sitting as a Retry in our ESM queue.
At this point I would like to know 2 things: How do I enable NDR reports to be sent to users if their message do not go through? 2: Did diagnostic logging send out these NDR's? Why were they sent out at the same time last night?
Users are worried that non of their emails are going through, even though these are all linked to the one email.
The NDR my users received is below.
Your message did not reach some or all of the intended recipients.
Subject: emission abnormality
Sent: 12/23/2009 2:03 PM
The following recipient(s) cannot be reached:
User name on 1/6/2010 10:25 PM
The e-mail system was unable to deliver the message, but did not report a specific reason. Check the address and try again. If it still fails, contact your system administrator.
<SERVER NAME.DOMAIN #4.0.0 smtp;450 <user@domaindoesntaccept.c
(user@domaindoesntaccept.c
The e-mail system was unable to deliver the message, but did not report a specific reason. Check the address and try again. If it still fails, contact your system administrator.
<SERVER Name.DOMAIN.DOMAIN #4.0.0 smtp;450 <user@domaindoesntaccept.c
For the time that logging was enabled on ESM, several users received a Non-Delivery Report from emails that were sent out a few weeks ago.
All of the NDR relate to the same receipient address, and I just tried to send out an email to the same domain and my message was just sitting as a Retry in our ESM queue.
At this point I would like to know 2 things: How do I enable NDR reports to be sent to users if their message do not go through? 2: Did diagnostic logging send out these NDR's? Why were they sent out at the same time last night?
Users are worried that non of their emails are going through, even though these are all linked to the one email.
The NDR my users received is below.
Your message did not reach some or all of the intended recipients.
Subject: emission abnormality
Sent: 12/23/2009 2:03 PM
The following recipient(s) cannot be reached:
User name on 1/6/2010 10:25 PM
The e-mail system was unable to deliver the message, but did not report a specific reason. Check the address and try again. If it still fails, contact your system administrator.
<SERVER NAME.DOMAIN #4.0.0 smtp;450 <user@domaindoesntaccept.c
(user@domaindoesntaccept.c
The e-mail system was unable to deliver the message, but did not report a specific reason. Check the address and try again. If it still fails, contact your system administrator.
<SERVER Name.DOMAIN.DOMAIN #4.0.0 smtp;450 <user@domaindoesntaccept.c
How to control non-delivery reports when you use Exchange 2000 or Exchange 2003
http://support.microsoft.com/kb/294757
http://support.microsoft.com/kb/294757
ASKER
How can I still how long until a NDR report is sent to a user whose message is not being delivered? Its just odd that these NDR came through at the same time i was troubleshooting email.
Since Greylisted is a "Feature" on the recipients end, does this mean the message eventually gets delivered, or is the only way for me to ask their admins? This domain/company we are emailing is in France, we have a hard time reaching them.
Since Greylisted is a "Feature" on the recipients end, does this mean the message eventually gets delivered, or is the only way for me to ask their admins? This domain/company we are emailing is in France, we have a hard time reaching them.
ASKER
So according to the attached pic, NDR are being sent to no one?
I always thought the users would receive the report automatically. According to the doumcnet, users never get the NDR? Is this correct, or am I reading this wrong?
The user will not receive the actual message that caused the NDR. However, if the notice is opened and Send Again is selected, the actual message appears and can be forwarded if you want.
ndr.JPG
I always thought the users would receive the report automatically. According to the doumcnet, users never get the NDR? Is this correct, or am I reading this wrong?
The user will not receive the actual message that caused the NDR. However, if the notice is opened and Send Again is selected, the actual message appears and can be forwarded if you want.
ndr.JPG
could you check if you can send email to that E-mail address using your private e-mail addres say yahoo or gmail. (just to isolate that problem is not from remote messaging server)
By default NDR message is sent to the sender. (This can be enable or disable from global settings "Allow non-delivery reports" option) See first paragraph of the article.
But if you want you can also configure it to send a copy of NDR to your administrator account or service account.
But if you want you can also configure it to send a copy of NDR to your administrator account or service account.
"""Since Greylisted is a "Feature" on the recipients end, does this mean the message eventually gets delivered, or is the only way for me to ask their admins?""""
Your exchange will retry email delivery and it will be accepted. No admin intervention necessary.
Your exchange will retry email delivery and it will be accepted. No admin intervention necessary.
ASKER
How long until a NDR is sent though?
ASKER
After how many hours/days will a NDR finally be sent?
exchange server will try to deliver message if error is retriable it will depend on delivery tab setting in above image
ASKER
So according to my settings, after 2 days of an email not being delivered, the sender will receive a NDR?
Capture.JPG
Capture.JPG
ASKER
any idea why these NDR were sent when I was working on the exchange server yesterday? Why were these NDR not sent out back in December?
Does Greylisting count as failing? Did exchange think the message was successfully send or something?
Any ideas would be appreciated, i have some upper managment users who are now questioning every email they send is just sitting in exchange.
Does Greylisting count as failing? Did exchange think the message was successfully send or something?
Any ideas would be appreciated, i have some upper managment users who are now questioning every email they send is just sitting in exchange.
ASKER
Another common item is that all of these Emails that were finally delivered yesterday are to Organizations that are in Europe. Not sure if that answers anything.
ASKER
I see that message logging is enabled.
I have attached the log of 1 message from our user.
He sent this email to france on 12-22-09, received a NDR today.
The NDR was sent during the 1 hour window i was working on the exchange server. Any idea why my user recieved the NDR during that time? Is it possible just by bad the recipient bounced the message back during that time?
message-logging.JPG
I have attached the log of 1 message from our user.
He sent this email to france on 12-22-09, received a NDR today.
The NDR was sent during the 1 hour window i was working on the exchange server. Any idea why my user recieved the NDR during that time? Is it possible just by bad the recipient bounced the message back during that time?
message-logging.JPG
ASKER
I meant to say my user received the NDR last night, as stated in the screen shot.
ASKER
I emailed my user to contact the original recipient...I wonder if they DID receive the email on 12-22, and somehow was resent with a NDR.
Bump in points..help me fix this!
Bump in points..help me fix this!
ASKER
So this means your users recieve NDR only when you restart smtp, information store service or restart the exchange server. until that point users are not receiving NDR.
ASKER
Sort of....
Specifically, We dont receive NDR if a sent item becomes greylisted. Also, if the item is greylisted, it dissapperas from our outbound qeue, and does not get resent until the server restart.
I applied both patched this morning around 2am....required a reboot. No major issues in the event log, although I did receive this message on start up in my email
SERVERNAME has reported a Error. Reported status is:
Queues - Unknown
Drives - Unknown
Services - Error
Memory - Unknown
CPU - Unknown
Specifically, We dont receive NDR if a sent item becomes greylisted. Also, if the item is greylisted, it dissapperas from our outbound qeue, and does not get resent until the server restart.
I applied both patched this morning around 2am....required a reboot. No major issues in the event log, although I did receive this message on start up in my email
SERVERNAME has reported a Error. Reported status is:
Queues - Unknown
Drives - Unknown
Services - Error
Memory - Unknown
CPU - Unknown
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
It is enabled by default.
2: Did diagnostic logging send out these NDR's? NO. Logging is only for admins to know what is going on.
The bounced message says that the email was rejected because the domain is greylisted for 5 minutes. It is an antispam feature at the recipient's end.
http://en.wikipedia.org/wiki/Greylisting