Solved

Exchange Queue filling with retries "Unable to connect"

Posted on 2013-05-24
4
744 Views
Last Modified: 2013-06-02
We've recently been put on two blacklists so I am looking in the Exchange 2010 queue to see if anything fishy. I see over 100 spam email domains with DNSConnectorDelivery in retry states. All the emails seem to have Undeliverable in subject. One such example below:

Identity: mail1\160283\1565892
Subject: Undeliverable: Ends Today! Get Your Free Gift
Internet Message ID: <70147933-36f8-4039-bf82-dc897bb2975c@ourdomain.net>
From Address: <>
Status: Ready
Size (KB): 10
Message Source Name: DSN
Source IP: 255.255.255.255
SCL: -1
Date Received: 5/22/2013 3:21:52 AM
Expiration Time: 5/27/2013 3:21:52 AM
Last Error:
Queue ID: mail1\160283
Recipients:  EvfPsKGA666@aktifofis.com

The Last error is 451 4.4.0 Primary target IP address responded with: "421 Unable to connect." We are not an open relay and we use Postini to filter our inbound email. I have installed AntiSpam on our Hub Transport and enabled Sender and Recipient Filtering to assist.  
The emails show no sender and no source IP so I don't understand how they are ending up in our queue.

Any ideas?
0
Comment
Question by:ecosys
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
4 Comments
 
LVL 43

Expert Comment

by:Taurus
ID: 39195540
Check first internal user. Any user or server hit with a virus attack. Virus can also generate these kind of spam emails. If you have application configured to relay using exchange server. Make sure to use IP based relay. Which means, don't open it for anonymous users. Try this first.
0
 

Author Comment

by:ecosys
ID: 39195606
We only allow IP based relay internally. Also port 25 is restricted to only our Postini servers so all email should be filtered by the time it reaches us. I am not sure if there is an easy way to check for a virus but we have many  servers and users.
0
 

Accepted Solution

by:
ecosys earned 0 total points
ID: 39201414
I've resolved this by installed AntiSpam for Hub Transport. Set up Recipient Filtering to block messages sent to recipients that do not exist in directory. I also blocked emails without sender information, although this may not be necessary.
0
 

Author Closing Comment

by:ecosys
ID: 39214066
I resolved.
0

Featured Post

The Ultimate Checklist to Optimize Your Website

Websites are getting bigger and complicated by the day. Video, images, custom fonts are all great for showcasing your product/service. But the price to pay in terms of reduced page load times and ultimately, decreased sales, can lead to some difficult decisions about what to cut.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Unified and professional email signatures help maintain a consistent company brand image to the outside world. This article shows how to create an email signature in Exchange Server 2010 using a transport rule and how to overcome native limitations …
Sometimes clients can lose connectivity with the Lotus Notes Domino Server, but there's not always an obvious answer as to why it happens.   Read this article to follow one of the first experiences I had with Lotus Notes on a client's machine, my…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

690 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question