Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Exchange 2010 - NDRs not sending externally

Posted on 2013-06-24
9
949 Views
Last Modified: 2013-07-03
First time poster - so hopefully I have provided enough information etc.

I have an Exchange 2010 server which isnt sending NDRs externally even though it has been configured to send them.

We have an SMTP Smarthost Connector setup for forward mail to our via our Local Authority.

They use and ISA box and all mail is routed through MessageLabs. (As far as I am aware and asked NDRs are not blocked)

When I use the exchange tracking tool, it shows our NDRs as STMP Fail and Badmail DSN which I am assuming means they are not leaving our Exchange server for one reason or another.


Below are details from get-hubtransportconfig and get-remotedomain

Hub Transport Config (snippet)
ClearCategories                     : True
ConvertDisclaimerWrapperToEml       : False
DSNConversionMode                   : UseExchangeDSNs
ExternalDelayDsnEnabled             : True
ExternalDsnDefaultLanguage          :
ExternalDsnLanguageDetectionEnabled : True
ExternalDsnMaxMessageAttachSize     : 10 MB (10,485,760 bytes)
ExternalDsnReportingAuthority       :
ExternalDsnSendHtml                 : True
ExternalPostmasterAddress           : postmaster@*****.uk
GenerateCopyOfDSNFor                : {}
HygieneSuite                        : Standard
InternalDelayDsnEnabled             : True

Remote Domain (snippet)
RunspaceId                           : fd55ede7-eac3-46c6-ac03-e9746862742b
DomainName                           : *
IsInternal                           : False
TargetDeliveryDomain                 : False
ByteEncoderTypeFor7BitCharsets       : Undefined
CharacterSet                         : iso-8859-1
NonMimeCharacterSet                  : iso-8859-1
AllowedOOFType                       : External
AutoReplyEnabled                     : False
AutoForwardEnabled                   : False
DeliveryReportEnabled                : True
NDREnabled                           : True
MeetingForwardNotificationEnabled    : False
ContentType                          : MimeHtmlText
DisplaySenderName                    : True
PreferredInternetCodePageForShiftJis : Undefined
RequiredCharsetCoverage              :
TNEFEnabled                          :
LineWrapSize                         : unlimited
TrustedMailOutboundEnabled           : False
TrustedMailInboundEnabled            : False
IsCoexistenceDomain                  : False
UseSimpleDisplayName                 : False
NDRDiagnosticInfoEnabled             : True
AdminDisplayName                     :
ExchangeVersion                      : 0.1 (8.0.535.0)
Name                                 : Default
0
Comment
Question by:herbie136
  • 5
  • 4
9 Comments
 
LVL 18

Expert Comment

by:Andrew Davis
ID: 39271051
You need to configure the domains as authoritative. But you also need to be aware of "Backscatter" as this can get you on some naughty lists. see http://social.technet.microsoft.com/Forums/exchange/en-US/8839bee6-134c-46fc-ba0a-08926b16eecc/how-to-enable-ndr-for-external-users

And i suggest that you read what Simon Butler (AKA Sembee on EE) has to say, and perhaps have a look at his Blog.

Cheers
Andrew.
0
 

Author Comment

by:herbie136
ID: 39271614
Thanks for reply.

I can confirm the domain is already set to be authoritative.

Not sure if this is related but I have just used telnet test the NDR all went find and submitted the email to the queue and then I got Error 5.3.3 unrecognised command.

I have just gone to look at the smtp logs and there are none!  Does Exchange not log automatically???

Thanks
Mark
0
 
LVL 18

Expert Comment

by:Andrew Davis
ID: 39271637
No it is disabled by default.
see http://technet.microsoft.com/en-us/library/bb124531.aspx
to turn it on.

Cheers
Andrew
0
Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

 

Author Comment

by:herbie136
ID: 39271872
Right, logging enabled

This the test entry details from the log file.

Mail From: <> Size 11888,
250, <> Size 11888 . . . Sender ok,
RCPT TO: <myhotmail address>
550 Mailbox unavailable. ,
QUIT


I'm puzzled at two things.  
1. should the  Mail From not show  the  postmaster address
2. why the 550 Mailbox unavailable

Thanks
Mark
0
 
LVL 18

Expert Comment

by:Andrew Davis
ID: 39271907
How are you doing this? You mentioned Telnet.

if you are trying to telnet to a connector that doesnt have the ability to relay then it will return an error 550, because that mailbox doesnt exist in that exchange.

to test exchange using telnet see http://exchange.mvps.org/smtp_frames.htm

Cheers
Andrew
0
 

Author Comment

by:herbie136
ID: 39272086
I did try telnet before enabling logging and got the 5.3.3 error.

After I enabled logging I sent a message from my hotmail account for my work account mis-spelling my name to generate a NDR.  The information I posted was taken from the Send Logfile.

Does the postmaster account I have specified have to physically exist on the exchange server? The setting was blank on the Hub transport so I manually entered it.

Thanks
Mark
0
 
LVL 18

Accepted Solution

by:
Andrew Davis earned 500 total points
ID: 39274008
it appears from above log that the hotmail server replied with the mailbox non-existent.

it may help to configure the postmaster address and set it to send a copy see http://msundis.wordpress.com/2010/04/21/configure-postmaster-microsoft-exchange-recipient-and-ndr-forwarding-in-exchange-server-2007-and-2010/

Cheers
Andrew

Sorry for the late reply. Time difference to Australia ;)
0
 

Author Comment

by:herbie136
ID: 39274272
I've gone through the articl, restarted all the services and still no joy :-(

Still getting 550 errors and NDRs are not going into the newly created postmaster mailbox.

This is a real head scratcher!

Thanks
Mark
tracklog.jpg
0
 

Author Comment

by:herbie136
ID: 39297384
After hours of testing and speaking to our Smarthost provider, it turned out to be their firewalls blocking the mails.

This was due to postmaster having no address or return path and the firewall was set to block any mail without a return path.

Since they will not change this setting and allow NDRs, it looks like Im at a stand still.

Many thanks for your help Andrew.
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Read this checklist to learn more about the 15 things you should never include in an email signature.
This article explains how to install and use the NTBackup utility that comes with Windows Server.
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

789 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question