[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1018
  • Last Modified:

Exchange 2010 - NDRs not sending externally

First time poster - so hopefully I have provided enough information etc.

I have an Exchange 2010 server which isnt sending NDRs externally even though it has been configured to send them.

We have an SMTP Smarthost Connector setup for forward mail to our via our Local Authority.

They use and ISA box and all mail is routed through MessageLabs. (As far as I am aware and asked NDRs are not blocked)

When I use the exchange tracking tool, it shows our NDRs as STMP Fail and Badmail DSN which I am assuming means they are not leaving our Exchange server for one reason or another.


Below are details from get-hubtransportconfig and get-remotedomain

Hub Transport Config (snippet)
ClearCategories                     : True
ConvertDisclaimerWrapperToEml       : False
DSNConversionMode                   : UseExchangeDSNs
ExternalDelayDsnEnabled             : True
ExternalDsnDefaultLanguage          :
ExternalDsnLanguageDetectionEnabled : True
ExternalDsnMaxMessageAttachSize     : 10 MB (10,485,760 bytes)
ExternalDsnReportingAuthority       :
ExternalDsnSendHtml                 : True
ExternalPostmasterAddress           : postmaster@*****.uk
GenerateCopyOfDSNFor                : {}
HygieneSuite                        : Standard
InternalDelayDsnEnabled             : True

Remote Domain (snippet)
RunspaceId                           : fd55ede7-eac3-46c6-ac03-e9746862742b
DomainName                           : *
IsInternal                           : False
TargetDeliveryDomain                 : False
ByteEncoderTypeFor7BitCharsets       : Undefined
CharacterSet                         : iso-8859-1
NonMimeCharacterSet                  : iso-8859-1
AllowedOOFType                       : External
AutoReplyEnabled                     : False
AutoForwardEnabled                   : False
DeliveryReportEnabled                : True
NDREnabled                           : True
MeetingForwardNotificationEnabled    : False
ContentType                          : MimeHtmlText
DisplaySenderName                    : True
PreferredInternetCodePageForShiftJis : Undefined
RequiredCharsetCoverage              :
TNEFEnabled                          :
LineWrapSize                         : unlimited
TrustedMailOutboundEnabled           : False
TrustedMailInboundEnabled            : False
IsCoexistenceDomain                  : False
UseSimpleDisplayName                 : False
NDRDiagnosticInfoEnabled             : True
AdminDisplayName                     :
ExchangeVersion                      : 0.1 (8.0.535.0)
Name                                 : Default
0
herbie136
Asked:
herbie136
  • 5
  • 4
1 Solution
 
Andrew DavisManagerCommented:
You need to configure the domains as authoritative. But you also need to be aware of "Backscatter" as this can get you on some naughty lists. see http://social.technet.microsoft.com/Forums/exchange/en-US/8839bee6-134c-46fc-ba0a-08926b16eecc/how-to-enable-ndr-for-external-users

And i suggest that you read what Simon Butler (AKA Sembee on EE) has to say, and perhaps have a look at his Blog.

Cheers
Andrew.
0
 
herbie136Author Commented:
Thanks for reply.

I can confirm the domain is already set to be authoritative.

Not sure if this is related but I have just used telnet test the NDR all went find and submitted the email to the queue and then I got Error 5.3.3 unrecognised command.

I have just gone to look at the smtp logs and there are none!  Does Exchange not log automatically???

Thanks
Mark
0
 
Andrew DavisManagerCommented:
No it is disabled by default.
see http://technet.microsoft.com/en-us/library/bb124531.aspx
to turn it on.

Cheers
Andrew
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
herbie136Author Commented:
Right, logging enabled

This the test entry details from the log file.

Mail From: <> Size 11888,
250, <> Size 11888 . . . Sender ok,
RCPT TO: <myhotmail address>
550 Mailbox unavailable. ,
QUIT


I'm puzzled at two things.  
1. should the  Mail From not show  the  postmaster address
2. why the 550 Mailbox unavailable

Thanks
Mark
0
 
Andrew DavisManagerCommented:
How are you doing this? You mentioned Telnet.

if you are trying to telnet to a connector that doesnt have the ability to relay then it will return an error 550, because that mailbox doesnt exist in that exchange.

to test exchange using telnet see http://exchange.mvps.org/smtp_frames.htm

Cheers
Andrew
0
 
herbie136Author Commented:
I did try telnet before enabling logging and got the 5.3.3 error.

After I enabled logging I sent a message from my hotmail account for my work account mis-spelling my name to generate a NDR.  The information I posted was taken from the Send Logfile.

Does the postmaster account I have specified have to physically exist on the exchange server? The setting was blank on the Hub transport so I manually entered it.

Thanks
Mark
0
 
Andrew DavisManagerCommented:
it appears from above log that the hotmail server replied with the mailbox non-existent.

it may help to configure the postmaster address and set it to send a copy see http://msundis.wordpress.com/2010/04/21/configure-postmaster-microsoft-exchange-recipient-and-ndr-forwarding-in-exchange-server-2007-and-2010/

Cheers
Andrew

Sorry for the late reply. Time difference to Australia ;)
0
 
herbie136Author Commented:
I've gone through the articl, restarted all the services and still no joy :-(

Still getting 550 errors and NDRs are not going into the newly created postmaster mailbox.

This is a real head scratcher!

Thanks
Mark
tracklog.jpg
0
 
herbie136Author Commented:
After hours of testing and speaking to our Smarthost provider, it turned out to be their firewalls blocking the mails.

This was due to postmaster having no address or return path and the firewall was set to block any mail without a return path.

Since they will not change this setting and allow NDRs, it looks like Im at a stand still.

Many thanks for your help Andrew.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 5
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now