Solved

Messages Getting Stuck in Exchange Queue

Posted on 2014-10-29
7
472 Views
Last Modified: 2014-10-29
Hi Everyone,

I have been getting certain messages stuck in my queue which has been really holding sending email back. I would love to not have any messages similar to below from even entering the queue, is this even possible? If so, how could I make this happen? These messages have "<>" as the From Address. Thank you to everyone in advance:

Identity: Server-EXCHANGE\49668\123389
Subject: Undeliverable: You requested a new password
Internet Message ID: <5b5b632d-5ed7-4654-ba46-0716e772df85@gltech.org>
From Address: <>
Status: Ready
Size (KB): 62
Message Source Name: DSN
Source IP: 255.255.255.255
SCL: -1
Date Received: 29-Oct-14 10:38:49 AM
Expiration Time: 31-Oct-14 10:38:49 AM
Last Error:
Queue ID: Server-EXCHANGE\49668
Recipients:  bounce+3641fa.de15-554224=mydomain.org@quizlet.com
0
Comment
Question by:WindhamSD
7 Comments
 
LVL 35

Expert Comment

by:Seth Simmons
ID: 40410875
have you looked as to the reason why it's sitting in the queue?
what version of exchange?
0
 

Author Comment

by:WindhamSD
ID: 40411026
I really haven't. Good question though hahaha. I have Exchange 2010
0
 
LVL 8

Expert Comment

by:tshearon
ID: 40411030
Since the addresses are from <> they are most likely non-authenticated senders. Do you use an Internal Relay (open relay) send connectors for Exchange? If so you may want to see f this sending node is authorized to send as an open relay. If not, consider reconfiguring the source sender address to something that is authenticated (ie. provide a real mailbox user account as sender). This is similar to a spoofing problem.
0
Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

 

Author Comment

by:WindhamSD
ID: 40411039
We do have a few printers and other devices like fire panels and sensors that are setup to relay, but Exchange isn't setup to be an open relay. Would you be able to point me in the right direction on, "you may want to see f this sending node is authorized to send as an open relay. If not, consider reconfiguring the source sender address to something that is authenticated (ie. provide a real mailbox user account as sender). This is similar to a spoofing problem."

Thanks for the reply!
0
 
LVL 8

Accepted Solution

by:
tshearon earned 250 total points
ID: 40411076
Do you know of any automated systems you have that send mail with the subject "You requested a new password." If so you probably alredy know the offending node. You could also check your smtp logs to see if they have the entry you posted above. The logs are sorted by date/time so it should be easy to find. You could search on the messageID or any of the other fields there and see if it gives you a real source ip address from the sending node. My suspicion is that this is spoofing however.
0
 
LVL 13

Assisted Solution

by:Andy M
Andy M earned 250 total points
ID: 40411129
The subject line "Undeliverable" indicates this message may actually be a bounceback message that your system is trying to send out to the reply-to address of an email.

I suspect some spam has been sent to a non-existent/mis-spelt address for your domain. As this doesn't exist your server is rightly trying to send back a bounce-back email to the sender informing them of this but the actual reply-to address doesn't exist so the email gets stuck in the queue. If you looked through your SMTP logs you'd probably find an email with a subject of "You requested a new password" been sent to your server.

I've seen this happen on many exchange servers. Usually adjusting your anti-spam settings to block the original spam can reduce these from occurring and in some cases there's options to prevent these bouncebacks going out (i.e. if sent to a non-existent address the spam email is dropped silently with no bounceback) but this would depend on your anti-spam system and it's settings.
0
 

Author Closing Comment

by:WindhamSD
ID: 40411228
AAAHHH! Got cha'! Thanks guys. I found the offender, it's an in-house SIS system and things are bouncing back due to dual-delivery with GMail.

All of your help was greatly appreciated!
0

Featured Post

How our DevOps Teams Maximize Uptime

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us. Read the use case whitepaper.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
This video discusses moving either the default database or any database to a new volume.

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question