Messages Getting Stuck in Exchange Queue

Hi Everyone,

I have been getting certain messages stuck in my queue which has been really holding sending email back. I would love to not have any messages similar to below from even entering the queue, is this even possible? If so, how could I make this happen? These messages have "<>" as the From Address. Thank you to everyone in advance:

Identity: Server-EXCHANGE\49668\123389
Subject: Undeliverable: You requested a new password
Internet Message ID: <5b5b632d-5ed7-4654-ba46-0716e772df85@gltech.org>
From Address: <>
Status: Ready
Size (KB): 62
Message Source Name: DSN
Source IP: 255.255.255.255
SCL: -1
Date Received: 29-Oct-14 10:38:49 AM
Expiration Time: 31-Oct-14 10:38:49 AM
Last Error:
Queue ID: Server-EXCHANGE\49668
Recipients:  bounce+3641fa.de15-554224=mydomain.org@quizlet.com
WindhamSDAsked:
Who is Participating?
 
tshearonCommented:
Do you know of any automated systems you have that send mail with the subject "You requested a new password." If so you probably alredy know the offending node. You could also check your smtp logs to see if they have the entry you posted above. The logs are sorted by date/time so it should be easy to find. You could search on the messageID or any of the other fields there and see if it gives you a real source ip address from the sending node. My suspicion is that this is spoofing however.
0
 
Seth SimmonsSr. Systems AdministratorCommented:
have you looked as to the reason why it's sitting in the queue?
what version of exchange?
0
 
WindhamSDAuthor Commented:
I really haven't. Good question though hahaha. I have Exchange 2010
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
tshearonCommented:
Since the addresses are from <> they are most likely non-authenticated senders. Do you use an Internal Relay (open relay) send connectors for Exchange? If so you may want to see f this sending node is authorized to send as an open relay. If not, consider reconfiguring the source sender address to something that is authenticated (ie. provide a real mailbox user account as sender). This is similar to a spoofing problem.
0
 
WindhamSDAuthor Commented:
We do have a few printers and other devices like fire panels and sensors that are setup to relay, but Exchange isn't setup to be an open relay. Would you be able to point me in the right direction on, "you may want to see f this sending node is authorized to send as an open relay. If not, consider reconfiguring the source sender address to something that is authenticated (ie. provide a real mailbox user account as sender). This is similar to a spoofing problem."

Thanks for the reply!
0
 
Andy MInternal Systems ManagerCommented:
The subject line "Undeliverable" indicates this message may actually be a bounceback message that your system is trying to send out to the reply-to address of an email.

I suspect some spam has been sent to a non-existent/mis-spelt address for your domain. As this doesn't exist your server is rightly trying to send back a bounce-back email to the sender informing them of this but the actual reply-to address doesn't exist so the email gets stuck in the queue. If you looked through your SMTP logs you'd probably find an email with a subject of "You requested a new password" been sent to your server.

I've seen this happen on many exchange servers. Usually adjusting your anti-spam settings to block the original spam can reduce these from occurring and in some cases there's options to prevent these bouncebacks going out (i.e. if sent to a non-existent address the spam email is dropped silently with no bounceback) but this would depend on your anti-spam system and it's settings.
0
 
WindhamSDAuthor Commented:
AAAHHH! Got cha'! Thanks guys. I found the offender, it's an in-house SIS system and things are bouncing back due to dual-delivery with GMail.

All of your help was greatly appreciated!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.