Solved

Messages Getting Stuck in Exchange Queue

Posted on 2014-10-29
7
452 Views
Last Modified: 2014-10-29
Hi Everyone,

I have been getting certain messages stuck in my queue which has been really holding sending email back. I would love to not have any messages similar to below from even entering the queue, is this even possible? If so, how could I make this happen? These messages have "<>" as the From Address. Thank you to everyone in advance:

Identity: Server-EXCHANGE\49668\123389
Subject: Undeliverable: You requested a new password
Internet Message ID: <5b5b632d-5ed7-4654-ba46-0716e772df85@gltech.org>
From Address: <>
Status: Ready
Size (KB): 62
Message Source Name: DSN
Source IP: 255.255.255.255
SCL: -1
Date Received: 29-Oct-14 10:38:49 AM
Expiration Time: 31-Oct-14 10:38:49 AM
Last Error:
Queue ID: Server-EXCHANGE\49668
Recipients:  bounce+3641fa.de15-554224=mydomain.org@quizlet.com
0
Comment
Question by:WindhamSD
7 Comments
 
LVL 34

Expert Comment

by:Seth Simmons
ID: 40410875
have you looked as to the reason why it's sitting in the queue?
what version of exchange?
0
 

Author Comment

by:WindhamSD
ID: 40411026
I really haven't. Good question though hahaha. I have Exchange 2010
0
 
LVL 8

Expert Comment

by:tshearon
ID: 40411030
Since the addresses are from <> they are most likely non-authenticated senders. Do you use an Internal Relay (open relay) send connectors for Exchange? If so you may want to see f this sending node is authorized to send as an open relay. If not, consider reconfiguring the source sender address to something that is authenticated (ie. provide a real mailbox user account as sender). This is similar to a spoofing problem.
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 

Author Comment

by:WindhamSD
ID: 40411039
We do have a few printers and other devices like fire panels and sensors that are setup to relay, but Exchange isn't setup to be an open relay. Would you be able to point me in the right direction on, "you may want to see f this sending node is authorized to send as an open relay. If not, consider reconfiguring the source sender address to something that is authenticated (ie. provide a real mailbox user account as sender). This is similar to a spoofing problem."

Thanks for the reply!
0
 
LVL 8

Accepted Solution

by:
tshearon earned 250 total points
ID: 40411076
Do you know of any automated systems you have that send mail with the subject "You requested a new password." If so you probably alredy know the offending node. You could also check your smtp logs to see if they have the entry you posted above. The logs are sorted by date/time so it should be easy to find. You could search on the messageID or any of the other fields there and see if it gives you a real source ip address from the sending node. My suspicion is that this is spoofing however.
0
 
LVL 13

Assisted Solution

by:Andy M
Andy M earned 250 total points
ID: 40411129
The subject line "Undeliverable" indicates this message may actually be a bounceback message that your system is trying to send out to the reply-to address of an email.

I suspect some spam has been sent to a non-existent/mis-spelt address for your domain. As this doesn't exist your server is rightly trying to send back a bounce-back email to the sender informing them of this but the actual reply-to address doesn't exist so the email gets stuck in the queue. If you looked through your SMTP logs you'd probably find an email with a subject of "You requested a new password" been sent to your server.

I've seen this happen on many exchange servers. Usually adjusting your anti-spam settings to block the original spam can reduce these from occurring and in some cases there's options to prevent these bouncebacks going out (i.e. if sent to a non-existent address the spam email is dropped silently with no bounceback) but this would depend on your anti-spam system and it's settings.
0
 

Author Closing Comment

by:WindhamSD
ID: 40411228
AAAHHH! Got cha'! Thanks guys. I found the offender, it's an in-house SIS system and things are bouncing back due to dual-delivery with GMail.

All of your help was greatly appreciated!
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now