Solved

Messages Getting Stuck in Exchange Queue

Posted on 2014-10-29
7
467 Views
Last Modified: 2014-10-29
Hi Everyone,

I have been getting certain messages stuck in my queue which has been really holding sending email back. I would love to not have any messages similar to below from even entering the queue, is this even possible? If so, how could I make this happen? These messages have "<>" as the From Address. Thank you to everyone in advance:

Identity: Server-EXCHANGE\49668\123389
Subject: Undeliverable: You requested a new password
Internet Message ID: <5b5b632d-5ed7-4654-ba46-0716e772df85@gltech.org>
From Address: <>
Status: Ready
Size (KB): 62
Message Source Name: DSN
Source IP: 255.255.255.255
SCL: -1
Date Received: 29-Oct-14 10:38:49 AM
Expiration Time: 31-Oct-14 10:38:49 AM
Last Error:
Queue ID: Server-EXCHANGE\49668
Recipients:  bounce+3641fa.de15-554224=mydomain.org@quizlet.com
0
Comment
Question by:WindhamSD
7 Comments
 
LVL 34

Expert Comment

by:Seth Simmons
ID: 40410875
have you looked as to the reason why it's sitting in the queue?
what version of exchange?
0
 

Author Comment

by:WindhamSD
ID: 40411026
I really haven't. Good question though hahaha. I have Exchange 2010
0
 
LVL 8

Expert Comment

by:tshearon
ID: 40411030
Since the addresses are from <> they are most likely non-authenticated senders. Do you use an Internal Relay (open relay) send connectors for Exchange? If so you may want to see f this sending node is authorized to send as an open relay. If not, consider reconfiguring the source sender address to something that is authenticated (ie. provide a real mailbox user account as sender). This is similar to a spoofing problem.
0
Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

 

Author Comment

by:WindhamSD
ID: 40411039
We do have a few printers and other devices like fire panels and sensors that are setup to relay, but Exchange isn't setup to be an open relay. Would you be able to point me in the right direction on, "you may want to see f this sending node is authorized to send as an open relay. If not, consider reconfiguring the source sender address to something that is authenticated (ie. provide a real mailbox user account as sender). This is similar to a spoofing problem."

Thanks for the reply!
0
 
LVL 8

Accepted Solution

by:
tshearon earned 250 total points
ID: 40411076
Do you know of any automated systems you have that send mail with the subject "You requested a new password." If so you probably alredy know the offending node. You could also check your smtp logs to see if they have the entry you posted above. The logs are sorted by date/time so it should be easy to find. You could search on the messageID or any of the other fields there and see if it gives you a real source ip address from the sending node. My suspicion is that this is spoofing however.
0
 
LVL 13

Assisted Solution

by:Andy M
Andy M earned 250 total points
ID: 40411129
The subject line "Undeliverable" indicates this message may actually be a bounceback message that your system is trying to send out to the reply-to address of an email.

I suspect some spam has been sent to a non-existent/mis-spelt address for your domain. As this doesn't exist your server is rightly trying to send back a bounce-back email to the sender informing them of this but the actual reply-to address doesn't exist so the email gets stuck in the queue. If you looked through your SMTP logs you'd probably find an email with a subject of "You requested a new password" been sent to your server.

I've seen this happen on many exchange servers. Usually adjusting your anti-spam settings to block the original spam can reduce these from occurring and in some cases there's options to prevent these bouncebacks going out (i.e. if sent to a non-existent address the spam email is dropped silently with no bounceback) but this would depend on your anti-spam system and it's settings.
0
 

Author Closing Comment

by:WindhamSD
ID: 40411228
AAAHHH! Got cha'! Thanks guys. I found the offender, it's an in-house SIS system and things are bouncing back due to dual-delivery with GMail.

All of your help was greatly appreciated!
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Utilizing an array to gracefully append to a list of EmailAddresses
Phishing attempts can come in all forms, shapes and sizes. No matter how familiar you think you are with them, always remember to take extra precaution when opening an email with attachments or links.
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question