Solved

Found empty sender address mail stuck in queue of Exchange 2k10

Posted on 2014-12-30
9
130 Views
Last Modified: 2015-01-24
This is using MS Exchange server 2010 on MS Windows 2008 R2 server. Recently, in queue viewer, found quite a lot of stuck mail with empty sender address. Please refer to the attached file.

Is this some kind of spamming that want to send via my exchange server? How to stop it? almost all of these stuck mails have error message - 421 4.4.2 Connection dropped due to socket errors.

Thanks in advance.
421---4.4.2-error.bmp
0
Comment
Question by:MichaelBalack
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
9 Comments
 
LVL 19

Expert Comment

by:Miguel Angel Perez Muñoz
ID: 40523844
This appears to be NDR, you may be flooded to inexistent email address and this generates NDR to inexistent domains. This causes your server couldn´t reach to this domains and emails stucks on queue. After 2 days will be remove automatically.
0
 
LVL 31

Expert Comment

by:Gareth Gudger
ID: 40523858
These are just Non-Delivery Reports (NDRs) coming back. Could be a result of an NDR backscatter attack.

Articles on Backscatter.
http://technet.microsoft.com/en-us/library/dn499795(v=exchg.150).aspx
http://www.sophos.com/en-us/support/knowledgebase/37088.aspx
0
 
LVL 3

Accepted Solution

by:
Sudhir Bidye earned 500 total points
ID: 40526514
1) Check if your server is open for relay, if yes then below article can be helpful to fix it.

alanhardisty.wordpress.com/2010/07/12/how-to-close-an-open-relay-in-exchange-2007-2010/

https://exchangemaster.wordpress.com/2013/03/08/checking-for-open-relay-in-exchange-20072010/

2) Run antivirus/antimalware scan on all the user workstation and make sure none of the user accounts are compromised.
0
Online Training Solution

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action. Forget about retraining and skyrocket knowledge retention rates.

 
LVL 1

Author Comment

by:MichaelBalack
ID: 40528793
Hi Sudhir,

Ok, will do it ...
0
 
LVL 1

Author Comment

by:MichaelBalack
ID: 40543215
I've requested that this question be closed as follows:

Accepted answer: 0 points for MichaelBalack's comment #a40528793

for the following reason:

ok
0
 
LVL 31

Expert Comment

by:Gareth Gudger
ID: 40543216
Did you mean to close it that way Michael?
0
 
LVL 1

Author Comment

by:MichaelBalack
ID: 40550471
yes
0
 
LVL 1

Author Closing Comment

by:MichaelBalack
ID: 40568246
Hi Sudhir,

Exchange server is not open relay. However, found few PC were infected by malware/virus that broadcast emails to some invalid recipients, thus jam up the mail queue. After getting rid of the malware/virus, no more stuck mail with sender address "empty".
0

Featured Post

Salesforce Has Never Been Easier

Improve and reinforce salesforce training & adoption using WalkMe's digital adoption platform. Start saving on costly employee training by creating fast intuitive Walk-Thrus for Salesforce. Claim your Free Account Now

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will help to fix the below errors for MS Exchange Server 2013 I. Certificate error "name on the security certificate is invalid or does not match the name of the site" II. Out of Office not working III. Make Internal URLs and Externa…
Check out this step-by-step guide for using the newly updated Experts Exchange mobile app—released on May 30.
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…

690 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question