Improve company productivity with a Business Account.Sign Up

x
?
Solved

Exchange Queue -- Undeliverable messages from nobody.

Posted on 2015-01-07
8
Medium Priority
?
98 Views
Last Modified: 2015-01-09
Hi,
I'm finding a fair amount each day (~50 - 100) messages in my Exchange queue that puzzle me. (Please see screen shot).
The "FROM" address is blank  "<>"
The subject always has "Undeliverable" next to it.

I'm trying to figure out if it's
1. A bounce back. Spam to a non-existent user and this is the bounce back to a non-existent domain it's trying to bounce back to.
2. Is someone connecting directly to port 25 of my server, like a command line thing and trying to use the server as an open relay? I've checked and double checked, the server isn't an open relay.
3. Something else?

I think it's #1 but I'm not sure.

Any ideas whats causing it and how to stop it?
ALso, next to "Message Source name" is says "DSN". What is DSN?

As always, thanks!
queue-screen-shot.jpg
0
Comment
Question by:nachtmsk
  • 4
  • 2
  • 2
8 Comments
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 2000 total points
ID: 40535998
Those are NDRs - Non Delivery Reports. DSN is Delivery Status Notification, basically the same thing.
They are most likely Out of the Office or emails to people who do not exist.

Turn on recipient filtering, which is part of the spam filtering within Exchange.
http://semb.ee/filterunknown

That will stop most of them.
If your Exchange server is not the server that receives email from the internet, then you need to recipient filtering there instead.

Simon.
0
 
LVL 1

Author Comment

by:nachtmsk
ID: 40536050
Thanks Simon.
I already have Recipient Filtering turned on. I guess these messages got through. Thanks for explaining what they are.
0
 
LVL 19

Expert Comment

by:R--R
ID: 40536071
Do you have exchange 2013?
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
LVL 1

Author Comment

by:nachtmsk
ID: 40536093
No, exchange 2010.
0
 
LVL 19

Expert Comment

by:R--R
ID: 40536121
Have you enabled exchange anti spam and configured it.

Please refer enable anti spam agent http://technet.microsoft.com/en-in/library/bb201691%28v=exchg.150%29.aspx
Also add ipblocklist provider

Add-IPBlockListProvider -Name zen.spamhaus.org -LookupDomain zen.spamhaus.org -AnyMatch $True
Add-IPBlockListProvider -Name bl.spamcop.net -LookupDomain bl.spamcop.net -AnyMatch $True
Add-IPBlockListProvider -Name dnsbl.sorbs.net -LookupDomain dnsbl.sorbs.net -AnyMatch $True

Set-RecipientFilterConfig -RecipientValidationEnabled $true
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 40536255
If you have recipient filtering enabled, then you shouldn't have seen the messages. I would suspect that either it isn't enabled, or you have a problem elsewhere.

Be aware of the consequences of enabling external blacklists. They are not the "solution" that many people think they are. Both spamhaus and Sorbs will block entire subnets with little good reason. Enable them if you are happy for an unaccountable third party deciding what email you can receive.

Simon.
0
 
LVL 1

Author Comment

by:nachtmsk
ID: 40536285
I have a third party spam solution in place -- GFI mail essentials. Also running Microsofts built in solutions at the same time.
0
 
LVL 1

Author Comment

by:nachtmsk
ID: 40540201
I figured out where the Undeliverable bounced messages were coming from.  We have users who rarely check their mailboxes and the boxes get full. Those undeliverable messages were spam messages sent from an invalid FROM address to a user whose box was full. The system kicked the message back to the original sender whom didn't exist. Then those bounces sit in my queue for a few days , or whatever the timeout period is, I can't remember.
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

This article involves a discussion about issues people have when it comes to Client Access in relating to Load Balancing in an Exchange environment which we had ourselves, along with a solution I found to the problem.
You can use the network upload option and the Office 365 Import service to bulk-import PST files to user mailboxes. Network upload means that you upload the PST files a temporary storage area in the Microsoft cloud.
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
This video shows how to quickly and easily deploy an email signature for all users in Office 365 and prevent it from being added to replies and forwards. (the resulting signature is applied on the server level in Exchange Online) The email signat…

585 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question