[Webinar] Streamline your web hosting managementRegister Today

x
?
Solved

Ex2010 - Tarpit for '0.00:00:01.028' due to 'DelayedAck',Delivered

Posted on 2015-02-11
3
Medium Priority
?
1,642 Views
Last Modified: 2015-02-12
Hi,

First of all I have read some of the material on this and I have seen some people suggesting to change the MaxAcknowledgementDelay on the Receive Connector to zero but some of those were in reference to coexistence with an Exchange 2003 server.  I have also seen a suggestion stating that you could create a special receive connector for the particular domain and put all the IPs in it that send mail for that domain.  I'm interested in getting some opinions on my particular situation.

I have a single Exchange 2010 server receiving email from the internet using a single "Internet Receive Connector".  Usually I only see this in the SMTP Receive Log with spammers but occasionally it happens with legitimate email.  Today it is happening with a new client and I would like to get it resolved.  So the emails in question are never received by our users and the following is the end of the transmission in the Receive Log for one of the missing emails.  Can anyone offer up some suggestions?

2015-02-11T20:22:46.477Z,EPTMAIL10\Internet Receive Connector,08D1C5ED19C2349D,27,LOCAL_IP:25, REMOTE_IP:45222,>,250 2.6.0 <!&!AAAAAAAAAAAYAAAAAAAAADcX//EdsDVGvdVvMvwfDP/CgAAAEAAAAGs9kWHPps5MrK7DOR3DVo8BAAAAAA==@REMOTEDOMAIN.ca> [InternalId=118165] Queued mail for delivery,
2015-02-11T20:22:46.499Z,EPTMAIL10\Internet Receive Connector,08D1C5ED19C2349D,28,LOCAL_IP:25, REMOTE_IP:45222,<,QUIT,
2015-02-11T20:22:46.499Z,EPTMAIL10\Internet Receive Connector,08D1C5ED19C2349D,29,LOCAL_IP:25, REMOTE_ip:45222,>,221 2.0.0 Service closing transmission channel,
2015-02-11T20:22:46.499Z,EPTMAIL10\Internet Receive Connector,08D1C5ED19C2349D,30,LOCAL_IP:25, REMOTE_IP:45222,-,,Local
0
Comment
Question by:robertgibson
  • 2
3 Comments
 
LVL 37

Accepted Solution

by:
Jamie McKillop earned 2000 total points
ID: 40605480
Hello,

Ideally, you should have some type of spam filtering device in front of your Exchange server. When that isn't possible, the tarpit feature can help guard against directory harvest spam attacks. The problem, as you have discovered, is that this feature can sometimes have an impact on legitimate email. You really only have three options to deal with this issue.

1. Put a spam filtering device in front of your Exchange servers. This is the preferred solution but there are obviously costs involved.
2. You can create a new receive connector that has this feature turned off and specify the IPs of the senders that are having issues with tarpitting. The main issue with this solution is that it requires a bit of management and anytime the sender's IPs change, you need to update the connector.
3. You can just turn off the tarpitting feature on your current internet receive connector and just accept the possibility that spammers will be able to perform directory harvest.

Personally, my preference would be options 1 then 2 then 3.

-JJ
0
 

Author Comment

by:robertgibson
ID: 40605516
Thanks Jamie.  We do have a Watchguard box that handles some of the SPAM but it definitely isn't near what I would consider an excellent solution. In fact I believe I had better success with the free version of Untangle as far as the SPAM goes. I was thinking of trying to turn the Watchguard SPAM filter off and redirect the email to an Untangle box in a test lab but I just haven't had the time.

Any recommendations as far as SPAM filters?

I will start with option 2 and see how that goes.  I will stay away from option 3 as I still see SPAM email being dropped in the logs Acknowledgement Delay.

Thanks
Rob
0
 
LVL 37

Expert Comment

by:Jamie McKillop
ID: 40605528
For free options Untangled and mailcleaner are good options.

-JJ
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There’s hardly a doubt that Business Communication is indispensable for both enterprises and small businesses, and if there is an email system outage owing to Exchange server failure, it definitely results in loss of productivity.
This article explains how to move an Exchange 2013/2016 mailbox database and logs to a different drive.
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…
Suggested Courses

612 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question