• RSS
  • Twitter
  • FaceBook

Exchange Server Forums

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

SMTP connector set to FWD to smarthost, not always FWDing

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [Microsoft Exchange 2003] >> Message Routing >> SMTP connector set to FWD to smarthost, not always FWDing Page: [1]
Login
Message << Older Topic   Newer Topic >>
SMTP connector set to FWD to smarthost, not always FWDing - 26.Apr.2010 11:06:21 AM   
ilovebsod

 

Posts: 35
Joined: 20.Sep.2007
Status: offline
our current email set up consists of 1 Exchange backend, 1 Exchange frontend & a 3rd party spam filter (all hosted on separate hardware). The exchange frontend is set as our bridgehead and we have our SMTP connector set to FWD email to a smart host (our spam filter).

99% of outbound mail routes properly (from backend to frontend to spam filter), but sporatically a few emails will be sent directly from the backend to the destination (external mail host).

there seems to be no correlation between the destinations and both our frontend and smarthost are fully available when this occurs.

any thoughts or ideas on what to look for?

thanks in advance.
Post #: 1
RE: SMTP connector set to FWD to smarthost, not always ... - 26.Apr.2010 11:36:06 AM   
uemurad

 

Posts: 8232
Joined: 7.Jan.2004
From: California, USA
Status: offline
How are you confirming the route these rogue messages are taking?

Are those messages being created by Email client software (i.e. Outlook) or some other process/application?

What does Message Tracking say about the rogue message?

What does the SMTP log on the BE say about the rogue message? On the FE?

_____________________________

Regards,

Dean T. Uemura
Microsoft MVP - Exchange (2007-2011)
exchangeguy.blogspot.com
uemurad@yahoo.com

(in reply to ilovebsod)
Post #: 2
RE: SMTP connector set to FWD to smarthost, not always ... - 26.Apr.2010 1:13:17 PM   
ilovebsod

 

Posts: 35
Joined: 20.Sep.2007
Status: offline
our net eng reported that our Cisco ASA was seeing traffic from our BE going to external destinations. Tracking the message on the BE shows it being delivered to the external party's mail system w/ no mention of either our FE or the smarthost.

smtp logs on the BE show the message transmission, no mention of the message in the FE smtp logs.

these messages are being created in Outlook 2003 clients.

(in reply to uemurad)
Post #: 3
RE: SMTP connector set to FWD to smarthost, not always ... - 26.Apr.2010 1:49:41 PM   
uemurad

 

Posts: 8232
Joined: 7.Jan.2004
From: California, USA
Status: offline
If you're sure it originated in Outlook and went through Exchange, then look at all of your SMTP connectors, and your SMTP Virtual Servers for routes. How many of each do you have defined?

Is your smarthost (FE) defined in the VS, or Connector, or both?

_____________________________

Regards,

Dean T. Uemura
Microsoft MVP - Exchange (2007-2011)
exchangeguy.blogspot.com
uemurad@yahoo.com

(in reply to ilovebsod)
Post #: 4
RE: SMTP connector set to FWD to smarthost, not always ... - 26.Apr.2010 2:45:17 PM   
ilovebsod

 

Posts: 35
Joined: 20.Sep.2007
Status: offline
our BE and FE each have 1 VS. we have 1 SMTP connector. the smarthost is defined in the connector, not either of the VS. should the smarthost be defined in the VS? I thought being defined in the SMTP connector was all that was needed.

ideally we want the mail from our BE to route to our FE (our virus scan is running on this) then to our smarthost. 99% of mail does this, to insure all mail does should I defind the FE DNS entry in the BE's VS and then our smarthost's DNS entry in the FE's VS? if so, should I remove the smarthost DNS from the SMTP connector?

(in reply to uemurad)
Post #: 5
RE: SMTP connector set to FWD to smarthost, not always ... - 26.Apr.2010 4:21:08 PM   
uemurad

 

Posts: 8232
Joined: 7.Jan.2004
From: California, USA
Status: offline
It should work with the smarthost listed in the Connector. Just to confirm, the Address Space field just has a star in it?

Again, just to be sure, use Message Tracking on one of the messages that bypassed your FE. Does it actually name the recipient system?

Next, look at the SMTP log for that same message. Did your server communicate with the recipient system directly?

Have you restarted the Exchange services (or rebooted) since entering the smarthost configuration?

_____________________________

Regards,

Dean T. Uemura
Microsoft MVP - Exchange (2007-2011)
exchangeguy.blogspot.com
uemurad@yahoo.com

(in reply to ilovebsod)
Post #: 6
RE: SMTP connector set to FWD to smarthost, not always ... - 26.Apr.2010 4:57:35 PM   
ilovebsod

 

Posts: 35
Joined: 20.Sep.2007
Status: offline
the address space field in the SMTP connect does have a *

In the message tracking is does actually show the recipient system

The SMTP logs on the BE do show communication with the recipient system

(in reply to uemurad)
Post #: 7
RE: SMTP connector set to FWD to smarthost, not always ... - 26.Apr.2010 5:10:56 PM   
uemurad

 

Posts: 8232
Joined: 7.Jan.2004
From: California, USA
Status: offline
Okay - go through the Connector configuration pages - Here are the default settings

Content Restrictions
  Allowed priorities [all checked]
  Allowed types [all checked]
  Allowed sizes [unchecked]
Delivery Options
  Always run
  Use different delivery times [unchecked]
Delivery Restrictions
  By default, messages from everyone are: [accepted]

Does that match your Connector (the other pages don't matter)?

< Message edited by uemurad -- 27.Apr.2010 1:09:14 AM >


_____________________________

Regards,

Dean T. Uemura
Microsoft MVP - Exchange (2007-2011)
exchangeguy.blogspot.com
uemurad@yahoo.com

(in reply to ilovebsod)
Post #: 8
RE: SMTP connector set to FWD to smarthost, not always ... - 26.Apr.2010 5:22:29 PM   
ilovebsod

 

Posts: 35
Joined: 20.Sep.2007
Status: offline
everything matches, however on the Delivery Restrictions tab under the 'Reject messages from' section 'noexternalemail' is listed. I'm not sure if that makes any difference since 'Accepted' is definitely ticked


(in reply to uemurad)
Post #: 9
RE: SMTP connector set to FWD to smarthost, not always ... - 27.Apr.2010 1:08:31 AM   
uemurad

 

Posts: 8232
Joined: 7.Jan.2004
From: California, USA
Status: offline
So the question is, are the "rogue" messages from users in that list?

_____________________________

Regards,

Dean T. Uemura
Microsoft MVP - Exchange (2007-2011)
exchangeguy.blogspot.com
uemurad@yahoo.com

(in reply to ilovebsod)
Post #: 10
RE: SMTP connector set to FWD to smarthost, not always ... - 27.Apr.2010 10:07:07 AM   
ilovebsod

 

Posts: 35
Joined: 20.Sep.2007
Status: offline
it turns out that's a legacy group no longer used. there are no users in it.

the users from which the rogue emails are coming are seemingly random with little commonality.

(in reply to uemurad)
Post #: 11
RE: SMTP connector set to FWD to smarthost, not always ... - 27.Apr.2010 11:42:07 AM   
uemurad

 

Posts: 8232
Joined: 7.Jan.2004
From: California, USA
Status: offline
You've got me scratching my head about why the messages are going out directly - I'm still working on that.

If the messages are a concern, I'd suggest that you have your firewall group block outbound TCP 25 traffic to all outside IP addresses so they can't bypass your other systems.

_____________________________

Regards,

Dean T. Uemura
Microsoft MVP - Exchange (2007-2011)
exchangeguy.blogspot.com
uemurad@yahoo.com

(in reply to ilovebsod)
Post #: 12
RE: SMTP connector set to FWD to smarthost, not always ... - 27.Apr.2010 12:03:13 PM   
ilovebsod

 

Posts: 35
Joined: 20.Sep.2007
Status: offline
my concern with blocking smtp on the firewall from our BE is that these are valid emails from our sales people. if the message doesn't get delivered it could mean a lost sale.

would specifying a smarthost on the BE's VS not be advisable?

(in reply to uemurad)
Post #: 13
RE: SMTP connector set to FWD to smarthost, not always ... - 27.Apr.2010 12:26:53 PM   
uemurad

 

Posts: 8232
Joined: 7.Jan.2004
From: California, USA
Status: offline
quote:

would specifying a smarthost on the BE's VS not be advisable?
Sorry - didn't realize that was an outstanding question. Yes - you can configure the smarthost in the VS. I was trying to understand and resolve the underlying issue (the geek in me wouldn't let me see beyond the immediate problem). That will most likely mask the other issue, meaning it stop sending things directly to outside systems.

_____________________________

Regards,

Dean T. Uemura
Microsoft MVP - Exchange (2007-2011)
exchangeguy.blogspot.com
uemurad@yahoo.com

(in reply to ilovebsod)
Post #: 14
RE: SMTP connector set to FWD to smarthost, not always ... - 27.Apr.2010 2:56:25 PM   
ilovebsod

 

Posts: 35
Joined: 20.Sep.2007
Status: offline
I too would like to figure out the cause of the rogue emails.

(in reply to uemurad)
Post #: 15
RE: SMTP connector set to FWD to smarthost, not always ... - 28.Apr.2010 4:15:54 AM   
listers@live.com

 

Posts: 138
Joined: 13.Jun.2009
Status: offline
Hard nut to crack neh! Just to back up uemurad maybe restricking traffic to only the FE might help you when the mail bounce back might have some indications on why. Just my thought.

(in reply to ilovebsod)
Post #: 16

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [Microsoft Exchange 2003] >> Message Routing >> SMTP connector set to FWD to smarthost, not always FWDing Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts


Follow TechGenix on Twitter