Announcement

Collapse
No announcement yet.

OOF Auto Reply "Loops" when addressed to internal invalid recipients

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • OOF Auto Reply "Loops" when addressed to internal invalid recipients

    Has anyone had this problem in the past and resolved?

    Steps to reproduce:

    I added an SMTP Connector to route mail through a designated smart host. Previously I had no SMTP connectors configured.


    The following scenario happens:

    1- A NULL (Fake/Invalid) internal sender sends an email to an internal recipient (we have many of these in our organization that send mail, generally from a service or application, however, it's also a concern for spoofing sender addresses)

    2- If the internal recipient has their out of office enabled, it responds to the null sender

    The auto response addressed to the null sender causes a continuous loop (verified through message tracker).


    Message Tracker Shows:


    SMTP: Store Driver: Message Submitted from Store
    SMTP: Message Submitted to Advanced Queuing
    SMTP: Started Message Submission to Advanced Queue
    SMTP: Message Submitted to Categorizer
    SMTP: Message Categorized and Queued for Routing
    SMTP: Message Queued for Local Delivery
    SMTP: Message Delivered Locally to invalid address @ internal domain .com
    SMTP: Store Driver Submitted Message to MTA
    SMTP: Store Driver: Message sumitted from Store
    SMTP: Message Submitted to Advanced Queuing
    SMTP: Started Message Submission to Advanced Queue
    SMTP: Message Submitted to Categorizer
    SMTP: Message Categorized and Queued for Routing
    SMTP: Message Queued for Local Delivery
    SMTP: Message Delivered Locally to invalid address @ internaldomain .com
    ** The above "loop" repeats approximately 6 times per minute.

    Problems:

    -There is no NDR generated

    - The transaction log grows at an exponential rate as more and more "loops are created by users who have their out of office enabled and begin auto replying to the null senders.

    - Additional CPU, memory and swap space is consumed.

    - After a period of time, the mailstore dismounts for unknown cause - possibly due to file space, memory resources unavailable, cpu unavailable...

    Temporary Resolution:

    When the connector is deleted, the message sender immediately receives an NDR that the message was unable to be delivered and the "loop" stops.

    Environment:

    Server 2003 R2 Standard SP2

    Exchange 2003 Enterprise

  • #2
    Re: OOF Auto Reply "Loops" when addressed to internal invalid recipients

    Exchange is meant to detect message loops... are you on the latest SP/patch level for 2003?

    Another thing is going wrong is that Out of Office is only meant to send one message per sender.

    I can only think there is something odd about the address that Exchange 2003 doesn't like. Workarounds would be either

    1. Create a mailbox for each fake address with a rule which auto-deletes incoming mail

    2. Fake the domain in your fake address aswell, so have a fake domain in your internal DNS with a fake MX record pointing to a non-routable IP address. Then you'll only get a bounce-back after 48 hours of it trying to find the fake mail server.

    Comment


    • #3
      Re: OOF Auto Reply "Loops" when addressed to internal invalid recipients

      Thank you for your reply,

      I'm not sure message "loop" is the right way to describe the problem, it's not exactly looping (as in sending back and forth), it's continuously going through the same few steps, but, yes, we are on the latest SP.

      I've considered making a mailbox to accept messages addresses to add each null sender. However, this doesn't work as a solution for me because of spoofing. Essentially anyone can fake a sender address as internal and it would start this continuous traffic on our mail server (which quickly brings it down unexpectedly if we don't notice.)
      For this reason, I've only been setting up the connector when troubleshooting.

      A similar reason would apply to faking the domain, I can do that to combat the known null senders, however, we leave ourselves open to spoofing internal addresses.

      Comment


      • #4
        Re: OOF Auto Reply "Loops" when addressed to internal invalid recipients

        Seems like the message categorizer is malfunctioning as it shouldn't be trying to deliver the message at all since it should recognise the address as being non-existent. Try ramping up the logging on the message categorizer and see if you can spot anything there. Also double-check your SMTP Connector settings.

        See if this has an affect (taken from support.microsoft.com/?id=315631):

        Create an additional SMTP virtual server.
        Configure the default SMTP virtual server to forward all the mail with unresolved recipients to the new virtual server:
        In Exchange System Manager, click the default SMTP virtual server.
        On the Action menu, click Properties.
        Click the Messages tab, and then type the IP address (in square brackets []) in the Forward all mail with unresolved recipients to host box.
        Click OK or Apply to save the setting.
        The configure the new virtual server to drop the messages or forward to unknown smart host.

        Also run the Exchange Best Practices Analyser tool to see if it comes up with anything: http://www.microsoft.com/en-us/downl....aspx?id=22485

        Sorry I can't give a straightforward solution, but sounds like a weird one.

        Comment

        Working...
        X