none
Recipient Filtering no longer working Ex 2010 SP1

    Question

  • I was having an issue with backscatter, so I wanted to lock down incoming mail messages to only allow good email addresses.  I have a hub transport server and no Edge server.  I have Symantec for anti-spam running on the server as well.  Last night, I ran the script to install the anti-spam agent and enabled recipient validation.  I then checked by telneting to the server and I think I was able to verify that it was not allowing me to send email to an invalid recipient ( It gave me an ok on the rcpt to email address, but gave me 550 5.7.1 Message rejected as spam by Content Filtering once I finished the email ).  I am checking now, and it is allowing me to send to invalid recipients.

    Questions:

    If I got the "250 recipient ok" message the first time, but "Message rejected" at the end of the test email, does this indicate that it may have been working correctly last night?

    If it was working last night, and is not now, what can I do to figure out what is not working correctly?

     

    Get-RecipientFilterConfig:


    RunspaceId                 : 473dbf18-36ff-424c-8574-20912a35733c
    Name                       : RecipientFilterConfig
    BlockedRecipients          : {}
    RecipientValidationEnabled : True
    BlockListEnabled           : False
    Enabled                    : True
    ExternalMailEnabled        : True
    InternalMailEnabled        : False
    AdminDisplayName           :
    ExchangeVersion            : 0.1 (8.0.535.0)
    DistinguishedName          : CN=RecipientFilterConfig,CN=Message Hygiene,CN=Transport Settings,CN=Domain,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=domain,DC=com
    Identity                   : RecipientFilterConfig
    Guid                       : ced3e498-1f6f-4ff4-8d56-fa469b571039
    ObjectCategory             : domain.com/Configuration/Schema/ms-Exch-Message-Hygiene-Recipient-Filter-Config
    ObjectClass                : {top, msExchAgent, msExchMessageHygieneRecipientFilterConfig}
    WhenChanged                : 9/19/2011 12:49:54 PM
    WhenCreated                : 5/7/2010 12:57:38 PM
    WhenChangedUTC             : 9/19/2011 4:49:54 PM
    WhenCreatedUTC             : 5/7/2010 4:57:38 PM
    OrganizationId             :
    OriginatingServer          : DC2.domain.com
    IsValid                    : True

    Monday, September 19, 2011 5:06 PM

All replies

  • On Mon, 19 Sep 2011 17:06:10 +0000, willzzzzzzzzzz wrote:
     
    >
    >
    >I was having an issue with backscatter, so I wanted to lock down incoming mail messages to only allow good email addresses. I have a hub transport server and no Edge server. I have Symantec for anti-spam running on the server as well. Last night, I ran the script to install the anti-spam agent and enabled recipient validation. I then checked by telneting to the server and I think I was able to verify that it was not allowing me to send email to an invalid recipient ( It gave me an ok on the rcpt to email address, but gave me 550 5.7.1 Message rejected as spam by Content Filtering once I finished the email ).
     
    Content filtering isn't the same as recipient filtering
     
    >I am checking now, and it is allowing me to send to invalid recipients.
    >
    >Questions:
    >
    >If I got the "250 recipient ok" message the first time, but "Message rejected" at the end of the test email, does this indicate that it may have been working correctly last night?
     
    No.
     
    >If it was working last night, and is not now, what can I do to figure out what is not working correctly?
     
    In the EMC:
    Organization Configuration -> Hub Transport -> Anti-Spam -> Recipient
    Filtering -> Blocked Recipients -> Block messages sent to recipients
    not . . .
     
    Try your test from a machine that's not in the set of IP addresses
    you've configured in the Transport Settings or using a Receive
    Connector that has "Externally Secured" selected on the Permissions
    tab.
     
    ---
    Rich Matheisen
    MCSE+I, Exchange MVP
     

    --- Rich Matheisen MCSE+I, Exchange MVP
    Monday, September 19, 2011 11:53 PM
  • Rich,

    I have all but Recipient Filtering disabled in Anti-Spam tab.

    In Recipient Filtering Properties, "Block messages sent to recipients that do not exist in the directory" is checked.  The second check box of "Block messages sent to the following recipients" is not checked.

    In my main receive connector that is in use for my firewall, in the Authentication tab, I only had TLS selected.  I tried with this setting and with Externally Secured as well, and still I get a "250 recipient ok".

    I have no IP addresses set in the Message Delivery tab in the Transport Settings Properties.

    Any other suggestions?

    Thanks again,

    William

    Tuesday, September 20, 2011 12:35 AM
  • On Tue, 20 Sep 2011 00:35:12 +0000, willzzzzzzzzzz wrote:
     
    >
    >
    >Rich,
    >
    >I have all but Recipient Filtering disabled in Anti-Spam tab.
    >
    >In Recipient Filtering Properties, "Block messages sent to recipients that do not exist in the directory" is checked. The second check box of "Block messages sent to the following recipients" is not checked.
    >
    >In my main receive connector that is in use for my firewall, in the Authentication tab, I only had TLS selected. I tried with this setting and with Externally Secured as well, and still I get a "250 recipient ok".
     
    If the Receive Connector is defined as Externally Secured it certainly
    isn't going to apply any content or recipient filtering to inbound
    messages -- why should it if you trust it?
     
    >I have no IP addresses set in the Message Delivery tab in the Transport Settings Properties.
    >
    >Any other suggestions?
     
    Well, I forgot to ask you if the Recipient Filtering agent is enabled.
    If it isn't, enable it. If it is, have a look at the permissions
    assigned to the connector and make sure it doesn't have anything
    unexpected, like "ms-Exch-Bypass-Anti-Spam".
     
    Get-ReceiveConnector "<connector>" | Get-ADPermission
     
    ---
    Rich Matheisen
    MCSE+I, Exchange MVP
     

    --- Rich Matheisen MCSE+I, Exchange MVP
    Tuesday, September 20, 2011 2:18 AM
  • Rich,

    Recipient Filtering has been enabled this entire time.

    Attached are some screen shots from the GUI.

    Tuesday, September 20, 2011 9:15 PM
  • And some more shots...

    Tuesday, September 20, 2011 9:16 PM
  • And some output from Get-ReceiveConnector Firewall-Relay |Get-ADPermission | format-list

    I have limited the list to anything with "ms-Exch" in it.  I don't see anything that would keep this filter from working, but that is just me.

     

    User                : INMAIL\Delegated Setup
    Identity            : MAIL01\Firewall-Relay
    Deny                : True
    AccessRights        : {CreateChild, DeleteChild}
    IsInherited         : True
    Properties          :
    ChildObjectTypes    : {ms-Exch-Public-MDB}
    InheritedObjectType :
    InheritanceType     : All

    User                : INMAIL\Organization Management
    Identity            : MAIL01\Firewall-Relay
    Deny                : False
    AccessRights        : {ExtendedRight}
    IsInherited         : True
    Properties          :
    ChildObjectTypes    :
    InheritedObjectType : ms-Exch-Exchange-Server
    InheritanceType     : Descendents

    User                : INMAIL\Public Folder Management
    Identity            : MAIL01\Firewall-Relay
    Deny                : False
    AccessRights        : {ExtendedRight}
    IsInherited         : True
    Properties          :
    ChildObjectTypes    :
    InheritedObjectType : ms-Exch-Exchange-Server
    InheritanceType     : Descendents

    User                : NT AUTHORITY\SYSTEM
    Identity            : MAIL01\Firewall-Relay
    Deny                : False
    AccessRights        : {ExtendedRight}
    IsInherited         : True
    Properties          :
    ChildObjectTypes    :
    InheritedObjectType : ms-Exch-Exchange-Server
    InheritanceType     : Descendents

    User                : NT AUTHORITY\Authenticated Users
    Identity            : MAIL01\Firewall-Relay
    Deny                : True
    AccessRights        : {ReadProperty}
    IsInherited         : True
    Properties          : {ms-Exch-Availability-User-Password}
    ChildObjectTypes    :
    InheritedObjectType : ms-Exch-Availability-Address-Space
    InheritanceType     : Descendents

    User                : INMAIL\Organization Management
    Identity            : MAIL01\Firewall-Relay
    Deny                : False
    AccessRights        : {ExtendedRight}
    IsInherited         : True
    Properties          :
    ChildObjectTypes    :
    InheritedObjectType :
    InheritanceType     : All

    User                : INMAIL\Public Folder Management
    Identity            : MAIL01\Firewall-Relay
    Deny                : False
    AccessRights        : {ExtendedRight}
    IsInherited         : True
    Properties          :
    ChildObjectTypes    :
    InheritedObjectType :
    InheritanceType     : All

    User                : INMAIL\Organization Management
    Identity            : MAIL01\Firewall-Relay
    Deny                : False
    AccessRights        : {ExtendedRight}
    IsInherited         : True
    Properties          :
    ChildObjectTypes    :
    InheritedObjectType :
    InheritanceType     : All

    User                : INMAIL\Public Folder Management
    Identity            : MAIL01\Firewall-Relay
    Deny                : False
    AccessRights        : {ExtendedRight}
    IsInherited         : True
    Properties          :
    ChildObjectTypes    :
    InheritedObjectType :
    InheritanceType     : All

    User                : INMAIL\Organization Management
    Identity            : MAIL01\Firewall-Relay
    Deny                : False
    AccessRights        : {ExtendedRight}
    IsInherited         : True
    Properties          :
    ChildObjectTypes    :
    InheritedObjectType :
    InheritanceType     : All

    User                : INMAIL\Public Folder Management
    Identity            : MAIL01\Firewall-Relay
    Deny                : False
    AccessRights        : {ExtendedRight}
    IsInherited         : True
    Properties          :
    ChildObjectTypes    :
    InheritedObjectType :
    InheritanceType     : All

    User                : INMAIL\Organization Management
    Identity            : MAIL01\Firewall-Relay
    Deny                : False
    AccessRights        : {ExtendedRight}
    IsInherited         : True
    Properties          :
    ChildObjectTypes    :
    InheritedObjectType :
    InheritanceType     : All

    User                : INMAIL\Public Folder Management
    Identity            : MAIL01\Firewall-Relay
    Deny                : False
    AccessRights        : {ExtendedRight}
    IsInherited         : True
    Properties          :
    ChildObjectTypes    :
    InheritedObjectType :
    InheritanceType     : All

    User                : INMAIL\Organization Management
    Identity            : MAIL01\Firewall-Relay
    Deny                : False
    AccessRights        : {ExtendedRight}
    IsInherited         : True
    Properties          :
    ChildObjectTypes    :
    InheritedObjectType :
    InheritanceType     : All

    User                : INMAIL\Public Folder Management
    Identity            : MAIL01\Firewall-Relay
    Deny                : False
    AccessRights        : {ExtendedRight}
    IsInherited         : True
    Properties          :
    ChildObjectTypes    :
    InheritedObjectType :
    InheritanceType     : All

    User                : INMAIL\Organization Management
    Identity            : MAIL01\Firewall-Relay
    Deny                : False
    AccessRights        : {ExtendedRight}
    IsInherited         : True
    Properties          :
    ChildObjectTypes    :
    InheritedObjectType :
    InheritanceType     : All

    User                : INMAIL\Public Folder Management
    Identity            : MAIL01\Firewall-Relay
    Deny                : False
    AccessRights        : {ExtendedRight}
    IsInherited         : True
    Properties          :
    ChildObjectTypes    :
    InheritedObjectType :
    InheritanceType     : All

    User                : INMAIL\Organization Management
    Identity            : MAIL01\Firewall-Relay
    Deny                : False
    AccessRights        : {ExtendedRight}
    IsInherited         : True
    Properties          :
    ChildObjectTypes    :
    InheritedObjectType :
    InheritanceType     : All

    User                : INMAIL\Public Folder Management
    Identity            : MAIL01\Firewall-Relay
    Deny                : False
    AccessRights        : {ExtendedRight}
    IsInherited         : True
    Properties          :
    ChildObjectTypes    :
    InheritedObjectType :
    InheritanceType     : All

    User                : INMAIL\Organization Management
    Identity            : MAIL01\Firewall-Relay
    Deny                : False
    AccessRights        : {ExtendedRight}
    IsInherited         : True
    Properties          :
    ChildObjectTypes    :
    InheritedObjectType :
    InheritanceType     : All

    User                : INMAIL\Public Folder Management
    Identity            : MAIL01\Firewall-Relay
    Deny                : False
    AccessRights        : {ExtendedRight}
    IsInherited         : True
    Properties          :
    ChildObjectTypes    :
    InheritedObjectType :
    InheritanceType     : All

    User                : INMAIL\Organization Management
    Identity            : MAIL01\Firewall-Relay
    Deny                : False
    AccessRights        : {ExtendedRight}
    IsInherited         : True
    Properties          :
    ChildObjectTypes    :
    InheritedObjectType :
    InheritanceType     : All

    User                : INMAIL\Public Folder Management
    Identity            : MAIL01\Firewall-Relay
    Deny                : False
    AccessRights        : {ExtendedRight}
    IsInherited         : True
    Properties          :
    ChildObjectTypes    :
    InheritedObjectType :
    InheritanceType     : All

    User                : INMAIL\Organization Management
    Identity            : MAIL01\Firewall-Relay
    Deny                : False
    AccessRights        : {ExtendedRight}
    IsInherited         : True
    Properties          :
    ChildObjectTypes    :
    InheritedObjectType :
    InheritanceType     : All

    User                : INMAIL\Public Folder Management
    Identity            : MAIL01\Firewall-Relay
    Deny                : False
    AccessRights        : {ExtendedRight}
    IsInherited         : True
    Properties          :
    ChildObjectTypes    :
    InheritedObjectType :
    InheritanceType     : All

    User                : INMAIL\Organization Management
    Identity            : MAIL01\Firewall-Relay
    Deny                : False
    AccessRights        : {ExtendedRight}
    IsInherited         : True
    Properties          :
    ChildObjectTypes    :
    InheritedObjectType :
    InheritanceType     : All

    User                : INMAIL\Public Folder Management
    Identity            : MAIL01\Firewall-Relay
    Deny                : False
    AccessRights        : {ExtendedRight}
    IsInherited         : True
    Properties          :
    ChildObjectTypes    :
    InheritedObjectType :
    InheritanceType     : All

    User                : INMAIL\Organization Management
    Identity            : MAIL01\Firewall-Relay
    Deny                : False
    AccessRights        : {ExtendedRight}
    IsInherited         : True
    Properties          :
    ChildObjectTypes    :
    InheritedObjectType :
    InheritanceType     : All

    User                : INMAIL\Public Folder Management
    Identity            : MAIL01\Firewall-Relay
    Deny                : False
    AccessRights        : {ExtendedRight}
    IsInherited         : True
    Properties          :
    ChildObjectTypes    :
    InheritedObjectType :
    InheritanceType     : All

    User                : INMAIL\Exchange Servers
    Identity            : MAIL01\Firewall-Relay
    Deny                : False
    AccessRights        : {WriteProperty}
    IsInherited         : True
    Properties          : {Group-Type}
    ChildObjectTypes    :
    InheritedObjectType :
    InheritanceType     : All

    User                : INMAIL\Exchange Servers
    Identity            : MAIL01\Firewall-Relay
    Deny                : False
    AccessRights        : {WriteProperty}
    IsInherited         : True
    Properties          : {ms-Exch-Owning-Server}
    ChildObjectTypes    :
    InheritedObjectType :
    InheritanceType     : All

    User                : INMAIL\Exchange Servers
    Identity            : MAIL01\Firewall-Relay
    Deny                : False
    AccessRights        : {WriteProperty}
    IsInherited         : True
    Properties          : {ms-Exch-Mailbox-Security-Descriptor}
    ChildObjectTypes    :
    InheritedObjectType :
    InheritanceType     : All

    User                : INMAIL\Exchange Servers
    Identity            : MAIL01\Firewall-Relay
    Deny                : False
    AccessRights        : {WriteProperty}
    IsInherited         : True
    Properties          : {ms-Exch-UM-Server-Writable-Flags}
    ChildObjectTypes    :
    InheritedObjectType :
    InheritanceType     : All

    User                : INMAIL\Exchange Servers
    Identity            : MAIL01\Firewall-Relay
    Deny                : False
    AccessRights        : {WriteProperty}
    IsInherited         : True
    Properties          : {ms-Exch-Database-Created}
    ChildObjectTypes    :
    InheritedObjectType :
    InheritanceType     : All

    User                : INMAIL\Exchange Servers
    Identity            : MAIL01\Firewall-Relay
    Deny                : False
    AccessRights        : {WriteProperty}
    IsInherited         : True
    Properties          : {ms-Exch-User-Culture}
    ChildObjectTypes    :
    InheritedObjectType :
    InheritanceType     : All

    User                : INMAIL\Exchange Servers
    Identity            : MAIL01\Firewall-Relay
    Deny                : False
    AccessRights        : {WriteProperty}
    IsInherited         : True
    Properties          : {ms-Exch-Site-Folder-GUID}
    ChildObjectTypes    :
    InheritedObjectType :
    InheritanceType     : All

    User                : INMAIL\Exchange Servers
    Identity            : MAIL01\Firewall-Relay
    Deny                : False
    AccessRights        : {WriteProperty}
    IsInherited         : True
    Properties          : {ms-Exch-Mobile-Mailbox-Flags}
    ChildObjectTypes    :
    InheritedObjectType :
    InheritanceType     : All

    User                : INMAIL\Exchange Servers
    Identity            : MAIL01\Firewall-Relay
    Deny                : False
    AccessRights        : {WriteProperty}
    IsInherited         : True
    Properties          : {ms-Exch-Site-Folder-Server}
    ChildObjectTypes    :
    InheritedObjectType :
    InheritanceType     : All

    User                : INMAIL\Exchange Servers
    Identity            : MAIL01\Firewall-Relay
    Deny                : False
    AccessRights        : {WriteProperty}
    IsInherited         : True
    Properties          : {ms-Exch-Safe-Recipients-Hash}
    ChildObjectTypes    :
    InheritedObjectType :
    InheritanceType     : All

    User                : INMAIL\Exchange Servers
    Identity            : MAIL01\Firewall-Relay
    Deny                : False
    AccessRights        : {WriteProperty}
    IsInherited         : True
    Properties          : {ms-Exch-EDB-Offline}
    ChildObjectTypes    :
    InheritedObjectType :
    InheritanceType     : All

    User                : INMAIL\Exchange Servers
    Identity            : MAIL01\Firewall-Relay
    Deny                : False
    AccessRights        : {WriteProperty}
    IsInherited         : True
    Properties          : {ms-Exch-UM-Dtmf-Map}
    ChildObjectTypes    :
    InheritedObjectType :
    InheritanceType     : All

    User                : INMAIL\Exchange Servers
    Identity            : MAIL01\Firewall-Relay
    Deny                : False
    AccessRights        : {WriteProperty}
    IsInherited         : True
    Properties          : {ms-Exch-Blocked-Senders-Hash}
    ChildObjectTypes    :
    InheritedObjectType :
    InheritanceType     : All

    User                : INMAIL\Exchange Servers
    Identity            : MAIL01\Firewall-Relay
    Deny                : False
    AccessRights        : {WriteProperty}
    IsInherited         : True
    Properties          : {ms-Exch-Patch-MDB}
    ChildObjectTypes    :
    InheritedObjectType :
    InheritanceType     : All

    User                : INMAIL\Exchange Servers
    Identity            : MAIL01\Firewall-Relay
    Deny                : False
    AccessRights        : {WriteProperty}
    IsInherited         : True
    Properties          : {ms-Exch-Public-Delegates}
    ChildObjectTypes    :
    InheritedObjectType :
    InheritanceType     : All

    User                : INMAIL\Exchange Servers
    Identity            : MAIL01\Firewall-Relay
    Deny                : False
    AccessRights        : {WriteProperty}
    IsInherited         : True
    Properties          : {ms-Exch-UM-Spoken-Name}
    ChildObjectTypes    :
    InheritedObjectType :
    InheritanceType     : All

    User                : INMAIL\Exchange Servers
    Identity            : MAIL01\Firewall-Relay
    Deny                : False
    AccessRights        : {WriteProperty}
    IsInherited         : True
    Properties          : {ms-Exch-UM-Pin-Checksum}
    ChildObjectTypes    :
    InheritedObjectType :
    InheritanceType     : All

    User                : INMAIL\Exchange Servers
    Identity            : MAIL01\Firewall-Relay
    Deny                : False
    AccessRights        : {WriteProperty}
    IsInherited         : True
    Properties          : {Legacy-Exchange-DN}
    ChildObjectTypes    :
    InheritedObjectType :
    InheritanceType     : All

    User                : INMAIL\Exchange Servers
    Identity            : MAIL01\Firewall-Relay
    Deny                : False
    AccessRights        : {WriteProperty}
    IsInherited         : True
    Properties          : {ms-Exch-Safe-Senders-Hash}
    ChildObjectTypes    :
    InheritedObjectType :
    InheritanceType     : All

    User                : INMAIL\Exchange Servers
    Identity            : MAIL01\Firewall-Relay
    Deny                : False
    AccessRights        : {GenericRead}
    IsInherited         : True
    Properties          :
    ChildObjectTypes    :
    InheritedObjectType : ms-Exch-Site-Addressing
    InheritanceType     : Descendents

    User                : INMAIL\Exchange Domain Servers
    Identity            : MAIL01\Firewall-Relay
    Deny                : False
    AccessRights        : {GenericAll}
    IsInherited         : True
    Properties          :
    ChildObjectTypes    :
    InheritedObjectType : ms-Exch-Site-Addressing
    InheritanceType     : Descendents

    User                : Everyone
    Identity            : MAIL01\Firewall-Relay
    Deny                : False
    AccessRights        : {GenericRead}
    IsInherited         : True
    Properties          :
    ChildObjectTypes    :
    InheritedObjectType : ms-Exch-Public-MDB
    InheritanceType     : Descendents

    User                : NT AUTHORITY\ANONYMOUS LOGON
    Identity            : MAIL01\Firewall-Relay
    Deny                : False
    AccessRights        : {GenericRead}
    IsInherited         : True
    Properties          :
    ChildObjectTypes    :
    InheritedObjectType : ms-Exch-Public-MDB
    InheritanceType     : Descendents

    User                : Everyone
    Identity            : MAIL01\Firewall-Relay
    Deny                : False
    AccessRights        : {GenericRead}
    IsInherited         : True
    Properties          :
    ChildObjectTypes    :
    InheritedObjectType : ms-Exch-Private-MDB
    InheritanceType     : Descendents

    User                : NT AUTHORITY\ANONYMOUS LOGON
    Identity            : MAIL01\Firewall-Relay
    Deny                : False
    AccessRights        : {GenericRead}
    IsInherited         : True
    Properties          :
    ChildObjectTypes    :
    InheritedObjectType : ms-Exch-Private-MDB
    InheritanceType     : Descendents

    Tuesday, September 20, 2011 9:19 PM
  • On Tue, 20 Sep 2011 21:16:26 +0000, willzzzzzzzzzz wrote:
     
    >And some more shots...
     
    When you perfrom your test, have you checked the SMTP Receive protocol
    log to verify that you're connecting to the right Receive Connector?
    The connector name is part of the recorded information.
     
    ---
    Rich Matheisen
    MCSE+I, Exchange MVP
     

    --- Rich Matheisen MCSE+I, Exchange MVP
    Tuesday, September 20, 2011 11:45 PM
  • Using Message Tracking Utility... I can see where the email connection is using the "Firewall-Relay" connector.  Along with this, I see a Recipient status of "554 5.4.4 SMTPSEND.DNS.MxLoopback; DNS records for this domain are configured in a loop" with the eventID of Fail and source of DNS.  I have looked into this and have created an internal send connector, such as suggested on this link (http://social.msdn.microsoft.com/Forums/en/wspentsupport/thread/a1c0b561-5539-4917-a47a-d0784a378717), and it did not seem to help.  Email will flow through fine if it is a good email address, but will get stuck in the queue if not, and will be trying to hit the loopback address 127.0.0.1.
    Thursday, September 22, 2011 8:00 PM
  • On Thu, 22 Sep 2011 20:00:16 +0000, willzzzzzzzzzz wrote:
     
    >Using Message Tracking Utility... I can see where the email connection is using the "Firewall-Relay" connector.
     
    Message tracking logs aren't SMTP protocol logs. They'll show you an
    event, but they don't show you the SMTP conversation. If you have
    recipient filtering enabled and reject addresses that aren't in your
    AD then you should see a 5XX status when the RCPT TO command is
    received.
     
    >Along with this, I see a Recipient status of "554 5.4.4 SMTPSEND.DNS.MxLoopback; DNS records for this domain are configured in a loop" with the eventID of Fail and source of DNS.
     
    How many Send Connectors do you have? Are any of them set as some sort
    of relay?
     
    >I have looked into this and have created an internal send connector, such as suggested on this link (http://social.msdn.microsoft.com/Forums/en/wspentsupport/thread/a1c0b561-5539-4917-a47a-d0784a378717), and it did not seem to help.
     
    If you not a hoster, why would you want to follow that advice???
     
    E-mail sent between Hub Transport servers uses a dynamic send
    connector. It's not something you can configure or control. You can,
    however, create SMTP protocol logs for them:
    "set-transportserver <server> -IntraOrgConnectorProtocolLoggingLevel
    Verbose"
     
    >Email will flow through fine if it is a good email address, but will get stuck in the queue if not, and will be trying to hit the loopback address 127.0.0.1.
     
    MxLoopback isn't an IP address. It's refering to a problem with DNS
    and/or your Accepted Domains, and maybe some miscongifured Send
    Connector that has your own domain in its address space.
     
    ---
    Rich Matheisen
    MCSE+I, Exchange MVP
     

    --- Rich Matheisen MCSE+I, Exchange MVP
    Thursday, September 22, 2011 11:29 PM
  • Hi Rich,

    I am running into a similar problem in a customer installation. Has this issue ever been resolved? I already deinstalled/reinstalled  the AntiSpam Agents. No luck. Screenshots look like those of willzzzzzzzzzz. I was not able to find any unusual AD rights. There is only one receiver listening on 25 so that's the one being used. Any ideas on how to continue debugging this?

     

     

    Kind regards,

       JP

    Monday, November 14, 2011 12:32 PM
  • After spending tons of time and finally deciding to post here, the answer struck me minutes after hitting "Submit". The "AddressBookEnabled" Flag was not set for this one particular domain (no clue why). All is fine now. Thanks anyways.

    Monday, November 14, 2011 12:46 PM
  • I'm experiencing the exact same probelm. Checking the "Block messages sent to recipients that do not exist in the directory" is not functioning. Neither is blocking messages sent to a specific recipient; I just did this for testing, don't actually need it.

    Any suggestions?
    How do I set the flag for AddressBookEnabled? Maybe this is my problem as well.

    Saturday, October 20, 2012 9:36 PM