Event Id | 2444 |
Source | MSExchangeMSMI |
Description | Message ID <xxxxxxxx> processed from INQUEUE From: [encapsulated X.400<listserv subscription alias>@<domain>] To: <network name>/<po name>/POSTMASTER |
Event Information | According to Microsoft: This is expected behavior from Microsoft Mail and from the Microsoft Exchange PCMTA service. If the message is not delivered to the recipient, the message is NDRd.The problem occurs when the NDR message gets delivered to the list server. The message is now from Microsoft Mails POSTMASTER to the list server. When the list server receives this email, it is parsed and interpreted as malformed subscription request instead of an NDR. Since the message does not contain the proper syntax for list server "subscription", the list server responds to the email with a new message, typically including instructions and syntax for the proper way to join a list.Once the Internet email domain that is the source of the loop has been identified, the IMC, IMS, or firewall host can be configured to refuse mail from the specific host until the Microsoft Mail file problem is remedied. For the Microsoft Exchange Server, version 5.0 IMS, the IMS Properties, Connections, Accept or Reject by Host, can be configured to reject connections based on IP address. If using an intermediary host between Microsoft Exchange Server and the Internet, consult that hosts documentation for information regarding forced connection rejection. 1. Create a POSTMASTER account on every Microsoft Mail post office so that the message can be delivered. Maintain these mailboxes to ensure they dont fill up. 2. Create a Microsoft Exchange mailbox to receive the mail. The mailbox should have a Microsoft Mail proxy address created for *each* Microsoft Mail PO. An example is NETWORK/PO1/POSTMASTER. Adding this for each PO as a proxy on the Microsoft Exchange mailbox will enable the list servers mail to be delivered. |
Reference Links | XFOR: Looping Message from Microsoft Mail to Inet List Server |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.