Exchange & Outlook UPDATE, Exchange Edition--Greylisting Trips Up Exchange 2003--March 1, 2007

Greylisting is a useful antispam technique, but Exchange 2003 SP2 isn't handling it well. Find out what the problem is and what you can do to solve it.

Paul Robichaux

February 28, 2007

8 Min Read
ITPro Today logo in a gray background | ITPro Today

-------| Exchange & Outlook UPDATE |-------

IN THIS ISSUE
*Commentary: Greylisting Trips Up Exchange 2003
*Exchanging Ideas: Plugging the BlackBerry Support Gap
*New and Improved: Learn How to Plan Your Implementation and Migration to Exchange 2007

++++++++++++++++++++++++++++++++++++++++++++++++++

OUR SPONSORS WHO HELP SUPPORT FREE DELIVERY OF THIS NEWSLETTER:

Webinar: Updating DST for BlackBerry & Exchange
http://www.zenprise.com/lp/bharat_bb_webinar2.aspx

Unified Messaging Deployment for Exchange Server
http://www.goldsys.com/um

The Email Management Crisis
http://www.windowsitpro.com/go/whitepapers/messageone/emailcrisis/?code=EXCHot0301

++++++++++++++++++++++++++++++++++++++++++++++++++

Sponsor: Zenprise

Webinar: Updating DST for BlackBerry & Exchange
This technical Webinar will provide you with step-by-step instructions for updating your BlackBerry and Exchange environment for Daylight Savings Time (DST). More specifically, we will cover: applying Windows OS patches, updating Exchange servers, preparing BES and BlackBerry handhelds for DST, using Timezone Update Tool, and troubleshooting common issues post update (Store not mounting, Resource Mailboxes, Public Folders, BES permissions after updating Exchange). Speaker: Bharat Suneja, Microsoft Exchange MVP and MCT. View On Demand Webinar Now!
http://www.zenprise.com/lp/bharat_bb_webinar2.aspx

++++++++++++++++++++++++++++++++++++++++++++++++++

***COMMENTARY: Greylisting Trips Up Exchange 2003
by Paul Robichaux, Exchange Editor, [email protected]

I'm giving my faithful readers a week off from talking about daylight saving time—although I might have more to say about it next week. Instead, I want to discuss a problem that's recently come to light with Exchange Server 2003 Service Pack 2 (SP2): It doesn't handle greylisting errors gracefully.

If you're not familiar with greylisting, here's a quick primer. You probably know about using whitelists and blacklists for filtering: Whitelists specify senders or connections that you always want to accept mail from, and blacklists (or block lists, as Microsoft calls them) are senders or connections from which you never want to accept mail. A greylist is in between these two extremes: It's a list of senders or connections from which you might not want to accept mail.

Here's how greylisting works. When the sender establishes an SMTP connection to a receiving server that's using greylisting, the receiver accepts the connection and the message. Then the receiver checks the greylist; if the sender name or IP address is on the greylist, the receiver returns an SMTP 4xx error code. You'll recall that the 4xx error code range indicates temporary or transient errors; the intent of these errors in the SMTP specification is that the sender will resend the message after a waiting period. For example, the Exchange Server 2007 transport engine returns a 452 4.3.1 Insufficient system resources error when it has less than 4GB of disk space on the queue drive. That code tells the sender it should try again later; so do the error messages generated by greylist filters. A legitimate sending server pays attention to the error and requeues the message for later delivery, but a spammer just blasts out another copy of the message (thus helping the greylist filter decide to block the IP address altogether.)

When Exchange 2003 sends a message to a server using greylisting, it gets back a 4xx "try again later" code. Instead of waiting a reasonable interval, Exchange tries again after only a few seconds. This attempt generally fails too, and Exchange doesn't try again.

When the message isn't delivered due to greylisting, Exchange should try again later. Sometimes the sending Exchange server generates a nondelivery report (NDR) to the sender indicating that the message failed (which is incorrect), and sometimes it doesn't. The message isn't delivered, and it doesn't appear in any queues. Exchange won't try to redeliver it again until you restart the SMTP service. The message just disappears, except from the sender's Sent Items folder. That makes it tough to troubleshoot the delivery problem.

Luckily, there's a workaround for this problem. Restarting the SMTP service seems to kick stuck messages out for a retry; I've seen several posts in the microsoft.public.exchange.admin newsgroup that talk about scheduling restarts of the SMTP service to ensure that no messages get permanently stuck. This solution is better than nothing, but it's not a good long-term answer.

How would you know if you have this problem in your environment? Well, you might get user reports about messages that are sent but never received, or you might see suspicious NDRs that claim permanent failures from 4xx error codes. If so, you can restart the SMTP service to see if that unblocks the messages. You should also consider opening a support case with Microsoft; doing so will help Microsoft accurately track how prevalent this problem is. If your problem is caused by this particular bug, the support should be provided to you for free.

I wrote about the GRYNX Greylist filter for Exchange 2003 in January ("Troubleshooting with the Fundamentals," January 25, 2007). I'm still a big fan of greylisting as a spam reduction technology, and I hope this small speed bump won't put you off the technology itself.

++++++++++++++++++++++++++++++++++++++++++++++++++

Sponsor: Gold Systems

Unified Messaging Deployment for Exchange Server

Upgrading to Microsoft Exchange Server 2007 with Unified Messaging? Gold Systems can make this transition easy!

UM is a compelling feature of Exchange Server 2007, consolidating voice and data networks into a unified repository. It simplifies life for your employees, and reduces costs for maintaining your voice and data networks.

With 16 years' experience developing and installing voice-based systems in PBX environments, Gold Systems helps customers and partners connect Exchange Server 2007 UM to legacy and IP-based PBX systems.

Call us at 800-988-7798 and say "Sales" or email [email protected].
http://www.goldsys.com/um

++++++++++++++++++++++++++++++++++++++++++++++++++

***EXCHANGING IDEAS

Focus: Plugging the BlackBerry Support Gap

Zenprise adds a module to help Exchange admins keep BlackBerry problems in check.
http://www.windowsitpro.com/Articles/ArticleID/95209/95209.html

------
Have a question? Got answers? Join your peers in the Exchange discussion forums:
http://forums.windowsitpro.com/web/forum/categories.aspx?catid=40&entercat=y
Current Threads:
Hotfix for new DST Rules
Exchange 2003 SP2 NTBackups sporadically failing
Exchange Design Question

------
Don't forget to sound off in our Instant Poll. This month's question is "What collaboration technologies do you use in conjunction with Exchange/Outlook?"
http://www.windowsitpro.com/MicrosoftExchangeOutlook/Index.cfm

~~~~ Hot Spot: ~~~~

The Email Management Crisis
Find out the 7 critical email problems to watch for, and how you can prevent them. Learn how to better manage your email environment including disaster recovery, compliance, data storage, security issues, and managing wireless devices. Download this free white paper today.
http://www.windowsitpro.com/go/whitepapers/messageone/emailcrisis/?code=EXCHot0301

++++++++++++++++++++++++++++++++++++++++++++++++++

***NEW AND IMPROVED
by Blake Eno, [email protected]

Learn How to Plan Your Implementation and Migration to Exchange 2007
Sams Publishing released "Microsoft Exchange Server 2007 Unleashed," a book that helps you plan your implementation and migration to Exchange 2007, confirm that your Exchange 2007 architecture meets best practices, and implement cluster continuous replication (CCR) for effective disaster recovery of a failed Exchange server or site. By reading this book, you'll also learn how to integrate Exchange 2007 Unified Messaging into an existing telephony environment and how to optimize Exchange 2007 for an enterprise environment. The book has a list price of $59.99 but you can purchase it now for $53.99. For more information, contact Sams Publishing.
http://www.samspublishing.com

------
Wanted: your reviews of products you've tested and used in production. Share your experiences and ratings of products to "[email protected]" and get a Best Buy gift certificate.

++++++++++++++++++++++++++++++++++++++++++++++++++

***EVENTS AND RESOURCES

These Windows-related events, papers, and resources will help you keep your knowledge and skills up to date and help you deploy, secure, and maintain the latest Exchange- and Windows-related technologies. For more Exchange related resources, visit
http://www.windowsitpro.com/go/exchangeresources

Prevent installation and execution of unauthorized software on the computers on your network. Download this free white paper today for a comparison of different techniques for detecting and preventing unauthorized code. Protect against emerging risks today!
http://www.windowsitpro.com/go/whitepapers/bit9/lockdown/?code=0219featwp

Do you want to block unwanted or undesirable email? Download this free white paper to learn how to manage the content of messages traveling your network.
http://www.windowsitpro.com/go/whitepapers/stbernard/cleanup/?code=0226e&r

How do you manage security vulnerabilities? If you depend on vulnerability assessments to determine the state of your IT security systems, you can't miss this Web seminar. Special research from Gartner indicates that deeper penetration testing is needed to augment your existing vulnerability management processes. Learn more today!
http://www.windowsitpro.com/go/seminars/coresecurity/vulnerability/?code=0226e&r

Microsoft Exchange Connections
April 1-4, 2007, Hyatt Regency Grand Cypress. Dive into Exchange Server 2007 as Microsoft architects and industry experts present over 45 sessions! Register and reserve your hotel room, and get a FREE hotel room night (three night minimum stay). For more details, call 800-505-1201 or 203-268-3204.
http://www.winconnections.com

===============

One common set of controls can help you manage compliance across multiple regulations and standards. Download this free IDC white paper and find out how to map controls to the appropriate regulations, saving time and expense in demonstrating compliance.
http://www.windowsitpro.com/go/whitepapers/symantec/compliance?code=0226featwp

==== ANNOUNCEMENTS

=====================

Introducing a Unique Exchange and Outlook Resource
Exchange & Outlook Pro VIP is an online information center that delivers new articles every week on topics such as administration, migration, security, and performance. Subscribers also receive tips, cautionary advice, direct access to our editors, and a host of other benefits! Order now at an exclusive charter rate and save up to $50!
https://store.pentontech.com/index.cfm?s=1&promocode=eu2372ue Grab Your Share of the Spotlight!
Nominate yourself or a peer to become IT Pro of the Month. This is your chance to get the recognition you deserve! Winners will receive over $600 in IT resources and be featured in Windows IT Pro. It's easy to enter—we're accepting April nominations now, but only for a limited time! Submit your nomination today:
http://www.windowsitpro.com/go/itpromonth ~~~~ Contact Us ~~~~ About the newsletter -- [email protected]
About technical questions -- http://www.windowsitpro.com/forums
About product news -- [email protected]
About your subscription -- [email protected]
About sponsoring UPDATE -- [email protected]

===============

This email newsletter is brought to you by Exchange & Outlook Pro VIP, the leading source of information for IT professionals managing, securing, optimizing, and migrating Exchange and Outlook. Subscribe today!
https://store.pentontech.com/index.cfm?s=1&promocode=eu205xeb

View the Windows IT Pro Privacy policy at
http://www.windowsitpro.com/AboutUs/Index.cfm?action=privacy

Windows IT Pro a division of Penton Media Inc.
221 East 29th Street, Loveland, CO 80538,
Attention: Customer Service Department

Copyright 2007, Penton Media, Inc. All Rights Reserved.

[This commentary from this article is also posted at http://www.windowsitpro.com/Article/ArticleID/95331/95331.html.

Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like