Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Error 7010's flooding my event log 1

Status
Not open for further replies.
CoreyWilson

CoreyWilson

IS-IT--Management
Feb 3, 2004
185
CA
Hello everyone,

I know this error relates to mail relaying. We recently upgraded our exchange 2003 sp1 server to windows 2003 server and then updated to exchange sp2. After this upgrade we started seeing these errors. Since yesterday we have been getting a ton of them. I have ensured mail relaying is disabled (it may have actually been turned on though). I have even tested relaying through a telnet session and it is specifically says it cannot relay.

These messages that are coming back with these errors saying'messages cannot be replayed' within the event message body are not old messages that continue to send, even new ones trying to send or coming in are doing this.

I am just wondering why this has happened. Its almost like our server or domain has been blacklisted somehow. The only thing I can contribute to this, and this a real shot in the dark, is that our ISP who happens to host our dns and hence mx record has been having severe problems this week with their service being up and down, leading us to not receive a lot of external emails. I know its a long shot for being related, but all these errors just seem to coincide with the problems our isp has been experiencing this week but I dont know/understand how they could be related.

Your help is greatly appreciated!!
 
Sort by date Sort by votes
For starters post the actual details of the error. An event ID means nothing when different programs can toss the same error code for different reasons.

I hope you find this post helpful.

Regards,

Mark

Check out my scripting solutions at
 
Upvote 0 Downvote
it appears I may have corrected the problem, if i continue to experience it i will post further details.
 
Upvote 0 Downvote
It looks like these errors are reoccuring. The error is as follows:

This is an SMTP protocol log for virtual server ID 1, connection #31. The client at "xxx.xxx.xxx.xxx" sent a "rcpt" command, and the SMTP server responded with "550 5.7.1 Unable to relay for user@domainname.com ". The full command sent was "rcpt TO: <user@domainname.com>". This will probably cause the connection to fail.


I removed the ip address and changed the domain name, but basically these are the errors I am getting. As mentioned I have ensured that mail relaying is disabled. It was not always however before I started here. So I am wondering if these are companies that have us blacklisted.
 
Upvote 0 Downvote
Hi Mark,

Last week we were recieving these messages from tons of different domains. Since this morning it appears to be only a handful of different domains. The same messages and domains keep reappearing, maybe 10 or so different ones. I used the following website: to check our server against known blacklists. Our server was not on any of them. I am not sure how accurate those listings are however.

Aside from contacing the companies directly, do you have any other suggestions of where or what I may be able to look into for this problem?
 
Upvote 0 Downvote
Until you know whether or not your messages are reaching those companies all troubleshootign si based on conjecture. Start with one company and see if the recipient is getting the email and if nto ask to speak with their IS department to work with them.

You will wnat to see if your Domain has an RDNS entry too just to be sure your mail isn't being rejected for that.

I hope you find this post helpful.

Regards,

Mark

Check out my scripting solutions at
 
Upvote 0 Downvote
Okay I am confused here.

Receiving those errors this morning, I opened relaying, and the event log cleared out. Obviously those messages were successfully sent off. I closed relaying again and after a couple minutes my event log is starting to fill with different domain names now.

Running Exchange 2003 SP2 under Exchange System Manager, under the Protocols and the SMTP virtual server, properties, access tab, relay, and radion button 'only list below' is selcted, nothing is in the computers box. allow computers that successfully authenticate to relay is unchecked, under users, authenticated users both submit and relay permissions are checked.

Its my understanding those are the settings that close the server from relaying. I dont know if this makes any difference and I doubt it does. But our MX records are hosted by our isp, which forwards our requests to a third party outside spam filtering service at another company, which redirects the mail to us. Do we need relaying enabled for this solution to work or something?

I am new to this company and was not here when this was configured.
 
Upvote 0 Downvote
Sorry I should clarify, the authenticated users is set to 'allow' submit and relay. our incoming mail is flitered through an outside source spam filtering software then forwarded to our server.
 
Upvote 0 Downvote
You need to determine if the messages are valid or not. Find out WHO is sending the messages and make sure they are valid. You need to dig deeper and determine if a workstation is infected with a SPAM engine or a virus.



I hope you find this post helpful.

Regards,

Mark

Check out my scripting solutions at
 
Upvote 0 Downvote
How do I find who is trying to send the messages just by the event viewer? I have used the message tracking centre in exchange manager and entered the email that displays in the event viewer into the recepient field. Nothing is found, even when extending the search dates longer then necessary.

ideas?
 
Upvote 0 Downvote
I noticed yesterday evening that the previous admin had some domains entered in the address space field under connector properties. I entered the name of some domains that were showing up in the event log with the 7010 error messages just to try and after doing so the errors for those particular domains ceased from displaying the event viewer.

I am trying to understand if this resolved the problem and if so, how? What exactly does the address space option do and how might that have solved the problem?

Your assistance is appreciated.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

A
  • Locked
  • Question
MS Exchange Setup
Replies
0
Views
431
andreegington
A
T
  • Locked
  • Question
How to use third party mail security gateway to scan internal/inter-domain mails in Exchange On-Premise?
Replies
3
Views
3K
DrB0b
DrB0b
PatrickRoggers
  • Locked
  • Helpful tip
Safest Way to Import PST file into Exchange Online
Replies
0
Views
3K
PatrickRoggers
PatrickRoggers
microsGuy16
  • Locked
  • Question
Global Address List Names not showing in Outlook OWA 365
Replies
0
Views
3K
microsGuy16
microsGuy16
Satishkumar007
  • Locked
  • Question
Help needed to recover after complete site failure
Replies
0
Views
3K
Satishkumar007
Satishkumar007

Part and Inventory Search

Sponsor

Back
Top