[ExchangeList] Re: Sharing SMTP namespace

  • From: "Simon Butler" <simon@xxxxxxxxxxxx>
  • To: <exchangelist@xxxxxxxxxxxxx>
  • Date: Wed, 3 Jan 2007 20:52:54 -0000

The messages will queue and Exchange will try to send them. 
Once you "fix" the problem (that you caused) Exchange will then deliver
the messages again. It may take a few minutes before Exchange notices
that the problem has been resolved, but it will send them on eventually.

I wouldn't leave it broken for too long, just in case something comes
in. If the message flow is high enough then it shouldn't take very long
to spot the accounts. As you move them simply repeat the process over a
number of days until the queue is clear for a couple of hours. Anything
left then shouldn't really matter. 


From: exchangelist-bounce@xxxxxxxxxxxxx
[mailto:exchangelist-bounce@xxxxxxxxxxxxx] On Behalf Of Frank
Sent: 03 January 2007 20:32
To: exchangelist@xxxxxxxxxxxxx
Subject: [ExchangeList] Re: Sharing SMTP namespace

I like this idea, and I've used it other places, and for "deferring"
inbound mail for other reasons on our perimeter email security
appliances.  Don't know why it didn't occur earlier.
Will Exchange know that it can/has-to retry delivery once the
destination is set to a good or bad destination?

Simon Butler <simon@xxxxxxxxxxxx> wrote:

        In that case, why not use the "shake the tree" method (as in
shake the tree and see what falls out). 
        Route the traffic to invalid hosts. Exchange will then queue the
emails because the host is invalid. Then view the contents of the
queues. Patterns will quickly become noticeable allowing you to spot
what hasn't been moved. When you know, set it back so that email flows
again. Repeat to capture anything new. 


        From: exchangelist-bounce@xxxxxxxxxxxxx
[mailto:exchangelist-bounce@xxxxxxxxxxxxx] On Behalf Of Frank
        Sent: 03 January 2007 17:56
        To: exchangelist@xxxxxxxxxxxxx
        Subject: [ExchangeList] Re: Sharing SMTP namespace
        Its not as bad as all that, but you did hit some valid points.
This one unix host is responsible for one domain for a small company.
The admin who left was their Notes admin and arranged maintenance for
this one sendmail host. Both the Notes adn Sendmail server will be
powered off in the next week or so, as soon as the user migrations to
our Enterprise Exchange 2003 solution is completed.  I'm looking for
straggling shared mailboxes and utility email accounts that may be under
the radar of the user migrations.  All of these servers are several
layers in from the Internet perimeter, which we DO own and control
        Meanwhile, back at the (HQ) ranch, I'd like to be able to peek
at what is not resolving in AD and being routed thru the SMTP connector
set up to share the name space.
        "Taylor, George" <GTaylor@xxxxxxxx> wrote:

                Dude, you have a serious problem, so ignore looking at
log trends right now, your routing is the very least of your worries.
You host 185 seperate domains!!!!!! and don't have access to your Unix
boxes?????  Someone who quit or was terminated DOES have access?????
Probably not just Unix, that user I'm sure has access to a domain admin
account as well.  
                Number 1, buy some kneepads, cuz your gonna be on your
knees begging for your customer's forgivness.  Then, using whatever
means needed, get back controller of your network, (go as far as hiring
a hacker to get it back for you if needed) once you have control secure
it properly.  That includes hiring a consultant to hack your network and
show you where all the backdoors are, and believe me they are there!!
Password changes policies, when an Admin leaves all accounts that have
power get their passwords changed within a short period of time, we go
30 minutes.
                Now that you have your network back take a look at the
logs and hope to continue getting a paycheck.
                George Taylor
                Systems Programmer
                Regional Health Inc.


                From: Frank [mailto:fhardwic@xxxxxxxxx] 
                Sent: Wednesday, January 03, 2007 8:03 AM
                To: exchangelist@xxxxxxxxxxxxx
                Subject: [ExchangeList] Re: Sharing SMTP namespace
                Thanks, and I agree.
                The easiest WOULD be to look thru the sendmail logs, IF
I could get access to them.  The admin of those machines left the
company, and took with him passwords that would provide access.  Thats
why I'm looking for a "view" into the traffic via Exchange.  I'm also
the Unix/Sendmail guy for the Enterprise, but not for that remote
business unit that was purchased.
                Jon Spriggs <jon@xxxxxxxxxxxxxx> wrote:

-------------------------------------------------------I'm not hugely
knowledgeable about Exchange (part of the reason I
                        joined this list), but from a Unix perspective,
probably the easiest
                        thing to do would be to setup a cron job on the
sendmail servers to
                        mail you the rotated logs on a daily basis. This
should be fairly easy
                        to setup. I'll see if anyone suggests an
exchange way of doing it
                        easier, and if not, I'll knock together a small
script for you.
                        On 1/3/07, Frank wrote:
                        > Our enterprise hosts 185 SMTP domains,
including a few that that belong to
                        > companies acquired over the past couple of
years. We've implemented the
                        > SMTP domain namespace sharing as referenced in
this kb article
                        > http://support.microsoft.com/kb/321721 with
good success.
                        > My challenge is, now that we are folding these
all into one centralized
                        > cluster, I need to be able to see what mail is
still be routed out through
                        > the SMTP connectors to the legacy sendmail
servers. The sendmail admins are
                        > no longer with the company, so looking at
those logs will be dificult at
                        > best. I need to be able to see, on the
Exchange 2000/2003 side, what emails
                        > are being routed to those downstream hosts.
                        > Suggestions?
                        > Frank Hardwick
                        > Enterprise Messaging
                        > Do You Yahoo!?
                        > Tired of spam? Yahoo! Mail has the best spam
protection around
                        > http://mail.yahoo.com
                        List Archives:
                        MSExchange Newsletter:
                        MSExchange Articles and Tutorials:
                        MSExchange Blogs: http://blogs.msexchange.org/ 
                        Visit TechGenix.com for more information about
our other sites:
                        To unsubscribe visit
                        Report abuse to listadmin@xxxxxxxxxxxxxx 

                Do You Yahoo!?
                Tired of spam? Yahoo! Mail has the best spam protection
                ***Note: The information contained in this message,
including any attachments, may be privileged, confidential, and
protected from disclosure. If the reader of this message is not the
intended recipient, or an employee or agent responsible for delivering
this message to the intended recipient, you are hereby notified that any
dissemination, distribution or copying of this communication is strictly
prohibited. If you have received this communication in error, please
notify the Sender immediately by a "reply to sender only" message and
destroy all electronic or paper copies of the communication, including
any attachments.

        Do You Yahoo!?
        Tired of spam? Yahoo! Mail has the best spam protection around 

Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around 

Other related posts: