NDR with junk email address

It is not uncommon that in Microsoft Exchange environment some times a user to whom uptill yesterday everyone was able to send the email, suddenly all the internal users start to get an NDR (Non Delivery Report) with a junk email address when trying to send email to the person. And If you are unlucky as me then that guy would always be some VVIP of the company ūüôā¬†.

we receive complain like some users are not able to send email to a particular user, and they get NDR as below:

You might notice the user name is hyper linked and when you resolve it by pressing (Ctrl+Click) , new memo opens with junk email id.

Example:

Delivery has failed to these recipients or groups:

Harish Chadda The email address you entered couldn’t be found. Please check the recipient’s email address and try to resend the message. If the problem continues, please contact your helpdesk. Diagnostic information for administrators:

Generating server: CPUNEXCHOTZP14.xyx.itm IMCEAEX-_o=One+20Xyx+20Messaging_ou=Exchange+20Administrative+20Group+20+28FYDIBOHF23 SPDLT+29_cn=Recipients_cn=2b52ff2434754ff6b3ea72e2f0465c42-Vij@xyx.com Remote Server returned ‘550 5.1.1 RESOLVER.ADR.ExRecipNotFound; not found’

Cause:

If you go behind the scene, you will find the tech team is not completely innocent in the case, some thing weird happened last night the original mailbox was deleted for the user and a new mailbox was created with the same SMTP address or something similar happened.

This issue occurs because the value for the LegacyExchangeDN attribute changed. The auto-complete cache in Microsoft Outlook and in Microsoft Outlook Web App (OWA) uses the value of the LegacyExchangeDN attribute to route email messages internally. If the value changes, the delivery of email messages may fail with a 5.1.1 NDR. For example, the recipient address in the NDR resembles the following:

Background

Prior to Exchange 2000, X500 address used to be mater address for internal mail communication, from Exchange 2000, Exchange relies on Active Directory for user management and this X500 address is now saved as LegacyExchangeDN, primarily for backward compatibility.

Still this address is used as master address for internal communication. it allows mail to be delivered to the proper location even if the object is moved, renamed, or even if the SMTP address is changed.
The format of the legacyExchangeDN is:
/o=Organization/ou=Exchange Administrative group/cn=Recipients/cn=user

You might have noticed, when sending internal e-mails, Outlook resolves the object from the global address book and show the display name of the object. Behind the scenes, Outlook is actually looking up the legacyExchangeDN and using that to address the message. Even if you put the SMTP address of the object in the ‚ÄĚTo‚ÄĚ field, Outlook will resolve that to the legacyExchangeDN before sending. When you send an email, Outlook adds the recipients to the Outlook cache, which is used for the auto-complete as you start typing an address. The cached copy of internal recipients contains the legacyExchangeDN value as the object‚Äôs address. When you reply to any messages in your Inbox, which were sent from an internal mailbox, you are replying to the legacyExchageDN value.

There are two common scenarios where this occurs. The first is when a mail-enabled object is deleted from Active Directory and a new object is created with the intention to take its place. An example of when this might occur is if a contact exists to route email to an external mailbox and that mailbox is now being brought into Exchange. The administrator deletes the contact, creates the new mailbox with the same display name and ensures SMTP addresses that were on the contact are added to the new mailbox. Not long after, users start complaining about receiving the following NDR:

Solutions

There can be two solutions for this:

1: you can delete the cache entry from user’s Outlook and resolve the recipient from GAL, but this is an end user activity, if multiple users are impacted then it needs to be performed for all of them.

Delete the autocomplete entry from all the users cache who are unable to send email to problem user

Delete the autocomplete entry from all the users cache who are unable to send email to problem user

2:  Make the non-existing LegacyExchangeDN as the valid one, I mean to say add the LegacyExchangeDn to intended recipient:

Copy the junk email address and convert is as per below steps and add the new X500 address to the intended recipient’s email list.

 

Updating X500 address converted from NDR into problem users mailbox

Updating X500 address converted from NDR into problem users mailbox

To create an X500 proxy address for the old LegacyExchangeDN attribute for the user, make the following changes based on the recipient address in the NDR:

  • Replace any underscore character (_) with a slash character (/).
  • Replace “+20” with a blank space.
  • Replace¬†“+28” with an¬†opening parenthesis character.
  • Replace¬†“+29” with a¬†closing parenthesis character.
  • Delete the “IMCEAEX-” string.
  • Delete the “@xyz.com” string.
  • Add “X500:” at the beginning.

After you make these changes, the proxy address for the example in the “Symptoms” section resembles the following:
X500:/O=MMS/OU=EXCHANGE ADMINISTRATIVE GROUP (FYDIBOHF23SPDLT)/CN=RECIPIENTS/CN=User-addd-4b03-95f5-b9c9a421957358d

Note¬†The most common items will be replaced. However, there may be other symbols in the¬†LegacyExchangeDN¬†attribute that will also be changed from the way that they appear in the NDR. Generally, any character pattern of “+##” must be replaced with the corresponding ASCII symbol.

Keep reading our articles for more issues and solutions, also feel free to start a thread on our forum to seek support with new issues.

The following two tabs change content below.
%d bloggers like this: