0

I have this very strange problem that I've spent the last 6 weeks googling and researching and trying different things to fix to no avail. Any help would be greatly appreciated.

Our Environment:

We run a single Exchange 2010 server - Latest service pack/fully patched. All clients are Outlook 2013 some running in cache mode, some not. We're in the middle of a swing migration to exchange 2013. We completed the upgrade from 2003 to 2010 and will upgrade to 2013 sometime early next year. We have a sister company - separate email server, domain, namespace, network, etc. However, we have a 2-way transitive trust setup between our two domains. As far as exchange is concerned though it's just another foreign recipient. Each night we run a 3rd party program called GALSync that emails certain user information from us to them and they in turn email us some of their user information. This information is imported into our GAL as mail contacts. This is a hold-over from the 2003 era and i'm not sure there isn't a better way to do this now but for now it is in place and functioning.

The Problem.

Randomly a user will send an email to someone in our sister company and get a 5.1.1 NDR for an x500 address that is completely wrong. It actually replaces the domain portion of the email with our internal domain name. This address does not, nor has ever, existed in our domain.

Example:

User JaneDoe@internalname.com emails JoeSmith@sistercompany.com The NDR shows IMCEAEX-_O=!!OURCOMANY!!_OU=EXCHANGE+20ADMINISTRATIVE+20GROUP+20+28FYDIBOHF23SPDLT+29_CN=RECIPIENTS_CN=JoeSmith1@internalname.com

Notice the "1" after the name and the end and how the @ was changed to our internal name.

JoeSmith@internalname.com, or any variation with a 1 or any other number, has never existed in our company. A powershell search of all mailboxes' and contacts' LegacyExchangeDNS shows it does not exit anywhere in AD.

I reviewed the logs on exchange and the incoming mail from the user has already had the address converted to this non-existent address so I know the conversion is happening before the new mail makes it to the email server.

The user had successfully sent a message to the same recipient a few days earlier and once I cleared the entry out of their auto-complete cache they were able to successfully send again.

This is happening to single users once every couple of days but it keeps happening more and more and happens to senior executives a lot since they are the ones that email our sister company the most.

The issue does not happen with any other address.

Thank you for your time.

Stephen Rushton
  • 1
  • **Things already Tried**: I wrote a script that went through and blew away everybody's auto-complete cache in the entire company thinking the upgrade from 2003 to 2013 outlook clients left some old stale entries somewhere or caused general corruption. The problem "went away" for about 2 weeks and then showed back up. I deleted and recreated all of my offline address books in Exchange due to an article I found through google discussing how the problem is caused by cache mode and auto-complete. – Stephen Rushton Sep 03 '15 at 18:35
  • Every article I found discussing this problem states to simply add the x500 record to the users email box however, these users do not exist in my environment, The ones this happens to that have contacts from galsync already have the correct x500 record and the correct LegacyExchangeDSN on the record. As stated, the x500 record kicked back in the NDR is completely bogus. – Stephen Rushton Sep 03 '15 at 18:35

0 Answers0