Event ID 4006 / 4007 - The SMTP verb which caused the error is 'MAIL'.

[bee...@gmail.com]

Hi,

I'm experiencing problems with my w2k3 standard etd.
IIS has been installed and several websites are running.

There has been a virtual smtp server installed with relay access
granted to a few ip adresses AND the localhost.
Access has been given to everybody (anonomous).
So, no mailserver has been installed on this server and i'm getting
several messages in the eventlog.
a few examples:

Message delivery to the host 'xxxxxxxxxx' failed while delivering to
the remote domain 'xxx.com' for the following reason: An SMTP protocol
error occurred.
The SMTP verb which caused the error is 'MAIL'. The response from
the remote server is '451 4.1.8 Domain of sender address
nor...@domain.com does not resolve.
Event id = 4007

or

Message delivery to the host 'xxxxxxxxxx' failed while delivering to
the remote domain 'xxxxx.com' for the following reason: The connection
was dropped by the remote host.
Event id = 4006

Does anybody knows 'what' the problem is. Spam? Or perhaps a problem
in the software?

[John Xie]

Hi,

Those event logs were generated by your SMTP virtual server which tries to
send out NDRs to remote mail servers.

Why NDRs? I believe that you have some internal romote domains configured in
your SMTP virtual server, when spamers try to send spam to your remote domain
through your smtp server which is not a email relay, your smtp server will
accept those spam email and trys to send to your internal remote domain, and
got refused by your internal email server, so your smtp server has to generat
NDRs to inform the sender.

I don't know if we can turn off NDr at the smtp virtual server.