My IIS SMTP proxy is spamming a user with DSNs. How to stop it?

RobB-2332 1 Reputation point
2021-06-08T17:44:41.12+00:00

My use an IIS SMTP server to intercept emails from SharePoint 2013, insert headers and footers in the body, then forward to a corporate SMTP server for delivery to users.

There is 1 particular user that is receiving thousands of emails from the SP SMTP server. It appears an initial email from SP SMTP receives an out-of-office reply, then tries to send a delivery status notification (failure) back. The user has turned off OOO and I confirmed by sending the user an email from my personal account.

The OutboundMail folder is very busy sending the user DSNs.

The Badmail folder is so full of the failed DSNs that we had to schedule a job to delete all items every hour lest the hard drive fill up and bring down the server.

Other emails from workflows and alerts are being dropped, I think because of this flood.

The IIS SMTPSVC1 logs look like this:
00:00:00 1.2.3.39 EHLO – 250
00:00:00 1.2.3.39 MAIL – 250
00:00:00 1.2.3.39 RCPT – 452
00:00:00 1.2.3.39 QUIT - 240

How can I turn off DSN? Can I block emails to this specific user?

IIS v7.5

Internet Information Services
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. RobB-2332 1 Reputation point
    2022-10-06T20:14:46.537+00:00

    I resolved this issue by blacklisting the Exchange server that was serving the DNSs. No one should be using my IIS SMTP server except my SharePoint environment, so this is no issue.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.