Repeat receipts of identical email

[Sleestak]

We have a small network with a single server on which I am using Microsoft Exchange Server 2003.
A couple of my clients have been receiving repeated deliveries of the same email. The emails that are repeated come from widely varying sources, so I do not suspect the senders to be the problem.
Has anyone ever heard of this? I have 11 people with Outlook clients on their computers but only two users are experiencing this phenomenon. Perhaps I have a setting in Exchange that is incorrect, but I haven't been able to determine which one it is.
Please help if you can.


- Mike

 

[EQ Admin]

Hi Mike,

I have several questions that can be used to start narrowing down the problem and find a solution.

First, what do the logs on the exchange server say?

• Are you really sending multiple copies or making multiple attempts to send e-mails?
• Is a problem causing exchange to think mails are not sent successfully causing it to retry?

If you are sending multiple messages is there something on your users workstations causing duplicates? For example, do they have a McAfee or Norton (any AV scanner) on their workstation that is scanning outgoing e-mail and causing the local e-mail client to send duplicate e-mails into your exchange server? Anything else that is or would resemble a "stuck outbox" problem? Less likely, do any of your users have address books that map a contact to duplicate addresses?

If you are making multiple attempts at outbound connections is there anything in your network that could be causing the problem?

• A pix firewall that needs no fixup protocol smtp 25 enabled?
• An Anti-spam or Anti-Virus scanner intermittently timing out?
• A proxy server or device in the network causing intermittent dropped connections?
• The remote end dropping the connection early due to improper reverse DNS for the IP/NAT of your exchange server?

Are you able to get the full e-mail headers from a pair of duplicate messages on the receiving end? If you are, please post both them here so we can help you analyze them if needed. Is there a mail admin on the receiving end who can check their logs and check for the same network issues such as the pix firewall issue mentioned above? Since you mentioned the problem is happening for multiple destinations it sounds like the problem is closer to home for your server than theirs, but it can't hurt to take a few minutes and ask the clients the same questions.

If these questions don't reveal the actual problem it should get us close to the source of the trouble.

-Raymond

 

[yukon]

Sleestak:

I'm sorry I didn't get to answering you sooner, I've been out of the country on my honeymoon.

There are really a few reasons / methods that cause this type of problem. In my past experience they have all been directly related to connectivity. Basically in a POP scenario a user's email doesn't get marked as downloaded (and then removed from the mailbox in most cases) until a successful hangup is received by the server. Example 1 works as follows: User A begins to check their mail, POP starts sending mail to Outlook (or any other POP client), session is interrupted - next mail is downloaded they get the same messages -> this artificially produces multiple copies of the same message in the user's mailbox. Example 2: User B has not listened to their wizened IT staff and has attempted to setup Outlook on their own. They in fact have the same account setup 2x, and are retrieving messages both via RCP (Exchange's default / proprietary protocol actually runs over RCP) and POP. Both are on timers, I think 5 minutes by default. POP downloads a copy of the message that has entered the mailbox since the last time RCP checked in, RCP checks and gets the same message -> voila two copies same email.

Advise:
1. Check your users connectivity -> run large continuous pings to your mail server. Everything should be on the same LAN and this should be very fast and with no dropped packets. (lookup ping syntax for Windows:
How To Diagnose and Test TCP/IP or NetBIOS Network Connections in Windows Server 2003
http://support.microsoft.com/kb/314067
Command-line utilities
2. Investigate duplicates, do they tend do be larger emails only? This would also point to a network problem
3. Check the account configs in those user's email settings. I've also seen once or twice a couple of users who forwarded mail to another account, then checked both accounts from the same email client and wondered why they got two copies of everything that was sent to only one of the addesses.