Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net. The EventId.Net for Splunk Add-on assumes that Splunk is collecting information from Windows servers and workstation via the Splunk Universal Forwarder.
A forward loop has been detected. Mail could not be delivered to contact "<address>" because the target address <address> of the contact points to a local domain <domain>. This is causing 5.4.6 NDRs for the contact.
|English: Request a translation of the event description in plain English.|
Our new user provisioning system had been adding the "targetaddress" attribute to people who had mailboxes. This caused the Categorizer to think that they are both Contacts and Mailbox-enabled Users, and bounced mail thinking that two objects have the same address. We used ADSI Edit with the LDAP query string: (&(objectCategory=user)(samAccountName=*)(mail=*)(targetaddress=*)) to find them all and reset the attribute to null.
This event occurs in the following situation. When two organizations share the same SMTP domain space and in the organization that receives inbound for the domain:
1. You have a recipient policy for domain.com.
2. You have the primary SMTP address of mailbox enabled user objects of domain.com.
3. You have contacts or mail enabled user objects that have a target address attribute value that has the domain.com relay address.
This event is generated when sending to all contacts or mail enabled user objects that have a @domain.com target address value.
Please see the following articles to resolve this problem: ME321721, ME319759, and ME315591.
|Private comment: Subscribers only. See example of private comment|
|Links: ME315591, ME319759, ME321721|
|Search: Google - Bing - Microsoft - Yahoo - EventID.Net Queue (0) - More links...|
Send comments or solutions
- Notify me when updated