Man, it feels like just the other day I was talking about patches from Microsoft breaking mail flow in Exchange 2007 environments… oh wait, it was just the other day. The latest one revolves around Update Rollup 7 for Exchange SP1. Prepare yourself, this is sweet.
The problem first manifested itself as a 5.4.0 NDR (The destination server for this recipient could not be found in Domain Name Service) when replying to messages of users on the newly updated Exchange server. After further investigation of the original email, the reply to address looked like this: Joe User IMCEAEX-_O=LocalDomain_OU=EXCHANGE+20ADMINISTRATIVE+20GROUP+20+
28FYDIBOHF45SPDLT+29_CN=RECIPIENTS_CNfirstname.lastname@example.org. Well, it doesn’t take a genius to know that “this ain’t gonna work”. I’ll save you the boring troubleshooting details, but I eventually found this article from Microsoft which outlines the issues I was having, and then stumbled upon this little jewel where a certain Ananth Ramanathan from Microsoft states that this is a known issue, and will be fixed in the next Update Rollup (note that as of the writing of this article, the Microsoft KB 969690 linked above has no fix associated with it). Uhhhh… huh? It won’t be fixed until the next UR (supposedly to be released in the middle of May)?
All is not lost. In the same forum linked above, Andy Grogan from telnetport25.com posted this article on a possible work around. For all you Exchange 2007 administrators, give this a shot and let him know what you think. Unfortunately for my case though, we’re talking about a hosted solution and Andy’s fix won’t work for our environment. I’m never too happy about uninstalling patches to fix a problem created by the patch, but in this instance it was a must. It has been suggested though that adding the CAS and HUB servers to the “Windows-based Hosting Service Accounts” group (remember we’re talking about hosted Exchange here, normal Exchange environments need not apply) would also resolve the issue. I’ll give this a shot and report back when I have an appropriate maintenance window to test (curiously it didn’t happen in the dev environment), until then… Happy Uninstalling! =)
– Dan Thompson