"Delivery of a message was aborted because it appeared to be an impersonation attempt or unwanted bulk mail. The 821 originator was firstname.lastname@example.org. Either this address or the 822 message triggered this based on TurfTable entries in the registry. The message that caused this was ZZZZZZZZ."
This is an Exchange 5.5 SP4 server running on Win2k server.
We can send e-mail to these users/domains, but all inbound e-mail from them end up in the TurfDir folder.
I am looking for a valid reason why these are being sent to the turfdir and need to know how to allow these messages to be delivered.
What you could try to do is to remove all entries in the message filter list and remove the registry value that creates the path to the turf directory then restart the Internet mail service. This should effectively disable message filtering on your IMC. Now verify, with message filtering removed, that you can receive e-mail from this external domain. If that doesn't work, then this has nothing to do with Exchange 5.5's message filtering. If that does work, then you can go through the process of re-enabling messaging filtering. Hopefully by reinstating the filters fresh it will eradicate whatever is turfing those e-mails.
Do you have comments on this Ask the Expert question and response? Let us know.
Dig Deeper on Spam and virus protection
Related Q&A from Richard Luckett
We're a small company with 200 mailboxes in on-premises Exchange 2013. What could Office 365 do that on-premises Exchange can't?continue reading
When you're stumped on how to track email items following a central mailbox move, fix the dilemma by knowing what happens to items in mailboxes when ...continue reading
You can pull out the big guns to manually remove what's left of your failed Exchange Server from Active Directory, but it's best to consider ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.