Thread: Outlook Express causes timeout when retrieving some messages by pop3
View Single Post
  #1  
Old December 26th 06, 10:03 PM posted to microsoft.public.exchange.admin,microsoft.public.exchange2000.admin,microsoft.public.exchange2000.general,microsoft.public.outlookexpress.general,microsoft.public.windows.inetexplorer.ie6_outlookexpress
SammyBar
external usenet poster
  
Posts: 2
Default Outlook Express causes timeout when retrieving some messages by pop3
Hi,

I heve been experiencing a problem with pop3 service within exchange 2000
sp3 running on a windows 2000 sp4 server. There are some malformed emails
that causes the pop3 session with Outlook Express clients to timeout
resulting the clients destinations of such messages are uncapable to
retrieve any more messages. he workaround we use is to login to the mailbox
by using Outlook Web Access, then delete the offending message. These
messages are mainly spam and/or viruses but it have been valid messages also
with this problem. Note this is a kind of denial of service, but only the
destination account results denied. The overall server works as expected.
The W2K server is automatically updated to the latest security patches. The
exchange server was updated to the "after sp3 rollup update".
We use Panda ExchangeSecure from Enterprisecure suite for fighting virus
and spam on the mail server. I don't know is it the origin of the
malformation of the messages. The fact is we are running Panda
ExchangeSecure for some years without major problems and this strange
behaviour started in the last year. But now it becomes more and more
frequent. Just today I was affected (again) by the problem and I made a
telnet pop3 session to clarify the problem. I was able to retrieve both the
good and the bad mail without problems. Testing with Mozilla Thunderbird it
was able also to receive this particular message but there were other cases
when even Thunderbird timed out.

Any suggestion to fight this problem is welcomed.
Thanks in advance
Sammy

The Oulook Express timeout error number is 0x800CCC19

The pop3 session: The first message is a good one. The second cause timeout
when retrieving from Outlook Express 6.

+OK Microsoft Exchange 2000 POP3 server version 6.0.6603.0 (xxx.xxx.xxx
..mx) ready.
user xxxx
+OK
pass xxxx
+OK User successfully logged on.
list
+OK 2 2783
1 2000
2 783
..
get
-ERR Protocol error.
retr 1
+OK
Received: from ns.mexwebspace.com ([200.47.159.109]) by xxx.xxx.xxx.mx
with Microsoft SMTPSVC(5.0.2195.6713);
Tue, 26 Dec 2006 09:16:25 -0600
Received: by ns.mexwebspace.com (Postfix, from userid 816)
id 384B816C8465; Tue, 26 Dec 2006 09:13:01 -0600 (CST)
Received: from ventas5 (unknown [189.135.21.127])
by ns.mexwebspace.com (Postfix) with ESMTP id A5DF816C8461;
Tue, 26 Dec 2006 09:12:54 -0600 (CST)
Message-ID: 000e01c72900$cbb19460$c505a8c0@ventas5
From: "xxx xxx"
To: "Lic. xxx xxx"
Subject:
=?iso-8859-1?Q?Elevaci=F3n_de_privilegios_a_trav=E9s_de_CSRSS _en_Micros
of?=
=?iso-8859-1?Q?t_Windows_?=
Date: Tue, 26 Dec 2006 09:16:12 -0600
MIME-Version: 1.0
Content-Type: text/plain;
format=flowed;
charset="iso-8859-1";
reply-type=original
Content-Transfer-Encoding: 8bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.3028
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3028
X-PostfixSecure-Antispam: valid
Return-Path:
X-OriginalArrivalTime: 26 Dec 2006 15:16:25.0392 (UTC)
FILETIME=[CF0E7B00:01C729
00]
X-ExchangeSecure-AntiSpam: valid(2)

Elevaciūn de privilegios a travÚs de CSRSS en Microsoft Windows

Se ha desvelado una vulnerabilidad en la forma en la que el proceso
CSRSS (Client/Server Runtime Server Subsystem) procesa mensajes
HardError (en un Message Box).

Esta vulnerabilidad permite a usuarios autenticados ejecutar cūdigo
arbitrario en el proceso CSRSS.EXE y elevar a privilegios de la cuenta
SYSTEM. Se ven afectados los sistemas Windows 2000, XP, 2003 y
Vista. Microsoft ha reconocido la existencia del problema.

No existe parche oficial. Se recomienda no dar acceso a los sistemas
a usuarios no confiables.

Mßs informaciūn:

New report of a Windows vulnerability
http://blogs.technet.com/msrc/archiv...lity.aspx.retr 2+OKReceived: from localhost ([209.71.90.122]) by xxx.xxx.xxx.mx with Microsoft SMTPSVC(5.0.2195.6713); Tue, 26 Dec 2006 10:09:14 -0600Message-ID: 000001c72907$3986e480$0100007f@localhost From: "Ramesh To: Subject:=?utf-8?B?W1NQQU1d?= - Microsoft 0ffice 2OO7 & Adobe Acrobat 8 Pro 79$ at Stacy's amazingsoft Date:Tue, 26 Dec 2006 11:01:35 -0500 X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: MICR0S0FT Outlook, Build 10.0.3416 Importance: Normal X-MimeOLE: Produced ByMICR0S0FT MimeOLE V6.00.2800.150 X-ExchangeSecure-AntiSpam: spam(96) Content-Type: text/plain; charset="utf-8" Content-Disposition: inline Panda Antivirus haencontrado vulnerabilidad en el mensaje http://www.pandasoftware.es .quit+OK Microsoft Exchange 2000 POP3 server version 6.0.6603.0 signing off.
Ads