Thread: Outlook Express causes timeout when retrieving some messages by pop3
View Single Post
  #3  
Old December 27th 06, 02:22 AM posted to microsoft.public.exchange.admin,microsoft.public.exchange2000.admin,microsoft.public.exchange2000.general,microsoft.public.outlookexpress.general,microsoft.public.windows.inetexplorer.ie6_outlookexpress
Michael Santovec
external usenet poster
  
Posts: 2,875
Default Outlook Express causes timeout when retrieving some messages by pop3
Are you Outlook Express clients up-to-date? There have been some
security updates from tome to time dealing with malformed headers.

And who is reporting the time out? The client or the server?

And are the client PCs running any anti-spam or anti-virus set to scan
e-mail? If so, either of those could cause the time out.

--

Mike - http://pages.prodigy.net/michael_santovec/techhelp.htm


"SammyBar" wrote in message
...
Hi,

I heve been experiencing a problem with pop3 service within exchange
2000 sp3 running on a windows 2000 sp4 server. There are some
malformed emails that causes the pop3 session with Outlook Express
clients to timeout resulting the clients destinations of such messages
are uncapable to retrieve any more messages. he workaround we use is
to login to the mailbox by using Outlook Web Access, then delete the
offending message. These messages are mainly spam and/or viruses but
it have been valid messages also with this problem. Note this is a
kind of denial of service, but only the destination account results
denied. The overall server works as expected. The W2K server is
automatically updated to the latest security patches. The exchange
server was updated to the "after sp3 rollup update".
We use Panda ExchangeSecure from Enterprisecure suite for fighting
virus and spam on the mail server. I don't know is it the origin of
the malformation of the messages. The fact is we are running Panda
ExchangeSecure for some years without major problems and this strange
behaviour started in the last year. But now it becomes more and more
frequent. Just today I was affected (again) by the problem and I made
a telnet pop3 session to clarify the problem. I was able to retrieve
both the good and the bad mail without problems. Testing with Mozilla
Thunderbird it was able also to receive this particular message but
there were other cases when even Thunderbird timed out.

Any suggestion to fight this problem is welcomed.
Thanks in advance
Sammy

The Oulook Express timeout error number is 0x800CCC19

The pop3 session: The first message is a good one. The second cause
timeout when retrieving from Outlook Express 6.

+OK Microsoft Exchange 2000 POP3 server version 6.0.6603.0
(xxx.xxx.xxx
.mx) ready.
user xxxx
+OK
pass xxxx
+OK User successfully logged on.
list
+OK 2 2783
1 2000
2 783
.
get
-ERR Protocol error.
retr 1
+OK
Received: from ns.mexwebspace.com ([200.47.159.109]) by xxx.xxx.xxx.mx
with Microsoft SMTPSVC(5.0.2195.6713);
Tue, 26 Dec 2006 09:16:25 -0600
Received: by ns.mexwebspace.com (Postfix, from userid 816)
id 384B816C8465; Tue, 26 Dec 2006 09:13:01 -0600 (CST)
Received: from ventas5 (unknown [189.135.21.127])
by ns.mexwebspace.com (Postfix) with ESMTP id A5DF816C8461;
Tue, 26 Dec 2006 09:12:54 -0600 (CST)
Message-ID: 000e01c72900$cbb19460$c505a8c0@ventas5
From: "xxx xxx"
To: "Lic. xxx xxx"
Subject:
=?iso-8859-1?Q?Elevaci=F3n_de_privilegios_a_trav=E9s_de_CSRSS _en_Micros
of?=
=?iso-8859-1?Q?t_Windows_?=
Date: Tue, 26 Dec 2006 09:16:12 -0600
MIME-Version: 1.0
Content-Type: text/plain;
format=flowed;
charset="iso-8859-1";
reply-type=original
Content-Transfer-Encoding: 8bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.3028
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3028
X-PostfixSecure-Antispam: valid
Return-Path:
X-OriginalArrivalTime: 26 Dec 2006 15:16:25.0392 (UTC)
FILETIME=[CF0E7B00:01C729
00]
X-ExchangeSecure-AntiSpam: valid(2)

Elevaciūn de privilegios a travÚs de CSRSS en Microsoft Windows

Se ha desvelado una vulnerabilidad en la forma en la que el proceso
CSRSS (Client/Server Runtime Server Subsystem) procesa mensajes
HardError (en un Message Box).

Esta vulnerabilidad permite a usuarios autenticados ejecutar cūdigo
arbitrario en el proceso CSRSS.EXE y elevar a privilegios de la cuenta
SYSTEM. Se ven afectados los sistemas Windows 2000, XP, 2003 y
Vista. Microsoft ha reconocido la existencia del problema.

No existe parche oficial. Se recomienda no dar acceso a los sistemas
a usuarios no confiables.

Mßs informaciūn:

New report of a Windows vulnerability
http://blogs.technet.com/msrc/archiv...lity.aspx.retr
2+OKReceived: from localhost ([209.71.90.122]) by xxx.xxx.xxx.mx with
Microsoft SMTPSVC(5.0.2195.6713); Tue, 26 Dec 2006
10:09:14 -0600Message-ID: 000001c72907$3986e480$0100007f@localhost
From: "Ramesh To:

Subject:=?utf-8?B?W1NQQU1d?= - Microsoft 0ffice 2OO7 & Adobe Acrobat 8
Pro 79$ at Stacy's amazingsoft
Date:Tue, 26 Dec 2006 11:01:35 -0500
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: MICR0S0FT Outlook, Build 10.0.3416
Importance: Normal
X-MimeOLE: Produced ByMICR0S0FT MimeOLE V6.00.2800.150
X-ExchangeSecure-AntiSpam: spam(96)
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
Panda Antivirus haencontrado vulnerabilidad en el mensaje
http://www.pandasoftware.es
.quit+OK Microsoft Exchange 2000 POP3 server version 6.0.6603.0
signing off.
Ads