As the guy responsible for the email server at my company, I usually get tasked with troubleshooting all the Non-Delivery Reports (NDRs) for our end users. We call them "bounce messages" in our office because it appears that when you send the message - it bounces back.

What many users don't understand is that the reason the email bounced is usually right in the bounce message itself. 

I always look for certain text in the bounce message:

Diagnostic information for administrators:

Generating server: servername.appriver.com

username@receivingdomain.com
receivingdomain.com #<receivingdomain.com #5.0.0 smtp;message text rejected by receivingdomain.com.s8a1.psmtp.com: 

552 5.3.4 Message size exceeds fixed maximum message size> #SMTP#

You want to look for the response of the server - that is your biggest clue. in the case above it's: "Message size exceeds fixed maximum message size" or in plain english - "I rejected your email because it's too big."

Here are more popular ones:

550 - The requested command failed because the user's mailbox was unavailable (for example because it was not found,or because the command was rejected for policy reasons).
551 - The recipient is not local to the server. The server then gives a forward address to try.
552 - The action was aborted due to exceeded storage allocation. 
553 - The command was aborted because the mailbox name is invalid. 

I'm not going to go onto all the different errors because there is plenty of that info here on the web. The purpose of this post is to just show my train of thought when trying to figure out what's going on with a bounce. So here is my workflow.

1. See above, what are the error messages? Is it that easy? Mailbox Full? Attachment too big? Etc.
2. If the server responds with the address does not exist or something along those lines we start on this road:
   

• a. Is the domain name valid? Did the user mispell the domain?
  
• b. If you strip the "name@" from the domain, can you get to the website? It that website the company they are sending to? If not, the user typed it wrong or were given the wrong info.
  
• c. If no website comes up, check to see if the domain is for sale. Hit Godaddy.com and see. If it IS for sale - your user typed it wrong because nobody even owns the domain so there fore could not host email.
  
• d. Ok, if it's NOT for sale. Does it have an MX record? Check http://www.mxtoolbox.com to see.
  
• e. No MX record on the domain? The domain is not even setup to receive email in that case - so thats a problem on the recipient's side or your user typed it wrong.
  
• f. The domain has an MX record. But the error says recipient does not exist. There is a good chance the user typed it wrong, or they were given the wrong info.
  
• g. Are you getting bounces from other domains? More than usual? Check your queues.
  

Do we start to see the theme? My unscientific opinion is that around 90% of all NDRs are one of three things:

1. The user has typed the wrong address somehow - or the wrong address was supplied to the user.
   
2. The recipient's server has some sort of issue.
   
3. SPAM Filtering is sending a false "bounce" message, or bouncing it outright.
   

If mail is flowing to all other domains without an issue, but just one domain is bouncing or one email address in a domain - then it's NOT you. It's them.

We were having backup issues on a server running AppAssure. It would not complete snapshots and error. It would throw the error:

In order for a computer being re-allocated (wiped) to "surrender" it's license to the Kaspersky server, the Kaspersky software (Client and Agent) should be un-installed. However, if the machine was wiped or died before this process could happen, the following process can be followed to re-gain your unused licenses.

You must first remove the computer that does not need a license anymore.

1. Open the management console (Kaspersky Administration Kit), and browse to "Managed Computers" --> "Client Computers" on the right side where it shows the list of computers, find the computer you want to remove. Right-click and select "delete".

HINT: If you sort by the "Connecting to Server" field, you can see all the machines that have not connected in a long time and it can help show which ones can be deleted.

2. Browse to "Unassigned Computers" --> "IP Subnets" --> "(your subnet)" and locate the computer you just deleted from step one. Right-click on it and select "delete".

3. In the upper left, select the "File" menu, then select "Options..." The "Disk Cleanup" interface appears. Click on the "Delete Files" button. Then click "Yes". Then click "OK".

4. Flush the DNS Cache. From a command prompt type IPCONFIG /FLUSHDNS [enter] then type IPCONFIG /REGISTERDNS [enter]

5. Open the console back up. Browse to "Reports and Notifications" and right-click on the "License Usage Report" and select "Refresh". Then run the report.

The licenses should reflect the new total - removing the machines that were just deleted.