Exchange 2003 email delivery problem - status 5.4.6

Posted on 2004-09-20
Last Modified: 2011-04-01

Client has a new install of SBS2003. During setup of SBS a few months ago, user did not know what their eventual DNS name would be (company changing partnerships - its an accountant). So we picked something, hoping to be correct. Lets call it paulcuddycpa. Set up SBS with all the wizards to be:

Server name: pcuddy01
Win domain name: paulcuddycpa
DNS name: paulcuddycpa.local

Users (5) began using server, and exchange for local email. They continued to pop email using outlook from their old email addresses located on some ISP servers. All was reasonably well...

This old name was never registered as a "Real" internet domain name. Now that he has changed partners, he has a "real" name he wants to use. is now registered at I wend ahead and re-ran the internet connection wizard in SBS and told it that the exchange dns name was now I pointed the godaddy MX record at the server's IP address, making no other changes at godaddy (A record still ponited to godaddy etc).

It didn't see to totally work, as outbound email would come out with the wrong address (either paulcuddy.local or some other address that the local sysadmin had re-run the wizard with). I eventually found that the default sender policy had a whole slew of addresses in it, so I paired it down to just paulcuddycpa.local and (default). Each user was set up the same (both addresses, and nothing else).

This seemed to work for about a day. Now however, whenever any user sends email TO them from outside (say yahoo) they get a non delivery message stating:

Reporting-MTA: dns;
Received-From-MTA: dns;
Arrival-Date: Mon, 20 Sep 2004 11:32:15 -0400

Final-Recipient: rfc822;
Action: failed
Status: 5.4.6
X-Display-Name: Paul Cuddy

I see that this is a looping problem - buy WHY? Doesnt the server see that it's supposed to be handling the mail for cuddyandwardcpa? It appears to be redirecting (or attempting to) to itself. Where can I look, and what can I do.... I've thought about renaming the domain for the whole AD and server to cuddyandwardcpa but Im not sure how to do that, and wether it would screw things up even worse.

ANY help, or pointers, or even if I can provide more info, is GREATLY appreciated as I need to have this working again asap.

jeff brinkerhoff

(email jbrinker(*nospam)

*Remove nospam and parens to email
Question by:jbrinker
LVL 12

Accepted Solution

ColinRoyds earned 250 total points
ID: 12104645
this sounds like a mess, no offense.
forget about the setup wizards and all that, this is how to do it.
Open Exchange system Manager / recipients / recipient policy / Default recipient policy right click properties / email address policy ;
now check that it has the domains you want if not add the in the format @*.com

Now make certain your DNS records @ your ISP are correct for each domain make certain the DNS is something along these lines for each domain.

MX Record - =
A Record - = external ip of firewall

Give that a go, let me know if you get stuck

Author Comment

ID: 12104897

Thanks for the advice. I am aware that the wizards suck - but I thought it was important to mention that I (and the local admin) had used them. I already had the recipient policy as you suggest, and in fact it was all working fine Friday set up as you say. Default policy = (default) and an additional of paulcuddy.local (which Im 99% sure I can remove).

DNS was set up as follows:

A record = Godaddy default (some server of theirs)
MX record = IP of the external interface of the SBS server

I have changed it to be:

A record = Godaddy server IP
A record = mail = Correct IP of SBS server
MX record = (MX0) = (the above A record).

This will take some time to percolate I assume... It just seems really strange that it worked fine friday (registered and made original MX change last monday) and stopped over the weekend with this strange routing error. I Have logging cranked up and find the following error message every time the server tries to deliver an inbound SMTP email:

A non-delivery report with a status code of 5.4.6 was generated for recipient rfc822; (Message-ID <>).  
Cause: A forward loop was detected by the categorizer. This is a common hosting configuration problem caused when someone uses the provisioning tool to create a contact in one organization unit and creates a user in a different organization user that share the same e-mail address.    
Solution: Verify that you do not have a user in organizational unit and a contact in a different organizational unit that have the same e-mail address.


Assisted Solution

mcsallad earned 250 total points
ID: 12120915
Sounds like you have some old external contacts in your address lists that is making a mess.
try to rebuild the address lists and check the event logs for errors.

Numeric Code: 5.4.6

Possible Cause: A Categorizer forward loop was detected.
The targetAddress attribute is set on a mailbox-enabled user. Hosting Pack: This is a common hosting configuration problem when someone creates a contact in organizational unit (OU) 1 and then creates a user in OU 2 that has the same e-mail address by using the user provisioning tool.

This issue occurs when contactA has an alternate recipient that points to contactB and contactB has an alternate recipient that points back to contactA. Check the alternative recipient for every contact.
Check and remove the targetAddress attribute from mailbox-enabled users.
For hosting where you want to send mail from one user in one company (OU) to another company (OU), it is best to configure the following two related objects:

User: SMTP proxy:
Contact: targetAddress:; SMTP proxy:


Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many of us need to configure DHCP server(s) in their environment. We can do that simply via DHCP console on server or using MMC snap-in on each computer with Administrative Tools installed in a network. But what if we have to configure many DHCP ser…
Recently, I had the need to build a standalone system to run a point-of-sale system. I’m running this on a low-voltage Atom processor, so I wanted a light-weight operating system, but still needed Windows. I chose to use Microsoft Windows Server 200…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question