• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 795
  • Last Modified:

SMTP NDR with code 4.4.7 and 5.7.1 in Exchange 2003

I'm using a Small Business Server 2003 with Exchange 2003.
Two problems occur regularly:

1. When I send internet mails to some mail domains I receive a NDR with the code 4.4.7. This started about 3 month ago. With most of the mail domains I still have no problems sending mails to them. Just some mail domains don't work (but always the same). I already checked the blacklist for open relay server but my domain is not listed. Also the relay setting in the SMTP Virtual Server is not open (standard setting). Since I have not made any changes I don't understand why I could send mails to any domain before and now some make problems.

2. When I replay on a mail which I received thru a distribution list sometimes I receive a NDR with the code 5.7.1 (You do not have permission to send to this recipient). When I try to resend the same mail a few minutes later it goes thru without any problems. Why and what can I do to fix it?

Could anyone give me some help on these two problems?
3 Solutions
George SasIT EngineerCommented:
1. What is the server that sends the message ?
Is it your own server or some external server ?

Try to enable message tracking on your server , send a mail to somebody you know it will generate a NDR and then track the message.
It youls also help to look in the SMTP log files and see what is happening with the mail.

2. Do you have any Filters enabled on your SMTP server ?
Are other users experiencing same problems or only you ?
Check the email addresses you have and what email addresses the other users have as default. Do you have multimple domains or only one ? (local)
This  seems to be a problem with some people using exchange 2003. I hope Microsoft will issue a  fix for this problem
i would suggest a workaround for this. Create a seperate SMTP connector for each of these problem domains and allow the mails to be relayed through this connectors for these domains.

2. Check the relay settings on your exchange server.By default, the SMTP virtual server allows relaying only from authenticated users. This configuration is designed to prevent unauthorized users from using your Exchange server to relay mail
In Relay Restrictions, verify the following settings:

 Verify that the Only the list below button is selected. To list only those hosts you want to allow to relay mail, click Add, and then follow the instructions. If you click All except the list below, your server may appear to be a server that is a source of unsolicited e-mail on the Internet.

 Verify that the Allow all computers which successfully authenticate to relay, regardless of list above check box is selected. This setting allows you to deny access to all users who do not authenticate. Any remote POP and IMAP users accessing this server will authenticate to send mail. If you do not have users who access this server through POP or IMAP, you can clear this check box to prevent relaying entirely, thereby increasing security.
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

George SasIT EngineerCommented:
Don't think in his situation the connector will ghelp him but let's see the reaction.
ambisasiaAuthor Commented:
Dear ikm7176,

Thank you for the long explanation and the link. I will try the SMTP connector setting first.
Regarding the relay setting... it is as you described. You said that I have to add host to the list... Does that mean I have to add all Client-PC's from my network to this list?

To answer the questions from GeoSs:
1. It is my own Server which is sending the Nadir’s. First I get a message regarding a delivery delay and a couple of hours later the 4.4.7 NDR.
2. There are no filter enabled on the SMTP Server and all users experiencing same problems. I'm using only one single domain.

A couple weeks ago I contacted one of the problem mail domain providers and today I received the following answer:

> If email is dispatched to @t-online.de over a local email server, this server makes a DNS inquiry (MX record)
> and gets as Mailinserver e.g. mailin00.sul.t-online.de to mailin07.sul.t-online.de dissolved.
> This Mailserver is not attainable for safety reasons over the entry platform of the German Telekom.
> In order to be able to dispatch enamels nevertheless to @t-online.de, the indication of a Smart Relay host is necessary.
> With selection over T-Online:  mailto.t-online.de or smtprelay.t-online.de
> other Provider over the Telekom platform:  Relayhost with the appropriate Provider (mail.provider.de)

If I understand this right would this mean that ikm7176's solution is the right one?
But still the question is why it worked before without all that extra setting and why it doesn’t work now since I didn't changed anything...

Does anyone have an idea about the second problem with the 5.7.1 NDR?
Numeric Code: 5.7.1

Possible Causes:
General access denied, sender access denied - the sender of the message does not have the privileges required to complete delivery.
You are trying to relay your mail through another SMTP server and it does not permit you to relay.
The recipient might have mailbox delivery restrictions enabled. For example, a recipient's mailbox delivery restriction was set to receive from a Distribution List only and non-members' email will be rejected with this error.
For Exchange Server 2003, a distribution list can be configured to restrict mail delivery from unauthenticated users. Mail that is sent by using an unauthenticated SMTP session are rejected.
Troubleshooting: Check system privileges and attributes for the contact and retry the message. Also, make sure you are running Exchange 2000 Service Pack 1 or later for other potential known issues.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Tackle projects and never again get stuck behind a technical roadblock.
Join Now