SMTP NDR with code 4.4.7 and 5.7.1 in Exchange 2003

Posted on 2004-09-29
Medium Priority
Last Modified: 2008-02-01
I'm using a Small Business Server 2003 with Exchange 2003.
Two problems occur regularly:

1. When I send internet mails to some mail domains I receive a NDR with the code 4.4.7. This started about 3 month ago. With most of the mail domains I still have no problems sending mails to them. Just some mail domains don't work (but always the same). I already checked the blacklist for open relay server but my domain is not listed. Also the relay setting in the SMTP Virtual Server is not open (standard setting). Since I have not made any changes I don't understand why I could send mails to any domain before and now some make problems.

2. When I replay on a mail which I received thru a distribution list sometimes I receive a NDR with the code 5.7.1 (You do not have permission to send to this recipient). When I try to resend the same mail a few minutes later it goes thru without any problems. Why and what can I do to fix it?

Could anyone give me some help on these two problems?
Question by:ambisasia
LVL 13

Assisted Solution

by:George Sas
George Sas earned 600 total points
ID: 12177895
1. What is the server that sends the message ?
Is it your own server or some external server ?

Try to enable message tracking on your server , send a mail to somebody you know it will generate a NDR and then track the message.
It youls also help to look in the SMTP log files and see what is happening with the mail.

2. Do you have any Filters enabled on your SMTP server ?
Are other users experiencing same problems or only you ?
Check the email addresses you have and what email addresses the other users have as default. Do you have multimple domains or only one ? (local)
LVL 20

Expert Comment

ID: 12178198
This  seems to be a problem with some people using exchange 2003. I hope Microsoft will issue a  fix for this problem
i would suggest a workaround for this. Create a seperate SMTP connector for each of these problem domains and allow the mails to be relayed through this connectors for these domains.

2. Check the relay settings on your exchange server.By default, the SMTP virtual server allows relaying only from authenticated users. This configuration is designed to prevent unauthorized users from using your Exchange server to relay mail
In Relay Restrictions, verify the following settings:

 Verify that the Only the list below button is selected. To list only those hosts you want to allow to relay mail, click Add, and then follow the instructions. If you click All except the list below, your server may appear to be a server that is a source of unsolicited e-mail on the Internet.

 Verify that the Allow all computers which successfully authenticate to relay, regardless of list above check box is selected. This setting allows you to deny access to all users who do not authenticate. Any remote POP and IMAP users accessing this server will authenticate to send mail. If you do not have users who access this server through POP or IMAP, you can clear this check box to prevent relaying entirely, thereby increasing security.
LVL 20

Accepted Solution

ikm7176 earned 1000 total points
ID: 12178918
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

LVL 13

Expert Comment

by:George Sas
ID: 12178976
Don't think in his situation the connector will ghelp him but let's see the reaction.

Author Comment

ID: 12186796
Dear ikm7176,

Thank you for the long explanation and the link. I will try the SMTP connector setting first.
Regarding the relay setting... it is as you described. You said that I have to add host to the list... Does that mean I have to add all Client-PC's from my network to this list?

To answer the questions from GeoSs:
1. It is my own Server which is sending the Nadir’s. First I get a message regarding a delivery delay and a couple of hours later the 4.4.7 NDR.
2. There are no filter enabled on the SMTP Server and all users experiencing same problems. I'm using only one single domain.

A couple weeks ago I contacted one of the problem mail domain providers and today I received the following answer:

> If email is dispatched to @t-online.de over a local email server, this server makes a DNS inquiry (MX record)
> and gets as Mailinserver e.g. mailin00.sul.t-online.de to mailin07.sul.t-online.de dissolved.
> This Mailserver is not attainable for safety reasons over the entry platform of the German Telekom.
> In order to be able to dispatch enamels nevertheless to @t-online.de, the indication of a Smart Relay host is necessary.
> With selection over T-Online:  mailto.t-online.de or smtprelay.t-online.de
> other Provider over the Telekom platform:  Relayhost with the appropriate Provider (mail.provider.de)

If I understand this right would this mean that ikm7176's solution is the right one?
But still the question is why it worked before without all that extra setting and why it doesn’t work now since I didn't changed anything...

Does anyone have an idea about the second problem with the 5.7.1 NDR?
LVL 17

Assisted Solution

Microtech earned 400 total points
ID: 12188271
Numeric Code: 5.7.1

Possible Causes:
General access denied, sender access denied - the sender of the message does not have the privileges required to complete delivery.
You are trying to relay your mail through another SMTP server and it does not permit you to relay.
The recipient might have mailbox delivery restrictions enabled. For example, a recipient's mailbox delivery restriction was set to receive from a Distribution List only and non-members' email will be rejected with this error.
For Exchange Server 2003, a distribution list can be configured to restrict mail delivery from unauthenticated users. Mail that is sent by using an unauthenticated SMTP session are rejected.
Troubleshooting: Check system privileges and attributes for the contact and retry the message. Also, make sure you are running Exchange 2000 Service Pack 1 or later for other potential known issues.

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Want to know how to use Exchange Server Eseutil command? Go through this article as it gives you the know-how.
Mailbox Corruption is a nightmare every Exchange DBA wishes he never has. Recovering from it can be super-hectic if not entirely futile. And though techniques like the New-MailboxRepairRequest cmdlet have been designed to help with fixing minor corr…
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
Suggested Courses
Course of the Month15 days, 23 hours left to enroll

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question