Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17


Random NDRs not so random

Posted on 2004-10-05
Medium Priority
Last Modified: 2008-03-10
We are receiving NDR notices on mail addressed to one domain at another company.  They are recieving mail from everybody but us....and they are the only domain that we cannot mail to...

The error message is:

The following recipient(s) could not be reached: on 10/2/2004 8:31 AM
            You do not have permission to send to this recipient.  For assistance, contact your system administrator.
            < #5.7.1 smtp;550 5.7.1 <>... Relaying denied>

a google search on this error message turned up two articles in the  MS KB, on random NDRs.....283287 & 274638

Both mention several causes for NDRs, including bad MX records in DNS....not the case here, our DNS resolves internal addresses and is a redirector for to our ISP DNS for Internet addresses....the MX record points correctly to our single exchange 2000 server.

Beyond that, under Authentication on the Access tab of the default SMTP virtual server ( the only one we use) we had both anonymous access and Integrated Windows Access checked.  When I changed that to uncheck Integrated and leave only anonymous, a test mail to the addresses in question came back with a new NDR: on 10/5/2004 12:09 PM
            The destination system is currently not accepting any messages.  Please retry at a later time.  If that fails, contact your system administrator.
            < #5.3.0 smtp;554 5.3.0 rewrite: map site186_a not found>

Anybody got any ideas?

Question by:JConchie
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4

Accepted Solution

susanzeigler earned 2000 total points
ID: 12231569
First and foremost, is there matching forward and reverse DNS for your mail server? Are they using any blacklists that perhaps your IP is listed in?

Another possible cause--is anything relating to their domain listed in your internal DNS?  I don't get that from the first error you posted, but the second one looks suspiciously lke your server is trying to deliver to a machine it can't find. That could be caused if there is something in your local DNS about that domain.

Additionally, do they see anything in their mail server log files that indicate your mail server is contacting theirs?  A quick test would be to telnet to their server on port 25 and try to send a message directly.

In a command window, type:
  telnet 25

When the telnet window opens and a ready prompt appears, type:

Their server should respond with an ok message. Then type:
  mail from:

Their server should respond with and ok message. Now type:
  rcpt to:

Their server should respond with an ok message. Then type

Their server should respond with and ok message. Now type:
  type a message and then hit return and type a single . on a line by itself

Ideally, if it is not something on your exchange server, you will get a relay denied message somewhere in that process. The issue then exists at their end. If the message is queued for delivery, the issue could still be either on your end or on theirs:(

LVL 18

Author Comment

ID: 12232410
Susan, thanks for your reply.

Have checked our DNS carefully both the MX record in our forward lookup and the corresponding pointer in the reverse lookup are fine.  We have no entries from any domain other than our single internal domain.

The other companies office is on the east coast and is closed, but I have emailed their IT another domain :-)
....and have asked for the name of their mailserver...tomorrow, when I have that, will run the ftp check and get back to you.

Appreciate the help.

Expert Comment

ID: 12233062
You can substitute the IP of their mailserver for the host name.

An easy way to get this information, simply go to the command prompt on any windows 2000 or XP machine and type

then type:
set query=mx

and finally:

This should give you the IP address and the name of the mail server that is accepting inbound mail. If you get more than one MX record, use the one with the lower number:)
NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

LVL 18

Author Comment

ID: 12240440
got their ip following your instructions....also gave me the name of thier server...which appears to just be a virtual server hosted on an ISP.  Got back the ISP's mail server and IP address too.

At that point, I telneted in,
did the helo, got back a "pleased to met you" message,
did a "mail from" with my email address, and got back a "Sender OK"

Then did a "rcpt to:" to what are supposed to be two different  valid user addresses on their system...and got back:

554 5.3.0 rewrite: map site186_a not found

Fails there every time I try it.
LVL 18

Author Comment

ID: 12240463
When I talked to them last night , they told me that they are getting their email from a pop3 account with thier ISP....also said that the ISP tech had checked and had not seen any attempted messages from us other than some two weeks ago that were routed successfully.

Expert Comment

ID: 12241308
Ok, the issue is definately on their ISPs end. When you are in the telnet session and have successfully connected to an email server, any errors or messages you get are being generated by that server. Either forward the error you got to them to send to their ISP or send it to their ISPs tech guys. Either you are being blocked by the ISP or something, but chances are very slim that it is on your end. If you want me to try a test to them as well, I'd just need the IP of the mail host.
LVL 18

Author Comment

ID: 12241980
will let you know about testing from your end...seems likely that you would get through since they say we are the only people they are not getting email from......and they are the only ones we are not reaching.... :-)

Will get back to you as soon as I hear from them.....

Will close and award points then too.

Thanks for your help.

Expert Comment

ID: 12249035
Of course, just because they SAY they are getting email from everyone doesn't always mean it is true;) Have heard that one too many times :grin:

Hopefully they will figure out what isn't working right and get it fixed.

One thing I didn't ask you if you'd done was to have someone from the other company send you a message and see if the error is the same on a reply as on a direct send.

Good luck:)
LVL 18

Author Comment

ID: 12277573
Thanks for your help Susan.

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you troubleshoot Outlook for clients, you may want to know a bit more about the OST file before doing your next job. IMAP can cause a lot of drama if removed in the accounts without backing up.
Check out this step-by-step guide for using the newly updated Experts Exchange mobile app—released on May 30.
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to:…

661 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question