Random NDRs not so random

Posted on 2004-10-05
Last Modified: 2008-03-10
We are receiving NDR notices on mail addressed to one domain at another company.  They are recieving mail from everybody but us....and they are the only domain that we cannot mail to...

The error message is:

The following recipient(s) could not be reached: on 10/2/2004 8:31 AM
            You do not have permission to send to this recipient.  For assistance, contact your system administrator.
            < #5.7.1 smtp;550 5.7.1 <>... Relaying denied>

a google search on this error message turned up two articles in the  MS KB, on random NDRs.....283287 & 274638

Both mention several causes for NDRs, including bad MX records in DNS....not the case here, our DNS resolves internal addresses and is a redirector for to our ISP DNS for Internet addresses....the MX record points correctly to our single exchange 2000 server.

Beyond that, under Authentication on the Access tab of the default SMTP virtual server ( the only one we use) we had both anonymous access and Integrated Windows Access checked.  When I changed that to uncheck Integrated and leave only anonymous, a test mail to the addresses in question came back with a new NDR: on 10/5/2004 12:09 PM
            The destination system is currently not accepting any messages.  Please retry at a later time.  If that fails, contact your system administrator.
            < #5.3.0 smtp;554 5.3.0 rewrite: map site186_a not found>

Anybody got any ideas?

Question by:JConchie
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4

Accepted Solution

susanzeigler earned 500 total points
ID: 12231569
First and foremost, is there matching forward and reverse DNS for your mail server? Are they using any blacklists that perhaps your IP is listed in?

Another possible cause--is anything relating to their domain listed in your internal DNS?  I don't get that from the first error you posted, but the second one looks suspiciously lke your server is trying to deliver to a machine it can't find. That could be caused if there is something in your local DNS about that domain.

Additionally, do they see anything in their mail server log files that indicate your mail server is contacting theirs?  A quick test would be to telnet to their server on port 25 and try to send a message directly.

In a command window, type:
  telnet 25

When the telnet window opens and a ready prompt appears, type:

Their server should respond with an ok message. Then type:
  mail from:

Their server should respond with and ok message. Now type:
  rcpt to:

Their server should respond with an ok message. Then type

Their server should respond with and ok message. Now type:
  type a message and then hit return and type a single . on a line by itself

Ideally, if it is not something on your exchange server, you will get a relay denied message somewhere in that process. The issue then exists at their end. If the message is queued for delivery, the issue could still be either on your end or on theirs:(

LVL 18

Author Comment

ID: 12232410
Susan, thanks for your reply.

Have checked our DNS carefully both the MX record in our forward lookup and the corresponding pointer in the reverse lookup are fine.  We have no entries from any domain other than our single internal domain.

The other companies office is on the east coast and is closed, but I have emailed their IT another domain :-)
....and have asked for the name of their mailserver...tomorrow, when I have that, will run the ftp check and get back to you.

Appreciate the help.

Expert Comment

ID: 12233062
You can substitute the IP of their mailserver for the host name.

An easy way to get this information, simply go to the command prompt on any windows 2000 or XP machine and type

then type:
set query=mx

and finally:

This should give you the IP address and the name of the mail server that is accepting inbound mail. If you get more than one MX record, use the one with the lower number:)
SharePoint Admin?

Enable Your Employees To Focus On The Core With Intuitive Onscreen Guidance That is With You At The Moment of Need.

LVL 18

Author Comment

ID: 12240440
got their ip following your instructions....also gave me the name of thier server...which appears to just be a virtual server hosted on an ISP.  Got back the ISP's mail server and IP address too.

At that point, I telneted in,
did the helo, got back a "pleased to met you" message,
did a "mail from" with my email address, and got back a "Sender OK"

Then did a "rcpt to:" to what are supposed to be two different  valid user addresses on their system...and got back:

554 5.3.0 rewrite: map site186_a not found

Fails there every time I try it.
LVL 18

Author Comment

ID: 12240463
When I talked to them last night , they told me that they are getting their email from a pop3 account with thier ISP....also said that the ISP tech had checked and had not seen any attempted messages from us other than some two weeks ago that were routed successfully.

Expert Comment

ID: 12241308
Ok, the issue is definately on their ISPs end. When you are in the telnet session and have successfully connected to an email server, any errors or messages you get are being generated by that server. Either forward the error you got to them to send to their ISP or send it to their ISPs tech guys. Either you are being blocked by the ISP or something, but chances are very slim that it is on your end. If you want me to try a test to them as well, I'd just need the IP of the mail host.
LVL 18

Author Comment

ID: 12241980
will let you know about testing from your end...seems likely that you would get through since they say we are the only people they are not getting email from......and they are the only ones we are not reaching.... :-)

Will get back to you as soon as I hear from them.....

Will close and award points then too.

Thanks for your help.

Expert Comment

ID: 12249035
Of course, just because they SAY they are getting email from everyone doesn't always mean it is true;) Have heard that one too many times :grin:

Hopefully they will figure out what isn't working right and get it fixed.

One thing I didn't ask you if you'd done was to have someone from the other company send you a message and see if the error is the same on a reply as on a direct send.

Good luck:)
LVL 18

Author Comment

ID: 12277573
Thanks for your help Susan.

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Utilizing an array to gracefully append to a list of EmailAddresses
Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question