Exchange 2003 do not have permission to send to this recipient; rejected by user Open Relay? I checked

Posted on 2004-10-14
Last Modified: 2012-08-13

I have recently set up an exchange server 2003, everything works great, except when we try to send to one particular email address, We immediately get the following bounceback.

The following recipient(s) could not be reached:

  '' on 10/14/2004 12:40 PM
  You do not have permission to send to this recipient. For assistance, contact your system administrator.
  < #5.7.1 smtp;550 5.7.1 <>... Rejected by user; see: <$HqK7FRoWdTjrp2rczX3KTPq5sJ5N6QanneyGAGADrv7o8dwwf1wgA>> 

The recipient said they ran us through open relay databases, and we came up dirty. I ran it before I rolled it out, and thoroughly checked it, and found no evidence of an open relay. Today I did the same thing after reading the response from the recipient and they all came up clean.

PLEASE HELP, I need this fixed like it was yesterday.

Thanks ahead of time,
Question by:devruiz
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
LVL 26

Expert Comment

ID: 12313175
try it seems u are blcklisted.
LVL 26

Expert Comment

ID: 12313208
forgot to say u could ask the other end user or admin to put u on white list which will
override the blacklist.then create an smtp connector for that domain and send all ur email
straight to their public address.

Author Comment

ID: 12313386
Where in does it say I am blacklisted? Think only hint I have it says in the Spam SBBl has a DNS lookup issue. I was thinking the whitelist route, but If I have an open relay issue, I want that fire put out now before it starts. They are a royal PITA. I thought I had the server locked down, but I kind of think it's a UMN issue. Am I right? Or am I just not seeing how blacklisted I am becoming as I write this?


I also want to add that when I go to it says "[ERROR: The parent servers say that the domain does not have any NS records (although they may have some other information on that zone). I can not do a DNS report on a hostname (such as or a domain name that does not have its own zone.]"

make any sense? when I ran it on DNSREPORTS Sunday, it worked fine.....puzzled....

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!


Assisted Solution

nalanbar earned 250 total points
ID: 12313548

I had the same problem, and this was the start of how I cleaned it out.
LVL 26

Assisted Solution

Vahik earned 250 total points
ID: 12314302
exchange 2000 and 2003 are relay proof in the default instalation.
what u should do ?
1-call ur isp and make sure u have an A record and a PTR record cretaed in ur zone
2-if u dont allow folks from outside to use ur exchange to send mail to other domains
then uncheck   "Allow all computers which successfully authenticate to relay regardless
of the list above".
this two simple steps will ensure no relaying from ur server.
if u allow outside folks(users,salesman,bla bla)to send email through ur
exchange then u may have a problem with some nice folks who try all day
long to guess the password and username of ur internal users and sometime
they do get prevent this happening u must enable complex password
policy and make sure passwordsa are changed at a regular intervals.

Expert Comment

ID: 12314399
They are NOT relay proof with a fresh install. That is just a ludicrous thing to say.
LVL 26

Assisted Solution

Vahik earned 250 total points
ID: 12314712
nalanbar in exchange 2000 and 2003 there is only one click that prevents relaying
on ur exchange server and that is on ur smtp relay section which states
select which computer may relay through this virtual server
only list below
all except the list below

with the first option checked and list below empty.that is all to it .this is the default
setting when u set up ur exchange 2000 and 2003.Is it possible for this option
not to be ticked?yes it is and u must always check ur settings when u install exchange

the second option that i talked about in my last comment is a diffrent animal.With
that option u allow relaying intentionally to ur external users that authenticate
against ur AD.if the geeek who tries to guess the password is not successfull
then no relay.if he is then u are outof prevent this u can enable complex password policy but that initself creates other problems......old ladies forgeting
their password or writting them on stickers stuck on their computers so everyone can see.
since this is my last post let me tell u that successfull relaying is diffrent than spam and folks who
crash ur server trying to relay.there are ways to stop them also but that is another
story for another night(my grandma used to say that when i was a kid).
Take care and good luck.


Accepted Solution

nalanbar earned 250 total points
ID: 12314832
There is a difference between relay proof and "there is only one place you have to look to make sure you don't relay." That being said, the rest of your information is correct.
Once you have shut off relaying, or even before hand for a little fun, go to, click on rss link on the right side, and check your ip address against them. If you  are on any of their lists, they will give you instructions as to how to get off the list, and will do a very comprehensive open relay test.

Author Comment

ID: 12322269
Didn't mean to give a grade B guys, I apologize. It was an A, because you enlightened me to a few things. The problem wound up being that we were blacklisted Januray 2004 for excessive outgoing virus'. This was unbeknownst to ANY of us in the organization because we never had any issues. Our virus tables were always up to date, and our Trend Scanmail had performed flawlessly <so I thought>. Nonetheless, I made a request to the "SysOp" at UMN.EDU and told him that information was false, and he added us to their "list".

I still don't understand why this just arose from the new installation. The dates were ANCIENT (6 months ago) . I guess it's one of those blackhole effect thingy's........dunno....I like to think logically, so this throws me.

Thanks for all of your help Vahik and nalanbar! I will use those techniques for other clients in the future.

Take care,

Featured Post

Instantly Create Instructional Tutorials

Contextual Guidance at the moment of need helps your employees adopt to new software or processes instantly. Boost knowledge retention and employee engagement step-by-step with one easy solution.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Lotus Notes – formerly IBM Notes – is an email client application, while IBM Domino (earlier Lotus Domino) is an email server. The client possesses a set of features that are even more advanced as compared to that of Outlook. Likewise, IBM Domino is…
This article explains how to install and use the NTBackup utility that comes with Windows Server.
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…
This video discusses moving either the default database or any database to a new volume.
Suggested Courses

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question