URLScan Installed and Now E-Mail Attachments are Blocked?

Posted on 2005-03-26
Medium Priority
Last Modified: 2012-06-27
I'm trying to e-mail a .zip attachment, and I am receiving the response from my Exchange 2003 server listed below. The only thing I have changed recently is I installed URLScan. I'm pretty sure I have it configured correctly for OWA, and even if I didn't I don't think that would be causing SMTP actions like this would it? Nothing about this problem is logged in the urlscan logs either. I've never had a problem with sending .zip files before.

Your message did not reach some or all of the intended recipients.

 Subject:      ********
Sent:      3/26/2005 1:05 PM

The following recipient(s) could not be reached:

  ********@gmail.com on 3/26/2005 1:06 PM
  The recipient could not be processed because it would violate the security policy in force
  <mydomain.com #5.7.0 smtp;552 5.7.0 Illegal Attachment>

Also, this is logged in the Event Log:

Event Type:      Error
Event Source:      MSExchangeTransport
Event Category:      NDR
Event ID:      3030
A non-delivery report with a status code of 5.7.0 was generated for recipient rfc822;*******@gmail.com (Message-ID <E18DF4A94205CE40B10250A34F5280462921@mydomain.com>).
Question by:Grime121
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
LVL 21

Expert Comment

ID: 13637293
This actually looks like its gmail's fault.  Exchange doesn't have native attachment filtering capability and I know gmail filters zip files that contain exe's.  So, if you're sending a zip with an exe inside (or other types like vbs) I believe gmail will reject it.  If this rejection is taking plae before the SMTP conversation finishes, then it would be Exchange's responsibility to NDR the message.  That would explain why it appears to be an Exchange NDR.  Try password protecting the zip file.

Oh, and you are correct.  URLScan would not have an impact on this type of issue.  And if you wanted to prove further that is gmail you could look at the SMTP protocol log, or run a network sniffer while the message is trying to be sent.

Author Comment

ID: 13637439
Ok, that makes sense. Why do you suppose it was logged in the exchange server's event logs though?
LVL 21

Accepted Solution

marc_nivens earned 2000 total points
ID: 13637460
The RFC states that a server is not responsible for the NDR until the message is accepted for delivery.  If gmail detected that there was an executable inside the zip before the message was accepted (during the SMTP conversation) and it kicked back the 5.7.0 error without taking the message, then the Exchange server would be responsible for delivering it and that would also have caused it to log the event.

Expert Comment

ID: 14972633
I know this will not solve the Exchange problem but if anyone wants to send an .exe file over Gmail, heres how:  zip the .exe, rar the resulting .zip, now zip the .rar and rename it to .doc

Featured Post

New feature and membership benefit!

New feature! Upgrade and increase expert visibility of your issues with Priority Questions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Find out what you should include to make the best professional email signature for your organization.
If you troubleshoot Outlook for clients, you may want to know a bit more about the OST file before doing your next job. IMAP can cause a lot of drama if removed in the accounts without backing up.
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses
Course of the Month13 days, 17 hours left to enroll

800 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question