URGENT Relay help - please

Posted on 2006-06-29
Last Modified: 2008-02-01
Exchange 2003

I have a mailbox called Joe Bloggs (for example)
His Primary SMTP address is

I have created a "Contact" to divert his mail to with the SMTP address of

Under the Delivery Option within Exchange General in Active Directory against his account - I have set up the Forward To option to forward to the contact (

I can send email internally to him using the Global Address List - but when I try and sent mail externally (from a mail account such as hotmail etc), I get a delivery failure sent to my hotmail address saying the following:

Status: 5.7.1 (Permanent failure - security: delivery not authorised, message refused)

I thought it might be becuase i did not have a recipient policy for - but i added one the other day and still it does not work.

Please can someone help me.
Question by:naifyboy123
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
LVL 104

Expert Comment

ID: 17011356
That message isn't an Exchange message. So it is probably coming from something else.
Do you route your email via your ISP for example?


Author Comment

ID: 17014499
we go through mailsweeper first.

here is the full error message - if it helps more - perhaps this shown in full now is an Exchange meesage.

Reporting-MTA: dns;
Received-From-MTA: dns; (unverified [])
Arrival-Date: Fri, 30 Jun 2006 00:14:45 +0100

Final-Recipient: rfc822;
Action: failed
Status: 5.7.1 (Permanent failure - security: delivery not authorised, message refused)
Remote-MTA: dns; {IP address of our Exchange server}
Diagnostic-Code: smtp; 550 5.7.1 Unable to relay for
LVL 104

Expert Comment

ID: 17016780
This line is not an Exchange message:
"Permanent failure - security: delivery not authorised, message refused"

The Diagnostic code below is.

I suspect that your mailsweeper application is probably causing the problem. When you use a contact to forward, the messages comes in and goes straight back out again. As such, the message can appear to come from the original address on the message, not from the internal server. I have seen some applications cough over that type of configuration, because the message isn't coming from a domain name that they recognise.

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why


Author Comment

ID: 17016838
I have totally removed the forward and still get the same error.

I can see the mail coming into our mailsweeper server in the queue. it just does not relay it to Exchange.

All other domains work fine.

LVL 104

Expert Comment

ID: 17017509
Is the mailsweeper application doing any kind of LDAP lookup on the address to see if the account exists?


Author Comment

ID: 17017731
no - it just sends all the mail to the exchange server using ip address

Author Comment

ID: 17017771
i just figured it out!

in the recipient policy i did not have the "The Exchange Organisation is responsible for all mail delivery to this address" option ticked.

I ticked this option and it started working.

thanks for all your help anyway.

Author Comment

ID: 17017772
Request made to close this question

Accepted Solution

GhostMod earned 0 total points
ID: 17047239
Closed, 500 points refunded.

Community Support Moderator

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Lotus Notes – formerly IBM Notes – is an email client application, while IBM Domino (earlier Lotus Domino) is an email server. The client possesses a set of features that are even more advanced as compared to that of Outlook. Likewise, IBM Domino is…
Utilizing an array to gracefully append to a list of EmailAddresses
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to:…

732 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question