We help IT Professionals succeed at work.

E-mail between users inside domain bounced - meeting requests attached.

mojopojo asked
Medium Priority
Last Modified: 2012-05-05

I am running am Small Business Server 2003 w/Exchange 2003 – all service packs and updates applied. My users run Win XP Pro w/ Office 2003.

Most everything runs very well with one exception. I have users who continually receive the following error when sending certain e-mail to other users within the network.

I have users receiving this internally:

Subject: Undeliverable: Video Webinar

Your message

  To:      Bridget Rutherford
  Subject: Video Webinar
  Sent:    Tue, 31 Oct 2006 09:12:16 -0600

did not reach the following recipient(s):

Bridget Rutherford on Tue, 31 Oct 2006 09:12:33 -0600
    You do not have permission to send to this recipient.  For assistance, contact your system administrator.
    <ourdomain.org #5.7.1>

It is not all e-mail between these two (and other) users. All users have AD accounts on the server and the origin/destination are both in my Exchange Server. So this should not be a result of SPAM protection.

These users frequently -- almost always -- get this returned message when sending meeting requests through outlook to other users in our domain.

Most of the posts I have seen dealing with this deal with rejected mail send to another domain/outside destination. What puzzles me is that my issue is entirely internal.

What is it about these meeting requests (attachments) that sets this off?
Watch Question

Is this a "fresh" installation of SBS or was it upgraded/migrated from a previous SBS instance?

Have you set any mail size restriction, mailbox size restriction in your exchange server? Check whether the users exceeded the storage limits..


This was a fresh install of SBS 2003. Although I did not preform the instaltion (happened before I took the network) I have not found much else wrong - in terms of configurations. Although it has been relocated once in the past year with a new Isp and IP address.

No size limits set on the mailboxes that would effect this e-mail (receiver has used .5GB of 2GB limit) and the atachment in question is never more than 8KB.
They can send larger atachments with no trouble, but the e-mail with meeting requests from Outlook all bounce.

I'll go ahead and tet the send with other file-type atachments today, but I have had no reports of anyhting else causing this issue.


Just verified: this issue only occurs with meeting requests sent to certain uses within the domain. I am trying to isolate any commonality amount those addresses that is different than the others.

There are about 85 users in the domain and this is only occurring with mail sent to about 8 of them. But many are not included in any meeting requests. I'll create a group request sent to everyone in the domain and see how many users total get bounced.

Can we turn up logging in Exchange System Manager to capture some more info?  In ESM, highlight the server name, hit properties, then Diagnostics Logging, and highlight MSExchangeIS then Mailbox.  Here are the categories I would recommend setting logging to maximum: Transport General, General, Transport Sending, Transport Delivering, Access Control, Send on Behalf of, Send As, Storage Limits, and IS/AD Synchronization.  What we want to look for are warning/error events in the application event log, which should give us some more information than just the NDR's.


Making the log settings change now...

I'll post the results when I test a fresh send with the meeting attachment.


So far, after setting up the advanced Exchange logging I have only found one item in the Event Viewer, Application log that corresponds to a bounced e-mail containing the meeting request from Outlook:

Event Type:      Warning
Event Source:      MSExchangeIS Mailbox Store
Event Category:      Access Control
Event ID:      1029
Date:            11/7/2006
Time:            12:54:58 PM
User:            N/A
Computer:      OURSERVER
DELEGATED_USERNAME@OURDOMAIN.com failed an operation because the user did not have the following access rights:

'Delete' 'Read Property' 'Write Property' 'Create Message' 'View Item' 'Create Subfolder' 'Write Security Descriptor' 'Write Owner' 'Read Security Descriptor' 'Contact'

The distinguished name of the owning mailbox is /O=FIRST ORGANIZATION/OU=FIRST ADMINISTRATIVE GROUP/CN=RECIPIENTS/CN=USERNAME. The folder ID is in the data section of this event.

For more information, click http://www.microsoft.com/contentredirect.asp.
0000: 01 00 00 00 00 00 56 32   ......V2

Notice: In the "Description" the user name is not the senders, but another user who has delegated access to the sender’s mailbox.
In the line, "The distinguished name of the owning mailbox is..." the value for "CN=" was the correct senders name, not the delegate’s.

The user with delegated access is the principle’s assistant, and was not a recipient of the bounced e-mail. This was also NOT sent from that account. It was send by the account-holder from his Outlook installation, from his PC. I do not know why this delegated account has shown up in the event log during this transaction.

So far this is all I can find in the log pertaining to the failed transaction – log was created the exact second the message was bounced.

Is it possible that the delegation of the account to another user has caused this issue?

Yes - in fact when you have squirrely "you do not have permission to send" rights between internal users it's usually a delegate issue.  I was kind of expecting something similar when you turned up the logging, as I have had other delegate issues (for instance, with delegates and rules when in cached mode).  Sometimes these issues can require a hotfix that's only available from Microsoft Product Support Services (as in my case).  

Here's what I'd try first, in case the problem is "corrupted" delegates.   Try having the affected users remove the problem delegates, wait about 15-20 minutes, then you test meeting invites to them and see if the issue still occurs.  If it doesn't, then the users can try adding the delegates back in and testing again.  If the problem persists, this may be one of those issues requiring a non-public hotfix.

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts


I extended the Delegate user rights to Full and that seems to have solved. If I were not in a position to allow that solution (if the delegate was not trusted or a personal assistant) I would have had to call MS for the hot-fix. I may still have to as the domain has other delegate users whose rights I cannot extend for security reasons. Besides, I would like Exchange/Outlook to work as it should.

I went with the quick-&-dirty fix for now.

Thanks everyone.

lollygagr, you got it.

Thanks again.

Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.


Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.