I've been working on a box that has W2K server SP4 and Exchange 2K SP3 on it. people who send e-mail to us randomly get NDRs that say 550 5.7.1 Requested action not taken, Message refused. The same person could e-mail again 4 senconds later and it would work fine... it's too intermitent to test... and most of what I have read keeps pointing toward the antivirus scanning the mail or the M: drive. well... until I was messing with it, nothing had been changed with the antivirus in a long time. so it doesn't really make sense that it would suddenly start doing this. any other idea that might shed some light on this?