Exchange 2000 SP3 on W2K SP4 550 5.7.1 Requested action not taken, Message refused

Posted on 2007-03-22
Last Modified: 2010-03-17
I've been working on a box that has W2K server SP4 and Exchange 2K SP3 on it.  people who send e-mail to us randomly get NDRs that say 550 5.7.1 Requested action not taken, Message refused.  The same  person could e-mail again 4 senconds later and it would work fine... it's too intermitent to test... and most of what I have read keeps pointing toward the antivirus scanning the mail or the M: drive.  well... until I was messing with it, nothing had been changed with the antivirus in a long time.  so it doesn't really make sense that it would suddenly start doing this.  any other idea that might shed some light on this?
Question by:cymrich
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
LVL 39

Accepted Solution

redseatechnologies earned 500 total points
ID: 18777312
>>well... until I was messing with it, nothing had been changed with the antivirus in a long time.  so it doesn't really make sense that it would suddenly start doing this.

That doesn't matter, anti-virus will occasionally just start doing stupid things.

I have a site here where the AV scanner went nuts and started holding onto random items in the queue - after working fine for years.

Can you check the logs of the AV system or exchange (message tracking) and see if you have any records of these touching your server?

I this one person having an issue sending to you, or is it more widespread?

Author Comment

ID: 18777322
I can check tomorrow.  It's much more widespread... but totally random... the only people that it happens to more than once are the people that e-mail addresses on the server frequesntly (so far).  I didnt think to look at AV logs, but I did search through event logs and checked the AV settings to ensure it was what it was supposed to be.
LVL 39

Expert Comment

ID: 18777337
The randomness makes it difficult to work with, and difficult to test - as well as squarely point the finger at the AV scanner.  If it is weird, chances are it is the AV system - increases in weirdness increase that probability.

If you have good desktop protection, you could uninstall the AV scanner (disabling it is not enough) - alternatively, get a demo of GFI scanning software, install it on a gateway device and then take AV off the server itself.

It all depends on your user count, and their viral intelligence
Secure Your WordPress Site: 5 Essential Approaches

WordPress is the web's most popular CMS, but its dominance also makes it a target for attackers. Our eBook will show you how to:

Prevent costly exploits of core and plugin vulnerabilities
Repel automated attacks
Lock down your dashboard, secure your code, and protect your users


Author Comment

ID: 18859343
Before I posted this I had already tried re-installing the AV.  that does seem to have fixed the issue, it was so intermitent though that I really wasnt conviced it was going to fix it.

Author Comment

ID: 18859654
I got interupted while typing the post above and must have hit submit by accident.  In any case... they have not had the issue since I reinstalled the AV.
LVL 39

Expert Comment

ID: 18881174
Another reason why I dislike anti-virus programs, they are like airbags that randomly punch you in the face - sure it is additional security, but taking your chances and avoiding the punches certainly looks appealing sometimes...

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Unified and professional email signatures help maintain a consistent company brand image to the outside world. This article shows how to create an email signature in Exchange Server 2010 using a transport rule and how to overcome native limitations …
If you troubleshoot Outlook for clients, you may want to know a bit more about the OST file before doing your next job. IMAP can cause a lot of drama if removed in the accounts without backing up.
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit If you want to manage em…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question