Internal exchange email "You do not have permission to send to this recepient"

I know there are a couple of threads about this issue, but no-one seems to have a bullet-proof answer.

In our exchange setup we have an account intended to be used by temps as a single email address point - ie it is job based not person based.  When a temp arrives they are given their own AD & Exchange accounts to access the network, and permissions are given for them to have full access to the job email account.  Their outlook profile is setup so that the job exchange account is the primary account, and their personal email address is opened as an 'additional mailbox'.

Our current temp can not send from the job email account - internally or externally.  There are no logs in exchange for the job account having sent the email and the error message is sent to the temp's personal inbox.  Copy of the full text of the message below:
========================================================
From:       System Administrator  
Sent:      06 November 2008 11:04
To:      Temp
Subject:      Undeliverable: RE: Permissions

Your message did not reach some or all of the intended recipients.

      Subject:      RE: Permissions
      Sent:      06/11/2008 11:04

The following recipient(s) could not be reached:

      IT Support on 06/11/2008 11:04
            You do not have permission to send to this recipient.  For assistance, contact your system administrator.
            MSEXCH:MSExchangeIS:/DC=local/DC=domain:SERVER
================================================

There are no error codes in the message.  We use this setup elsewhere in the organisation quite sucessfully and so far as I can see by making comparisons - permissions are correct.  If anyone can shed any light or suggest where else to look it would be much appreciated.

Thanks
dchoxfordAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

apcsolutionsukCommented:
Here's the solution:

Contact your ISP and let them have it.  I just built my Exchange server a week or two ago, and just got 3 mails kicked back as "not having permission to send" etc.  I contacted my outgoing SMTP ISP, and they (like most) have a 1000 mail limit.  Now, I know what you're gonna say "37 people sending 1000 mails in 24 hours? that's impossible!"  It is, but I find out spam can actually generate from your server to recipents on your server or outside.

Just as a test, go to Message Tracking and search all mails from midnight one day to 11:59:59pm the next day and see if you have a lot of outgoing spam.

Make sure your SPF record is correct (mine is now)
Make sure you have reverse DNS in place (i always did)
Make sure you have good anti-spam software (GFI is awesome but it didn't help me here)
And it never hurts to contact the hosts that kicked your mail back (mine was yahoo).  They like to blacklist us small, newborn Exchange orgs.  You can have them un-do it with a simple phone call.
and it's always good to find an SMTP provider that doesn't have this 24hour flagging limit garbage.  let me know if you have one i can switch to ;)  Might I not suggest smtp-server.nc.rr.com
dchoxfordAuthor Commented:
Thanks for the fast response, but surely this wouldn't affect internal emails? - which are also a problem.  they won't be sent externally, they surely should be delivered direct.
JoWickermanCommented:
Hi dchoxford,

One of 2 possibilities I can think of:

Does the user have Sent on Behalf of permission for the temp mailbox?

-And-

Did someone add the temp mailbox to a Security Group?

Cheers.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
apcsolutionsukCommented:
ESM->Administrative Groups->First Administrative Group->Servers->[MyServer]->Protocols->SMTP->Default SMTP Virtual Server->Proporties->Access->Authentication->Users and grant Authenticated Users the Relay Permission.


Ok sorry try that
dchoxfordAuthor Commented:
Always the little tucked away thing!  It was the 'send on behalf of' that solved it.  Thanks!
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.