?
Solved

Internal exchange email "You do not have permission to send to this recepient"

Posted on 2008-11-06
5
Medium Priority
?
336 Views
Last Modified: 2012-05-05
I know there are a couple of threads about this issue, but no-one seems to have a bullet-proof answer.

In our exchange setup we have an account intended to be used by temps as a single email address point - ie it is job based not person based.  When a temp arrives they are given their own AD & Exchange accounts to access the network, and permissions are given for them to have full access to the job email account.  Their outlook profile is setup so that the job exchange account is the primary account, and their personal email address is opened as an 'additional mailbox'.

Our current temp can not send from the job email account - internally or externally.  There are no logs in exchange for the job account having sent the email and the error message is sent to the temp's personal inbox.  Copy of the full text of the message below:
========================================================
From:       System Administrator  
Sent:      06 November 2008 11:04
To:      Temp
Subject:      Undeliverable: RE: Permissions

Your message did not reach some or all of the intended recipients.

      Subject:      RE: Permissions
      Sent:      06/11/2008 11:04

The following recipient(s) could not be reached:

      IT Support on 06/11/2008 11:04
            You do not have permission to send to this recipient.  For assistance, contact your system administrator.
            MSEXCH:MSExchangeIS:/DC=local/DC=domain:SERVER
================================================

There are no error codes in the message.  We use this setup elsewhere in the organisation quite sucessfully and so far as I can see by making comparisons - permissions are correct.  If anyone can shed any light or suggest where else to look it would be much appreciated.

Thanks
0
Comment
Question by:dchoxford
  • 2
  • 2
5 Comments
 
LVL 4

Expert Comment

by:apcsolutionsuk
ID: 22893974
Here's the solution:

Contact your ISP and let them have it.  I just built my Exchange server a week or two ago, and just got 3 mails kicked back as "not having permission to send" etc.  I contacted my outgoing SMTP ISP, and they (like most) have a 1000 mail limit.  Now, I know what you're gonna say "37 people sending 1000 mails in 24 hours? that's impossible!"  It is, but I find out spam can actually generate from your server to recipents on your server or outside.

Just as a test, go to Message Tracking and search all mails from midnight one day to 11:59:59pm the next day and see if you have a lot of outgoing spam.

Make sure your SPF record is correct (mine is now)
Make sure you have reverse DNS in place (i always did)
Make sure you have good anti-spam software (GFI is awesome but it didn't help me here)
And it never hurts to contact the hosts that kicked your mail back (mine was yahoo).  They like to blacklist us small, newborn Exchange orgs.  You can have them un-do it with a simple phone call.
and it's always good to find an SMTP provider that doesn't have this 24hour flagging limit garbage.  let me know if you have one i can switch to ;)  Might I not suggest smtp-server.nc.rr.com
0
 

Author Comment

by:dchoxford
ID: 22893988
Thanks for the fast response, but surely this wouldn't affect internal emails? - which are also a problem.  they won't be sent externally, they surely should be delivered direct.
0
 
LVL 16

Accepted Solution

by:
JoWickerman earned 2000 total points
ID: 22893994
Hi dchoxford,

One of 2 possibilities I can think of:

Does the user have Sent on Behalf of permission for the temp mailbox?

-And-

Did someone add the temp mailbox to a Security Group?

Cheers.
0
 
LVL 4

Expert Comment

by:apcsolutionsuk
ID: 22894077
ESM->Administrative Groups->First Administrative Group->Servers->[MyServer]->Protocols->SMTP->Default SMTP Virtual Server->Proporties->Access->Authentication->Users and grant Authenticated Users the Relay Permission.


Ok sorry try that
0
 

Author Closing Comment

by:dchoxford
ID: 31513857
Always the little tucked away thing!  It was the 'send on behalf of' that solved it.  Thanks!
0

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If something goes wrong with Exchange, your IT resources are in trouble.All Exchange server migration processes are not designed to be identical and though migrating email from on-premises Exchange mailbox to Cloud’s Office 365 is relatively simple…
In this post, I will showcase the steps for how to create groups in Office 365. Office 365 groups allow for ease of flexibility and collaboration between staff members.
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Suggested Courses
Course of the Month14 days, 18 hours left to enroll

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question