?
Solved

#5.7.0 smtp;530 5.7.0 Must issue a STARTTLS command first

Posted on 2009-02-10
8
Medium Priority
?
2,391 Views
Last Modified: 2012-05-06
Hi Experts,

A user tries to send an email to user@amgen.com and receives an NDR. I sent a test mail using user's mailbox and the external user confirms that he received that email. I've checked at my server end and we are not using TLS settings.
Below is the NDR:

From: System Administrator
Sent: Monday, February 09, 2009 8:39 AM
To: dcharest@amgen.com
Subject: Undeliverable: heavy rain

Your message did not reach some or all of the intended recipients.

Subject:  heavy rain
Sent:     2/9/2009 8:39 AM
The following recipient(s) could not be reached:
    dcharest@amgen.com on 2/9/2009 8:39 AM
The recipient could not be processed because it would violate the security policy in force
<Mailbox_server_name.test.com> #5.7.0 smtp;530 5.7.0 Must issue a STARTTLS command first>

Environment: Exchange 2003+SP2.

Any help is highly appreciable.
0
Comment
Question by:anupam1983
  • 3
  • 3
  • 2
8 Comments
 
LVL 11

Expert Comment

by:sandeep_narkhede
ID: 23602719
could you review following articles & see if they apply you?

http://support.microsoft.com/default.aspx/kb/329061

0
 

Author Comment

by:anupam1983
ID: 23603093
Thanks Sandeep, I'll go thru it right now...
0
 
LVL 65

Expert Comment

by:Mestha
ID: 23605703
If I saw that error I would put the blame on the recipient's side.
Exchange 2003 doesn't do opportunist TLS, it is either on or off. As long as you don't have an SMTP connector for that domain that is using TLS, the remote server for some reason has tried to use TLS.

-M
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 

Author Comment

by:anupam1983
ID: 23612574
Hi Guys,

We've a separate secured SMTP connector for that domain who is using TLS. I now understood that the problem is there at recipint's domain. But as this is an intermittent problem, so could you suggest me is it possible to trace their server configuration from our end? If I get the proof of the misconfiguration at recipient's domain, then it'll be easier for me to have a solid proof. OR what step do you suggest me to take after this?

Thank you so very much for your input.

Regards,
Anupam

0
 
LVL 11

Assisted Solution

by:sandeep_narkhede
sandeep_narkhede earned 800 total points
ID: 23612635
collect a netmon when you face the problem. you will notice that the recieving server issues a StartTLS command.
0
 
LVL 65

Accepted Solution

by:
Mestha earned 1200 total points
ID: 23612680
If you have a connector for that domain that wants to use TLS, then every server that receives email for that domain must support TLS. I would suspect that one of them does not. SMTP logs may show you which IP address the connection was made to, but that is about it.

-M
0
 

Author Comment

by:anupam1983
ID: 23615112
Hi Mestha,

"If you have a connector for that domain that wants to use TLS, then every server that receives email for that domain must support TLS."

I may sound STUPID, but stll dying to know How I can come to know that a particular Exchange server is supporting TLS?

Thanks,
Anupam
0
 
LVL 65

Expert Comment

by:Mestha
ID: 23617560
You mean for inbound email?
When the you telnet to port 25 and issue a ehlo, one of the commands returned in the list should be STARTTLS.

-M
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The main intent of this article is to make you aware of ‘Exchange fail to mount’ error, its effects, causes, and solution.
Eseutil Hard Recovery is part of exchange tool and ensures Exchange mailbox data recovery when mailbox gets corrupt due to some problem on Exchange server.
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
Suggested Courses
Course of the Month17 days, 10 hours left to enroll

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question