SMTP Communication Problem

We are running Echange 2003 on SBS 2003. Recently some of my clients started to receive bouncebacks from valid email addresses. I have done a lot of research but still can't find a proper solution. Below are some of the bounces. Some users connect remotely via VPN while others are sending emails from inside the network. Not sure what is the issue with this authentication / relay as no configuration changes have been made. Any idea? The bounces are generated by our mail server and from what I see they're not even sent via SMTP - just routed and then a NDR is generated. Usually you can re-send sucessfully same email next day or from another account. it happens randomly and affects many users.

There was a SMTP communication problem with the recipient's email server.  Please contact your system administrator.
            < #5.5.0 smtp;530 SMTP authentication is required.>

You do not have permission to send to this recipient.  For assistance, contact your system administrator.
            < #5.7.1 smtp;550 5.7.1 Relaying denied. Proper authentication required.>
There was a SMTP communication problem with the recipient's email server.  Please contact your system administrator.

            < #5.5.0 smtp;503 This mail server requires authentication when attempting to send to a non-local e-mail address. Please check your mail client settings or contact your administrator to verify that the domain or address is defined for this server.>
Who is Participating?
SevercorrConnect With a Mentor Commented:
I would recommend downloading SMTPDIAG from Microsoft's website for troubleshooting SMTP issues.

This sounds like a DNS issue to me. Many clients will reject email if the reverse dns does match up correctly. We have ran into problems because we send all of our outgoing mail through an Ironport device.

Most companies just check to see if a Reverse DNS record is exists, but others places run very finicky SPAM software that has stricter requirements on reverse DNS records.
Make sure you do not have require authentication on your smtp setting within System manager.

In the NDR reports you are getting, are these mentioning different servers?  Are you sending out mail via a smart host (i.e, ISP mail server, spam appliance), or directly via DNS lookups?

It is possible that there is a misconfiguration on the remote SMTP system at "their end", especially if you are able to reach other destinations ok.

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Are your clients using POP?

Also make sure you do not have a range of IP's being denied relaying with in the SMTP settting.

CozumelAuthor Commented:
1. Regarding the Do Not  Require Authentication - not sure which exactly option you refer to - we have Windows integrated authentication for the internal users and also Anonimous Access for the other mail servers (outside our organization).

2. NDR reports - the server is all the same on all reports - this is our mail server; We send emails via DNS. Not sure if the problem is on the remote side as this happens when we send to different domains - sometimes it sends while other times it bounces - then later it re-sents fine, but not always, so weird...

3. We don't use POP. All Outlook accounts are configured with GPO to use Exchange.

Relaying Restrictions - I have checked those many times right now we have two options:
Select which computer may relay through this server - ONLY THE LIST BELOW is checked and we have added a list of servers; the option is Allow all computers which successfully authenticate to relay regardless of the list above - we tried both with checkin/unchecking this option - but no result.
Under Users sub-tab in the Relay Restriction tab - we have Authenticated Users

So what could be causing the problem? Where else shall I check? Our mail server is not blacklisted, MX record is okay, DNS lookup is okay...

By the way the server is quite old and we plan to replace it - right now the mailbox store is almost reaching its maximum - is it possible this to be due to performance issues or it's definitely a configuration problem?
It could be a performance issue. How clsoe is the store to it's limit?

What has changed since this started happening?
mickeyfanConnect With a Mentor Commented:
I would also check
CozumelAuthor Commented:
thanks for all suggestions

We performed an offline defrag and significantly reduced the size of the mailbox store though we still get thouse bounces.

Also I've checked with our ISP provider who provision our DNS and they said all is fine. Using dnsstuff and mxtoolbox - all seemed fine.

Now there's only one thing I've noticed - at certain moments we have high utilization of the netowork usage - AT&T suggested that might be causing the issue - there are few peaks but they are so random - for few minutes during the whole week so I am not sure.

Anyway - if you guys have any other suggestions where could be the source of the problem - let me know.
CozumelAuthor Commented:
The problem was caused by the AntiSpam firewall. Our MX record was pointing to the IP of the Antispam firewall, while our outgoing mail was sent directly from the server. Obviously some of the recipients didn't like the idea that our mail server resolving to a different address. The solution was to relay the otugoing emails through the Antispam firewall as well.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.