help me interpret this NDR 5.7.0 smtp 550

a user just got an ndr when trying to send an email the ndr looked like this:
The following recipient(s) cannot be reached:

      'recipeint' on 7/6/2009 9:42 AM
            The recipient could not be processed because it would violate the security policy in force
            <mail.mydomain.com #5.7.0 smtp;550 5.7.0 <recipient@xxx.com>... Local Policy Violation>


i have never seen this and can not find any info on this local security policy violation anywhere

my exchange serv is 2003 sp2 running on a server 2003 sp2 standard box. i also have gfi mailessentails and symantec MSMSE 6.0 running on the exchnage server
cfischer225Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

cmccallCommented:
Is the recipient local to your org or an external recipient?
0
Alan HardistyCo-OwnerCommented:
It sounds like a GFI Mailessentials policy problem.  Don't know the product, but it is not a standard Exchange error message.
Can you whitelist the users domain?
Is the sender sending you an attachment that is too big?
Is the subject of the message triggering a policy?
Is there the usual unsubscribe wording in the message body that is triggering a policy?
Basically, check your GFI policies and ask the sender to fax you a copy of the email message in it's entireity so you can work out why it is being rejected.
0
Alan HardistyCo-OwnerCommented:
Hold on a minute - GFI and Symantec MSMSE on the same box - two products doing the same job?  That is going to make live very interesting.
Sounds like you are doubling up on your security and this can be a problem.
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Alan HardistyCo-OwnerCommented:
GFI Mail Essentials (Anti-spam Solution for Exchange/SMTP/Lotus):
http://www.gfi.com/mes/?adv=69&loc=392
The most effective way to beat spammers at their game is to use the #1 anti-spam solution, GFI MailEssentials". We have over 80,000 customers, worldwide, and have won over 60 awards.
GFI MailEssentials features not one, but two anti-spam engines to give administrators an ultra high spam capture rate out-of-the-box with minimal configuration. Not only does it have one of the highest spam capture rates in the industry, over 99%, but it is also the market leader for reducing false positives and ships at the best price available.
Symantec Mail Security For Microsoft Exchange:
http://www.symantec.com/business/mail-security-for-microsoft-exchange
Symantec Mail Security 6.0 for Microsoft Exchange provides high-performance, integrated mail protection against virus threats, spam, and security risks while enforcing internal policies on Microsoft Exchange 2000/2003/2007 servers. SMS for Exchange now also supports Windows 2008 in addition to Windows 2000/2003. Symantec Premium AntiSpam subscription can be activated by purchasing a license key to provide best-of-breed spam prevention without additional on-going administration after initial setup.
I would go with one product or the other, but not both - don't know if others agree.  I suspect this may cause you untold problems, not to mention server resource issues.
0
cfischer225Author Commented:
the symantec is a message scanner the gfi is anti spam, they do two different jobs, not the same and i have never had a problem before

and the recipient is at an external domain

i just sent another user at the same dmoain an email and it went trough sucessfully.
0
cfischer225Author Commented:
let me clarify symantec scans attachments for viruses while gfi is strictly spam
0
cmccallCommented:
I believe this is on the recipients side.  Your mail server is returning the message because the other side won't accept it.  It returns that error message.  Most likely recipient filtering on the SPAM filter for the recipient.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Alan HardistyCo-OwnerCommented:
Okay - if you are happy with both, then I'll keep quiet.
If you are sending though, there is a policy on your server in GFI or Symantec that you are violating.
You need to search through both packages and find the offending rule.
It won't necessarily be the domain, more the content.
0
cfischer225Author Commented:
i am going to try and contact thier admin but its a huge company! pfizer.com
0
Alan HardistyCo-OwnerCommented:
I think the problem is at your end, not theirs.
Contacting their IT is not going to resolve the problem unless the NDR came from them and the way I am reading it is the NDR came from your own server.  Is this how you read it?
Alan
0
Alan HardistyCo-OwnerCommented:
Previous EE question suggests it might be a SPF problem:
http://www.experts-exchange.com/Networking/Protocols/Application_Protocols/Email/SMTP/Q_22918488.html
Please check your SPF on www.dnsstuff.com (Domain Report) and check to see if you have one, or if it is incorrectly setup.
0
cfischer225Author Commented:
spf looks good:

SPF records should also be published in DNS as type SPF records. This is new and most implementations do not support it yet.
No type SPF records found.

Checking to see if there is a valid SPF record.

Found v=spf1 record for pangaiapartners.com
v=spf1 mx -all

evaluating...
SPF record passed validation test with pySPF (Python SPF library)!
0
Alan HardistyCo-OwnerCommented:
Okay - good to rule out.
What about the NDR - is that from your system or external system do you think?
0
cfischer225Author Commented:
also reverse dns points back to us.

like i mentioned we can send to other recipients in that domain but just not to this particular one and all i have is the ndr that i posted above plus an event log on the app log of the exch server which basicly gives the same info as the ndr. the ndr also happens within seconds of sending the mail as oppossed to one that sits in the queue for hours before my server generates it, which tells me that the reciveing server is rejecting it for some reason
0
Alan HardistyCo-OwnerCommented:
Yes - agreed - was not sure if the NDR was from you or them, but your above comment ahs confirmed.  They are rejecting you.
Have you checked your IP on http://www.mxtoolbox.com/blacklists.aspx - you might be listed and they might be blocking you?
 
0
cfischer225Author Commented:
problem solved- the user no longer works at the company
i had my boss give him a ring and his voicemail said he was no longer around. which is wierd because when that is the case you would see an error message stating that user not found, or user not in directory or soemthing to that effect. anyway thanks for the help
0
cfischer225Author Commented:
i gave cmccall mor epoints because he looked to the recipient initially
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.