Solved

help me interpret this NDR 5.7.0 smtp 550

Posted on 2009-07-06
17
2,745 Views
Last Modified: 2012-05-07
a user just got an ndr when trying to send an email the ndr looked like this:
The following recipient(s) cannot be reached:

      'recipeint' on 7/6/2009 9:42 AM
            The recipient could not be processed because it would violate the security policy in force
            <mail.mydomain.com #5.7.0 smtp;550 5.7.0 <recipient@xxx.com>... Local Policy Violation>


i have never seen this and can not find any info on this local security policy violation anywhere

my exchange serv is 2003 sp2 running on a server 2003 sp2 standard box. i also have gfi mailessentails and symantec MSMSE 6.0 running on the exchnage server
0
Comment
Question by:cfischer225
  • 8
  • 7
  • 2
17 Comments
 
LVL 6

Expert Comment

by:cmccall
Comment Utility
Is the recipient local to your org or an external recipient?
0
 
LVL 76

Expert Comment

by:Alan Hardisty
Comment Utility
It sounds like a GFI Mailessentials policy problem.  Don't know the product, but it is not a standard Exchange error message.
Can you whitelist the users domain?
Is the sender sending you an attachment that is too big?
Is the subject of the message triggering a policy?
Is there the usual unsubscribe wording in the message body that is triggering a policy?
Basically, check your GFI policies and ask the sender to fax you a copy of the email message in it's entireity so you can work out why it is being rejected.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
Comment Utility
Hold on a minute - GFI and Symantec MSMSE on the same box - two products doing the same job?  That is going to make live very interesting.
Sounds like you are doubling up on your security and this can be a problem.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
Comment Utility
GFI Mail Essentials (Anti-spam Solution for Exchange/SMTP/Lotus):
http://www.gfi.com/mes/?adv=69&loc=392
The most effective way to beat spammers at their game is to use the #1 anti-spam solution, GFI MailEssentials". We have over 80,000 customers, worldwide, and have won over 60 awards.
GFI MailEssentials features not one, but two anti-spam engines to give administrators an ultra high spam capture rate out-of-the-box with minimal configuration. Not only does it have one of the highest spam capture rates in the industry, over 99%, but it is also the market leader for reducing false positives and ships at the best price available.
Symantec Mail Security For Microsoft Exchange:
http://www.symantec.com/business/mail-security-for-microsoft-exchange
Symantec Mail Security 6.0 for Microsoft Exchange provides high-performance, integrated mail protection against virus threats, spam, and security risks while enforcing internal policies on Microsoft Exchange 2000/2003/2007 servers. SMS for Exchange now also supports Windows 2008 in addition to Windows 2000/2003. Symantec Premium AntiSpam subscription can be activated by purchasing a license key to provide best-of-breed spam prevention without additional on-going administration after initial setup.
I would go with one product or the other, but not both - don't know if others agree.  I suspect this may cause you untold problems, not to mention server resource issues.
0
 

Author Comment

by:cfischer225
Comment Utility
the symantec is a message scanner the gfi is anti spam, they do two different jobs, not the same and i have never had a problem before

and the recipient is at an external domain

i just sent another user at the same dmoain an email and it went trough sucessfully.
0
 

Author Comment

by:cfischer225
Comment Utility
let me clarify symantec scans attachments for viruses while gfi is strictly spam
0
 
LVL 6

Accepted Solution

by:
cmccall earned 300 total points
Comment Utility
I believe this is on the recipients side.  Your mail server is returning the message because the other side won't accept it.  It returns that error message.  Most likely recipient filtering on the SPAM filter for the recipient.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
Comment Utility
Okay - if you are happy with both, then I'll keep quiet.
If you are sending though, there is a policy on your server in GFI or Symantec that you are violating.
You need to search through both packages and find the offending rule.
It won't necessarily be the domain, more the content.
0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 

Author Comment

by:cfischer225
Comment Utility
i am going to try and contact thier admin but its a huge company! pfizer.com
0
 
LVL 76

Expert Comment

by:Alan Hardisty
Comment Utility
I think the problem is at your end, not theirs.
Contacting their IT is not going to resolve the problem unless the NDR came from them and the way I am reading it is the NDR came from your own server.  Is this how you read it?
Alan
0
 
LVL 76

Assisted Solution

by:Alan Hardisty
Alan Hardisty earned 200 total points
Comment Utility
Previous EE question suggests it might be a SPF problem:
http://www.experts-exchange.com/Networking/Protocols/Application_Protocols/Email/SMTP/Q_22918488.html
Please check your SPF on www.dnsstuff.com (Domain Report) and check to see if you have one, or if it is incorrectly setup.
0
 

Author Comment

by:cfischer225
Comment Utility
spf looks good:

SPF records should also be published in DNS as type SPF records. This is new and most implementations do not support it yet.
No type SPF records found.

Checking to see if there is a valid SPF record.

Found v=spf1 record for pangaiapartners.com
v=spf1 mx -all

evaluating...
SPF record passed validation test with pySPF (Python SPF library)!
0
 
LVL 76

Expert Comment

by:Alan Hardisty
Comment Utility
Okay - good to rule out.
What about the NDR - is that from your system or external system do you think?
0
 

Author Comment

by:cfischer225
Comment Utility
also reverse dns points back to us.

like i mentioned we can send to other recipients in that domain but just not to this particular one and all i have is the ndr that i posted above plus an event log on the app log of the exch server which basicly gives the same info as the ndr. the ndr also happens within seconds of sending the mail as oppossed to one that sits in the queue for hours before my server generates it, which tells me that the reciveing server is rejecting it for some reason
0
 
LVL 76

Expert Comment

by:Alan Hardisty
Comment Utility
Yes - agreed - was not sure if the NDR was from you or them, but your above comment ahs confirmed.  They are rejecting you.
Have you checked your IP on http://www.mxtoolbox.com/blacklists.aspx - you might be listed and they might be blocking you?
 
0
 

Author Comment

by:cfischer225
Comment Utility
problem solved- the user no longer works at the company
i had my boss give him a ring and his voicemail said he was no longer around. which is wierd because when that is the case you would see an error message stating that user not found, or user not in directory or soemthing to that effect. anyway thanks for the help
0
 

Author Closing Comment

by:cfischer225
Comment Utility
i gave cmccall mor epoints because he looked to the recipient initially
0

Featured Post

Why spend so long doing email signature updates?

Do you spend loads of your time carrying out email signature updates? Not very interesting are they? Don’t let signature updates get you down. Let Exclaimer Cloud - Signatures for Office 365 make managing email signatures a breeze.

Join & Write a Comment

Suggested Solutions

We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
Check out this infographic on what you need to make a good email signature that will work perfectly for your organization.
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now