[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1390
  • Last Modified:

New users can't recieve email from outside the organisation. Exchange 2007.

We have a situation where new mail users can be created within Exchange but cannot receive messages sent to them from outside the organisation. These same addresses work fine internally and can send email to the outside without any problems.

The issue also applies to mail aliases placed on users who have working exchange accounts. Messages sent to their alias from outside the organisation bounce back

External senders receive a similar error to the one below when sending too the new users/aliases:

Delivery to the following recipient failed permanently:

    new.user@problemdomain.com

Technical details of permanent failure:
Google tried to deliver your message, but it was rejected by the recipient domain. We recommend contacting the other email provider for further information about the cause of this error. The error that the other server returned was: 550 550 Previous (cached) callout verification failure (state 14).



Running a verification test on network-tools.com produces the following:

[Contacting mail.problemdomain.com [123.456.789.123]...]
[Connected]
220 mail.problemdomain.com incoming mail service ESMTP Wed, 25 Aug 2010 11:20:48 +1200
EHLO Network-Tools.com
250-mail.problemdomain.com Hello gateway2.network-tools.com [67.222.132.194]
250-SIZE 52428800
250-PIPELINING
250 HELP
VRFY new.user
252 Administrative prohibition
RSET
250 Reset OK
EXPN new.user
550 Administrative prohibition
RSET
250 Reset OK
MAIL FROM:<admin@Network-Tools.com>
250 OK
RCPT TO:<new.user@problemdomain.com>
550-Callout verification failed:
550 550 Unrouteable address
[Address has been rejected]
RSET
250 Reset OK
QUIT
221 MAIL.problemdomain.com closing connection
[Connection closed]


Additional information - I personally don't know when this began or how long this may have been happening for as I've just taken over on this. I suspect it has something to do with the recipient update policy, however the account in question, I understand, has been around for two weeks already.
0
Steve McAuliffe
Asked:
Steve McAuliffe
3 Solutions
 
Alan HardistyCo-OwnerCommented:
Do yo have a 3rd party receiving your emails before they pass them on to you or do you receive them directly?
Do you have a device such as a Barracuda appliance before your Exchage Server?
If yes - then the device / 3rd party needs to be updated with the new email address.
If no - I'll think up plan B!
0
 
grifs71Commented:
This is a domain verification error, verify the dns is setup correctly and the configuration is correct.
0
 
Alan HardistyCo-OwnerCommented:
Also - check to see if you have Anonymous Access allowed on your default receive connector, Permission Groups.
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
Steve McAuliffeAuthor Commented:
Thanks guys for the fast response.

@Alan - I don't believe they have an email appliance or are routing through a 3rd party

@grifs - If it was a DNS issue would it not be broken for the entire organisation? The network-tools verification would suggested the message is being rejected by the exchange server.
0
 
Alan HardistyCo-OwnerCommented:
Any thoughts on my last comment (heading to bed shortly)?
Alan
0
 
Alan HardistyCo-OwnerCommented:
The alternative is anti-spam software not configured correctly and it is blocking it.
0
 
Steve McAuliffeAuthor Commented:
Anon access is enabled on the default receive connector

Anti spam is a possibility, however other outside senders have sent messages to other users at problemdomain.com without being blocked. It only appears to be happening for new users
0
 
Alan HardistyCo-OwnerCommented:
Okay - please open Exchange Management Console> Recipient Configuration> Mailbox> New User> Properties> Mail Flow Settings> Message Delivery Restrictions> Properties.
Is Require that all senders are authenticated ticked?  If so - it shouldn't be.  Also check Accept Messages from is set to All senders and Reject is set to No Senders.
0
 
Steve McAuliffeAuthor Commented:
All of those settings which you have detailed above appear to be already correct.
0
 
Malli BoppeCommented:
I have seen this issue with Anti spam software like Mail marshall where you need to add the user/email address in the mail marshall to accept the emails.
0
 
Steve McAuliffeAuthor Commented:
This site has Forefront server security installed. I have gone through the four main tabs but can't see anything relating to blocking recipients
0
 
Alan HardistyCo-OwnerCommented:
To save speculation and time - can you please either post your domain name (which I will obscure / delete for you or drop me an email to alan @ it-eye.co.uk).
This will hopefully make it much easier to resolve.
Many thanks
Alan
0
 
Steve McAuliffeAuthor Commented:
It turns out there was another level of security around their email which required manually allowing new user accounts to be received. Thanks all for your input.
0
 
Steve McAuliffeAuthor Commented:
There was another level of email security in place which we weren't previously aware of.
0
 
Alan HardistyCo-OwnerCommented:
What exactly did you have in place that needed tweaking?
Always good to know for future questions.
Thanks
Alan
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now