Solved

New users can't recieve email from outside the organisation. Exchange 2007.

Posted on 2010-08-24
15
1,309 Views
Last Modified: 2012-05-10
We have a situation where new mail users can be created within Exchange but cannot receive messages sent to them from outside the organisation. These same addresses work fine internally and can send email to the outside without any problems.

The issue also applies to mail aliases placed on users who have working exchange accounts. Messages sent to their alias from outside the organisation bounce back

External senders receive a similar error to the one below when sending too the new users/aliases:

Delivery to the following recipient failed permanently:

    new.user@problemdomain.com

Technical details of permanent failure:
Google tried to deliver your message, but it was rejected by the recipient domain. We recommend contacting the other email provider for further information about the cause of this error. The error that the other server returned was: 550 550 Previous (cached) callout verification failure (state 14).



Running a verification test on network-tools.com produces the following:

[Contacting mail.problemdomain.com [123.456.789.123]...]
[Connected]
220 mail.problemdomain.com incoming mail service ESMTP Wed, 25 Aug 2010 11:20:48 +1200
EHLO Network-Tools.com
250-mail.problemdomain.com Hello gateway2.network-tools.com [67.222.132.194]
250-SIZE 52428800
250-PIPELINING
250 HELP
VRFY new.user
252 Administrative prohibition
RSET
250 Reset OK
EXPN new.user
550 Administrative prohibition
RSET
250 Reset OK
MAIL FROM:<admin@Network-Tools.com>
250 OK
RCPT TO:<new.user@problemdomain.com>
550-Callout verification failed:
550 550 Unrouteable address
[Address has been rejected]
RSET
250 Reset OK
QUIT
221 MAIL.problemdomain.com closing connection
[Connection closed]


Additional information - I personally don't know when this began or how long this may have been happening for as I've just taken over on this. I suspect it has something to do with the recipient update policy, however the account in question, I understand, has been around for two weeks already.
0
Comment
Question by:Steve McAuliffe
15 Comments
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 334 total points
Comment Utility
Do yo have a 3rd party receiving your emails before they pass them on to you or do you receive them directly?
Do you have a device such as a Barracuda appliance before your Exchage Server?
If yes - then the device / 3rd party needs to be updated with the new email address.
If no - I'll think up plan B!
0
 

Expert Comment

by:grifs71
Comment Utility
This is a domain verification error, verify the dns is setup correctly and the configuration is correct.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
Comment Utility
Also - check to see if you have Anonymous Access allowed on your default receive connector, Permission Groups.
0
 

Author Comment

by:Steve McAuliffe
Comment Utility
Thanks guys for the fast response.

@Alan - I don't believe they have an email appliance or are routing through a 3rd party

@grifs - If it was a DNS issue would it not be broken for the entire organisation? The network-tools verification would suggested the message is being rejected by the exchange server.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
Comment Utility
Any thoughts on my last comment (heading to bed shortly)?
Alan
0
 
LVL 76

Assisted Solution

by:Alan Hardisty
Alan Hardisty earned 334 total points
Comment Utility
The alternative is anti-spam software not configured correctly and it is blocking it.
0
 

Author Comment

by:Steve McAuliffe
Comment Utility
Anon access is enabled on the default receive connector

Anti spam is a possibility, however other outside senders have sent messages to other users at problemdomain.com without being blocked. It only appears to be happening for new users
0
Want to promote your upcoming event?

Are you going to an event? Are you going to be exhibiting at a tradeshow? Talking at a conference? Using a promotional banner in your email signature ensures that your organization’s most important contacts stay in the know and can potentially spread the word about the event.

 
LVL 76

Expert Comment

by:Alan Hardisty
Comment Utility
Okay - please open Exchange Management Console> Recipient Configuration> Mailbox> New User> Properties> Mail Flow Settings> Message Delivery Restrictions> Properties.
Is Require that all senders are authenticated ticked?  If so - it shouldn't be.  Also check Accept Messages from is set to All senders and Reject is set to No Senders.
0
 

Author Comment

by:Steve McAuliffe
Comment Utility
All of those settings which you have detailed above appear to be already correct.
0
 
LVL 23

Assisted Solution

by:Malli Boppe
Malli Boppe earned 166 total points
Comment Utility
I have seen this issue with Anti spam software like Mail marshall where you need to add the user/email address in the mail marshall to accept the emails.
0
 

Author Comment

by:Steve McAuliffe
Comment Utility
This site has Forefront server security installed. I have gone through the four main tabs but can't see anything relating to blocking recipients
0
 
LVL 76

Expert Comment

by:Alan Hardisty
Comment Utility
To save speculation and time - can you please either post your domain name (which I will obscure / delete for you or drop me an email to alan @ it-eye.co.uk).
This will hopefully make it much easier to resolve.
Many thanks
Alan
0
 

Author Comment

by:Steve McAuliffe
Comment Utility
It turns out there was another level of security around their email which required manually allowing new user accounts to be received. Thanks all for your input.
0
 

Author Closing Comment

by:Steve McAuliffe
Comment Utility
There was another level of email security in place which we weren't previously aware of.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
Comment Utility
What exactly did you have in place that needed tweaking?
Always good to know for future questions.
Thanks
Alan
0

Featured Post

Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Junk folder 23 107
Import Cert issue 15 39
exchange 2013 2 31
exchange 2 30
Local Continuous Replication is a cost effective and quick way of backing up Exchange server data. The following article describes the steps required to configure Local Continuous Replication. Also, the article tells you how to restore from a backup…
Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
In this video we show how to create a User Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Mailb…
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now