asked on Exchange 2003 NDR message: You do not have permission to send to this recipient
Hi,
I have a vendor that seems sometimes seems to be getting this messages when they send emails to our email servers.
We have an Exchange 2003 Server and we use Postini for inbound/spam filter.
User1@mydomain.com is the user that we hos in our Exchange ORG.
This is the email that they get when the message is bounced back.
--------------------------
Your message did not reach some or all of the intended recipients. Subject: RE: commercial Sent: 3/15/2012 11:05 AM The following recipient(s) could not be reached:
user1@mydomain.com on 3/15/2012 11:05 AM
You do not have permission to send to this recipient. For assistance, contact your system administrator.
<mail.ocrra.org #5.7.1 smtp;550 5.7.1 Requested action not taken: message refused>
--------------------------
We are missing emails becuase of this problem. Could someone please help me out to troubleshoot?
Thank you
I have a vendor that seems sometimes seems to be getting this messages when they send emails to our email servers.
We have an Exchange 2003 Server and we use Postini for inbound/spam filter.
User1@mydomain.com is the user that we hos in our Exchange ORG.
This is the email that they get when the message is bounced back.
--------------------------
Your message did not reach some or all of the intended recipients. Subject: RE: commercial Sent: 3/15/2012 11:05 AM The following recipient(s) could not be reached:
user1@mydomain.com on 3/15/2012 11:05 AM
You do not have permission to send to this recipient. For assistance, contact your system administrator.
<mail.ocrra.org #5.7.1 smtp;550 5.7.1 Requested action not taken: message refused>
--------------------------
We are missing emails becuase of this problem. Could someone please help me out to troubleshoot?
Thank you
ExchangeEmail Servers
Last Comment
Suraj
Have you tried changing your settings so the above reasons would be false?
The one that hits me is:
Our FQDN is exchange.domain.local
Some of us do reverse lookups on email and if it fails so does the email.... ie you send me an email and my server can't lookup exchange.domain.local then it is generally considered spam.
Anonymous access to the SMTP virtual servers is disabled. = In our case is enabled - could be used to send out unwanted emails.
Personally I would give the Exchange best Practices Tool a run and see if anything screams at you.
The one that hits me is:
Our FQDN is exchange.domain.local
Some of us do reverse lookups on email and if it fails so does the email.... ie you send me an email and my server can't lookup exchange.domain.local then it is generally considered spam.
Anonymous access to the SMTP virtual servers is disabled. = In our case is enabled - could be used to send out unwanted emails.
Personally I would give the Exchange best Practices Tool a run and see if anything screams at you.
ASKER
The .local is just the name internally. The SMTP/Delivery/Advanced/FQD
This is intermitent only happening sometimes, but sometimes the emails are bounced back to the senders with "message refused"
How can I see where, how and why is my server refusing the messages?
This is intermitent only happening sometimes, but sometimes the emails are bounced back to the senders with "message refused"
How can I see where, how and why is my server refusing the messages?
User from different organization is sending an email to a user 'user1@yourdomain.com' and the outside user is getting an NDR that u specified.
Have u checked the 'email address' tab in the properties of user? It should hav an SMTP address like user1@yourdomain.com, if u hav something that ends with .local then u need to chk Recipient policies
Have u checked the 'email address' tab in the properties of user? It should hav an SMTP address like user1@yourdomain.com, if u hav something that ends with .local then u need to chk Recipient policies
Two ways you try troubleshooting this. You can use smtpdiag
http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=11393
The other thing you can try is in ESM under Tools is Message tracking
basically fill in the blanks and see where is shows it failed at (you don't nessacerily need the message ID) normally just the from to and the server.
http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=11393
The other thing you can try is in ESM under Tools is Message tracking
basically fill in the blanks and see where is shows it failed at (you don't nessacerily need the message ID) normally just the from to and the server.
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
Hi,
I have already seen that post at the MS forums.
Yes we do have Symantec. I have done some research and found an interesting article:
http://www.conetrix.com/Blog/post/Postini-Quarantine-Summary-Email-Blocked-by-Internal-Spam-Filter.aspx
We also use Postini Services and we have been missing some of the daily quarantine reports. Postini Tech support says that the messages were rejected in our end.
At the same time some users are getting this message intermittently, what is interesting is that they can send the same message later in the day and the message will go through with no problems.
I think this whole situation might be related to Symantec Mail Security.
My next steps is going to be disable all the Symantec Mail Security services on the server and monitor the delivery of messages.
If this is the problem I can whitelist the address for the postini quarantine but I don't know what I am going to do with the other emails that are blocked.
Any suggestions?
I have already seen that post at the MS forums.
Yes we do have Symantec. I have done some research and found an interesting article:
http://www.conetrix.com/Blog/post/Postini-Quarantine-Summary-Email-Blocked-by-Internal-Spam-Filter.aspx
We also use Postini Services and we have been missing some of the daily quarantine reports. Postini Tech support says that the messages were rejected in our end.
At the same time some users are getting this message intermittently, what is interesting is that they can send the same message later in the day and the message will go through with no problems.
I think this whole situation might be related to Symantec Mail Security.
My next steps is going to be disable all the Symantec Mail Security services on the server and monitor the delivery of messages.
If this is the problem I can whitelist the address for the postini quarantine but I don't know what I am going to do with the other emails that are blocked.
Any suggestions?
I agree to you. You may need to reboot the server once you disable it.
I have seen several similar issues with symantec. Thats why i asked you directly if you have Symantec or not.
Also disable it from registry.. HKLM\CCS\SERVICES\MSExchan
put - proactive scan to 0
back ground scan to 0
and Enabled to 0
I have seen several similar issues with symantec. Thats why i asked you directly if you have Symantec or not.
Also disable it from registry.. HKLM\CCS\SERVICES\MSExchan
put - proactive scan to 0
back ground scan to 0
and Enabled to 0
The only thing that I am getting is that through DNSSTUFF then SPF test returns "permerror"
http://support.microsoft.com/kb/895853
Error code 5.7.1 may occur if one or more of the following conditions are true:
•The sender of the message does not have the privileges that are required to complete delivery. = The sender has been able to send to this particular email address before, sometimes the emails go and sometimes they just fail.
•You try to relay your mail by using a second server, and the second server does not let you relay mail. The remote server returns a 5.7.1 error code. = We only have a single SMTP server (cluster resource)
•You do not have a recipient policy configured for the domain to which the message is sent. = We don't
•The recipient has mailbox delivery restrictions enabled. For example, the recipient's mailbox delivery restriction is configured to only receive mail from a specified list. Other mail is rejected. = No restrictions
•A distribution list is configured to restrict mail delivery to messages from authenticated users. Mail that is sent from an anonymous session is rejected. = No distribution list is configured.
•Your Exchange computer is on an unsolicited commercial e-mail list. Your Exchange computer may be listed as an open relay. = We have checked DNSSTUFF and we are not, the RBL test seems ok.
•The fully qualified domain name (FQDN) name of your Exchange computer ends with ".Local". - Our FQDN is exchange.domain.local
•The Allow all computers which successfully authenticate to relay, regardless of the list above check box is not selected on the SMTP virtual server.
•Anonymous access to the SMTP virtual servers is disabled. = In our case is enabled