rogerb_tx
asked on
Exchange 2013 refusing inbound messages 571 Delivery not authorized, message refused.
Have a client with a formerly working fine Exchange 2013 server. Monday it decided to start refusing "some" mail. Nobody (to my knowledge) changed anything.
Symptoms.
1) Mail is rejected with the "571 Delivery not authorized, message refused" message.
2) Server does accept some mail from the internet.
3) I can send original messages to them and receive messages from them, but cannot reply to a message sent to my domain. Get the above message.
4) manual smtp sessions via telnet seem to work.
5) only error I can find in the Frontend log file is sessions that fail end with a "Remote(socketerror).
I disabled the maiware processing via MS script.
any idea appreciated,
rogerb_tx
Symptoms.
1) Mail is rejected with the "571 Delivery not authorized, message refused" message.
2) Server does accept some mail from the internet.
3) I can send original messages to them and receive messages from them, but cannot reply to a message sent to my domain. Get the above message.
4) manual smtp sessions via telnet seem to work.
5) only error I can find in the Frontend log file is sessions that fail end with a "Remote(socketerror).
I disabled the maiware processing via MS script.
any idea appreciated,
rogerb_tx
ASKER
Thanks for the response. I'll post exact error messages when I get to the office although frankly there isn't a lot of information in them and yes I do know how to read them.
It does not appear to be a relay issue. It also appears to only happen on "reply" messages. As I stated I can send original messages to the server but cannot reply to a message from the server. thought it might have had something to do with the reply address format, checked that....
There is no intermediary MX or server. The MX has one server defined in it.
I also thought it might be the malware processing and ran the MS provided script to turn it off. However, if you look at the malware settings from EAC the default rule still shows enabled. so I really don't know if it's on or not?
I don't think the problem is external to the exchange server as I can see the message go through the firewall and to the exchange server. I also watched the traffic via wireshark; the exchange server gets to a place in the smtp conversation and then sends a reset,ack. So the problem IS actively the Exchange server.
thx
rogerb_tx
It does not appear to be a relay issue. It also appears to only happen on "reply" messages. As I stated I can send original messages to the server but cannot reply to a message from the server. thought it might have had something to do with the reply address format, checked that....
There is no intermediary MX or server. The MX has one server defined in it.
I also thought it might be the malware processing and ran the MS provided script to turn it off. However, if you look at the malware settings from EAC the default rule still shows enabled. so I really don't know if it's on or not?
I don't think the problem is external to the exchange server as I can see the message go through the firewall and to the exchange server. I also watched the traffic via wireshark; the exchange server gets to a place in the smtp conversation and then sends a reset,ack. So the problem IS actively the Exchange server.
thx
rogerb_tx
Hello,
Did you check Transport rules ?
This error can also occur if an Exchange 2010 transport rule rejects a message because the message matched conditions that are configured on the transport rule.
Regards
Did you check Transport rules ?
This error can also occur if an Exchange 2010 transport rule rejects a message because the message matched conditions that are configured on the transport rule.
Regards
ASKER
This is Exchange 2013. It is a new product for me. But as far as I can tell there are no transport rules. Also, this server worked fine until last Friday, it's been up two months.
thx again
rogerb_tx
thx again
rogerb_tx
ASKER
requested error message on reply message.
Delivery has failed to these recipients or distribution lists:
xxuserxx
An error occurred while trying to deliver this message to the recipient's e-mail address. Microsoft Exchange will not try to redeliver this message
for you. Please try resending this message, or provide the following diagnostic text to your system administrator.
The following organization rejected your message: Requested.
_____
Sent by Microsoft Exchange Server 2007
Diagnostic information for administrators:
Generating server: myserver.mydomain.local
xxuserxx@clientdomain.com
Requested #571 Delivery not authorized, message refused ##
Original message headers:
Received: from myserver.mydomain.local ([fe80::4152:8bf0:2dbc:4a3 1]) by
myserver.mydomain.local ([fe80::4152:8bf0:2dbc:4a3 1%10]) with mapi; Wed, 2 Oct
2013 11:34:08 -0500
From: firstname lastname <firstname.lastname@mydoma in.com>
To: firstname lastname <firstnamelastname@clientd omain.com>
Date: Wed, 2 Oct 2013 11:34:07 -0500
Subject: RE: Email update
Thread-Topic: Email update
Thread-Index: Ac6/b+e+O7YHAh62Sgi2SX1Xho Zm9AAHUrDQ
Message-ID: <28904226D092564CAE18852C9 6544E1B02D 2C70D53F1@ myserver.m ydomain.lo cal>
References: <de2cff19b8194f8b8c29245f6 027c120@cs erver.cdom ain.local>
In-Reply-To: <de2cff19b8194f8b8c29245f6 027c120@cs erver.cdom ain.local>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: multipart/alternative;
boundary="_000_28904226D09 2564CAE188 52C96544E1 B02D2C70D5 3F1SICAPSR V1si_"
MIME-Version: 1.0
Delivery has failed to these recipients or distribution lists:
xxuserxx
An error occurred while trying to deliver this message to the recipient's e-mail address. Microsoft Exchange will not try to redeliver this message
for you. Please try resending this message, or provide the following diagnostic text to your system administrator.
The following organization rejected your message: Requested.
_____
Sent by Microsoft Exchange Server 2007
Diagnostic information for administrators:
Generating server: myserver.mydomain.local
xxuserxx@clientdomain.com
Requested #571 Delivery not authorized, message refused ##
Original message headers:
Received: from myserver.mydomain.local ([fe80::4152:8bf0:2dbc:4a3
myserver.mydomain.local ([fe80::4152:8bf0:2dbc:4a3
2013 11:34:08 -0500
From: firstname lastname <firstname.lastname@mydoma
To: firstname lastname <firstnamelastname@clientd
Date: Wed, 2 Oct 2013 11:34:07 -0500
Subject: RE: Email update
Thread-Topic: Email update
Thread-Index: Ac6/b+e+O7YHAh62Sgi2SX1Xho
Message-ID: <28904226D092564CAE18852C9
References: <de2cff19b8194f8b8c29245f6
In-Reply-To: <de2cff19b8194f8b8c29245f6
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: multipart/alternative;
boundary="_000_28904226D09
MIME-Version: 1.0
ASKER
mx record is simply...
mail.clientdomain.com
mail.clientdomain.com
Please can you more elaborate "Sent by Microsoft Exchange Server 2007 " ?
i will go through your receive connectors on exchange 2013.
http://technet.microsoft.com/en-us/library/aa996395(v=exchg.150).aspx#BKMK_defaultrcsetup
and resetup internet email flow
http://technet.microsoft.com/en-us/library/jj657447(v=exchg.150).aspx
if this helps, then we will need to dig through your admin logs to find what have changes since.
http://technet.microsoft.com/en-us/library/aa996395(v=exchg.150).aspx#BKMK_defaultrcsetup
and resetup internet email flow
http://technet.microsoft.com/en-us/library/jj657447(v=exchg.150).aspx
if this helps, then we will need to dig through your admin logs to find what have changes since.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
It was the solution.
start with 571 delivery not authorized. this mean your server some how relay to a smart host and it start to reject email?
you need to provide detailed information like what is the exact error (in full and sometimes mesage header helps)
mx record details also help whether there is a middle mx record incoming (or relay servers for outbound)
and how do you disable malware processing? confirm it by dropping EICAR.txt files to confirm it is not working
my gut feel is external to exchange rather than exchange itself