Solved

MS Exchange Email : Undeliverable email

Posted on 2014-12-22
10
43 Views
Last Modified: 2016-06-19
Hello all

We are getting an email undeliverable message sending to a specific user.  We are also having issues receiving email only from a couple of domains.    

The error code the the undeliverable email was 5.7.1. I have found the error detail but could do with some assistance in resolving it.

We are using SBS2011 on a Single Server with Sophos installed on both client and server for mail scanning.  I don't believe its a virus/spam as we can send to other domains.  

Any help would be greatly appreciated.

5.7.1: The sender isn't authorized to send e-mail messages to this e-mail address. The possible reasons for this are: 1)The session isn't authenticated and doesn't have the 'ms-Exch-SMTP-Submit' permission. 2)The session is authenticated but doesn't have the 'ms-Exch-SMTP-Submit' permission. 3)The 'MAIL FROM' command specified an address in an authoritative domain but the session doesn't have the 'ms-Exch-SMTP-Accept-Authoritative-Domain-Sender' permission. 4)The authenticated user doesn't have permission to submit on behalf of the sender address specified in the header of the message and the session doesn't have the 'ms-Exch-SMTP-Accept-Any-Sender' permission. 5)The recipient domain doesn't match any of the accepted domains and the session doesn't have the 'ms-Exch-SMTP-Accept-Any-Recipient' permission. 6)The recipient domain is rejecting all mail from this server using a block list

Also

In the email bounce back there was this

LLAR.NET.UNIOVI.ES #530 5.7.1 Probable spam source: hostMY IP ADDRESS.in-addr.btopenworld.com:

Thanks
0
Comment
Question by:revroy123
10 Comments
 
LVL 14

Expert Comment

by:Ben Hart
Comment Utility
First off have you contacted the recipient to verify they have no blocks against the sending email address?  Have to checked RBLs to verify you are not blacklisted?  Can you successfully email this recipient from other addresses?
0
 
LVL 15

Expert Comment

by:Ivan
Comment Utility
Hi,

have you checked if you are on some black list? Try with mxtoolbox.com

Regards,
0
 

Author Comment

by:revroy123
Comment Utility
I have checked on mxtoolbox and all checks out OK apart from  a TIMEOUT      on RATS Spam.

We have tried from multiple users on the same Exchange server and they all bounce.

We have not contacted the recipient yet.  This is a brand new customer and see no reason why they would have our domain blocked.


UPDATE : We can email them from a gmail.com account
Thanks
0
 

Author Comment

by:revroy123
Comment Utility
Could it have anything to do with a PTR record?  I have seen this crop up on various websites but not something I have done before.

If so is this something I set up with BT (our ISP who control our Static IPaddress) or our Domain/Web hosting company?

Also do I set it for"domain.com" or "mail.domain.com" or internal server name "server.domain.local"

Thanks
0
Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

 
LVL 3

Accepted Solution

by:
Glenn M earned 168 total points
Comment Utility
If you've been able to send from a gmail address then either you're blacklisted somewhere or something in your mail/DNS records setup is getting you treated as spam to this users' mail server.

Are you btopenworld.com? There is something amiss with the SMTP greeting for your mail server - doesn't match the PTR record. Some sites will treat that as spam.

Whoever hosts your domain name (has the nameservers) can take care of A and PTR records.
0
 
LVL 9

Assisted Solution

by:Veerappan Sundaram
Veerappan Sundaram earned 166 total points
Comment Utility
In Addition to verifying and updating A and PTR record, please set SPF record for your SMTP domain.

Also post the
NDR message that you receive
NDR message the couple of other domain people receive
Thanks,
Veera.
0
 
LVL 16

Assisted Solution

by:Viral Rathod
Viral Rathod earned 166 total points
Comment Utility
This is permission issue on Receive Connector.

From your description, you don't have the receive connector permissions, such as ms-Exch-SMTP-Submit permission, ms-Exch-SMTP-Accept-Authoritative-Domain-Sender permission, ms-Exch-SMTP-Accept-Any-Sender permission, ms-Exch-SMTP-Accept-Any-Recipient permission.

I recommend you set Receive connector permissions by using the EAC or the PermissionGroups parameter with the Set-ReceiveConnector cmdlet in the EMS.

Here is an article for your reference.

Understanding Receive Connectors

http://technet.microsoft.com/en-us/library/aa996395(v=exchg.141).aspx

In order to activate the Anonymous users to relay via this connector, simply issue the following cmdlet :
Get-ReceiveConnector “TEST” | Add-ADPermission -User “NT AUTHORITY\ANONYMOUS LOGON” -ExtendedRights “Ms-Exch-SMTP-Accept-Any-Recipient”

Hope my clarification is helpful.
0
 

Author Comment

by:revroy123
Comment Utility
Many thanks all for your input and apologies for the delay in posting.

I will look into the above this week and have also requested a reverse DNS to be setup with BT.  They have an online form for this.

Thanks and more to follow.
0
 
LVL 14

Expert Comment

by:Ben Hart
Comment Utility
I'd like to object.. I mentioned checking to see if dude was blacklisted, same as Glenn.
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Check out this infographic on what you need to make a good email signature that will work perfectly for your organization.
Local Continuous Replication is a cost effective and quick way of backing up Exchange server data. The following article describes the steps required to configure Local Continuous Replication. Also, the article tells you how to restore from a backup…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
This video discusses moving either the default database or any database to a new volume.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now