• RSS
  • Twitter
  • FaceBook

Exchange Server Forums

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

domain isn't in my list of allowed rcpthosts (#5.7.1)

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [Microsoft Exchange 2003] >> General >> domain isn't in my list of allowed rcpthosts (#5.7.1) Page: [1]
Login
Message << Older Topic   Newer Topic >>
domain isn't in my list of allowed rcpthosts (#5.7.1) - 27.Oct.2004 8:50:00 AM   
arcticflipper

 

Posts: 6
Joined: 6.Jul.2004
From: South Africa
Status: offline
Can anyone give me some info as to how to correct this problem?

I only receive this error when I send mail to a certain email address. The funny thing is that this email address is hosted by the same company that provides us with our Static IP.

I can however get the meail out to the email address by re-sending it?

Why will it no go through the first time, but after the error message, it does go through?

[ October 27, 2004, 08:54 AM: Message edited by: arcticflipper ]
Post #: 1
RE: domain isn't in my list of allowed rcpthosts (#5.7.1) - 27.Oct.2004 9:00:00 AM   
Henrik Walther

 

Posts: 6928
Joined: 21.Nov.2002
From: Copenhagen, Denmark
Status: offline
Do you relay mail through a SMTP gateway (Smart host) at your ISP's end?

(in reply to arcticflipper)
Post #: 2
RE: domain isn't in my list of allowed rcpthosts (#5.7.1) - 27.Oct.2004 9:10:00 AM   
arcticflipper

 

Posts: 6
Joined: 6.Jul.2004
From: South Africa
Status: offline
Not as far as I know, We have a registered domain, with a static IP. The DNS Server is also pointing to our Static IP address.

IP: 66.8.37.218

We do however have a Linux Firewall sitting in front of the Exchange Server. I am not sure how this works, but according to the Firewall Admin mail does not get stopped or anything done to it by this firewall.

[ October 27, 2004, 09:20 AM: Message edited by: arcticflipper ]

(in reply to arcticflipper)
Post #: 3
RE: domain isn't in my list of allowed rcpthosts (#5.7.1) - 27.Oct.2004 9:25:00 AM   
arcticflipper

 

Posts: 6
Joined: 6.Jul.2004
From: South Africa
Status: offline
Full error the the sender receives:
your message did not reach some or all of the intended recipients.
subject:
Sent:

The following recipient (s) could not be reached:
recipient on date and time

There was a SMTP communication problem with the recipients email server.
Please contact your system administrator.
<spatialintel.com #5.5.0 smtp;553 sorry, that domain isn't in my list of allowed rcpthosts 5.7.1)>

(in reply to arcticflipper)
Post #: 4
RE: domain isn't in my list of allowed rcpthosts (#5.7.1) - 27.Oct.2004 1:15:00 PM   
Henrik Walther

 

Posts: 6928
Joined: 21.Nov.2002
From: Copenhagen, Denmark
Status: offline
Can you send to another recipient on this server without problems?

This NDR is typically returned if you're blacklisted by an RBL used by the receiving SMTP server, but according to http://www.dnsstuff.com/tools/ip4r.ch?ip=66.8.37.218 your IP address isn't on any RBL's.

One thing is for sure though the receiving server blocks mail from your domain/IP, and I would therefore take contact to their postmaster.

(in reply to arcticflipper)
Post #: 5
RE: domain isn't in my list of allowed rcpthosts (#5.7.1) - 27.Oct.2004 5:31:00 PM   
great

 

Posts: 82
Joined: 19.Mar.2003
From: Athens
Status: offline
i had such a problem but it was due to DNS configuration.
is your MX record pointing to a cname or something like that ?
check
<http://support.microsoft.com/default.aspx?scid=kb;EN-US;153001>

and make a DNS check of your domain through www.dnsreport.com and report any errors concerning your mail server

(in reply to arcticflipper)
Post #: 6
RE: domain isn't in my list of allowed rcpthosts (#5.7.1) - 28.Oct.2004 8:58:00 PM   
arcticflipper

 

Posts: 6
Joined: 6.Jul.2004
From: South Africa
Status: offline
I actually found the problem, and it had nothing to do with my site's MX records, DNS or blacklisting.

The real problem when you receive an error like this is that the domain that you are trying to send email to does not allow relaying.

In other words for those who don't know, this means that you would have to go visit orbis - a website to check and see if they allow relaying.

As it happens this is normally an idiot administrator on their side that thinks he or she knows enough about exchange and security to use security features that should rather be left alone.....

Oh by the way it could also be the above mentioned dns or mx, but if it was this then a. you won't be able to send mail to enyone or receive mail from anyone.

The dns - microsoft comment is excaxtly the way that we setup our dns, but with a couple of improvements through linux.

The linux firewall does not relay our mail, it only acts as a firewall.

I will supply the entire we address later to go and check if that domain accepts relaying.

The other problem that I picked up is that due to the relay attempt to that domain, when you resend the same message, it will go through. This has to do with the time that it takes to authenticate onto the domain.

(in reply to arcticflipper)
Post #: 7
RE: domain isn't in my list of allowed rcpthosts (#5.7.1) - 18.Nov.2004 3:21:00 PM   
hollian

 

Posts: 3
Joined: 2.Nov.2004
From: Wisconsin
Status: offline
Could you please send me the URL for the Orbis site you mentioned? I have been dealing unsuccessfully with this same issue for 2 weeks and yours is the first post that actually seems to be similar to my issue. I've checked and adjusted DNS settings internally and externally, MX and A records, (our Cname is different because our web site is hosted elsewhere, but it doesn't point to our mail), security setting, firewall configuration... And we do not use a smart host. As of today the first time a mail is sent it is rejected with the same message you received. If I resend the mail it seems to go through. That would be consistent with your last paragraph. You can write me directly at sandra.smith@sai-inc.org if you wish. Thanks for any help you can give me.

(in reply to arcticflipper)
Post #: 8
RE: domain isn't in my list of allowed rcpthosts (#5.7.1) - 24.Nov.2004 1:00:00 AM   
labnet

 

Posts: 1
Joined: 24.Nov.2004
From: Brisbane, Australia
Status: offline
Hmmm... I'm having exactly the same problem as other posters. Occasional email rejected first time, but gets through on a resend.

We have been running Exchange 5.5 for about 5 years with no major problem.
About 6 weeks ago we swapped from perm dialup to ADSL, where the firewall changed from a Linux box to the one built into the ADSL modem, but it seems like this problem started about 2 weeks ago.I also added an SPF record. If anyone thinks they have really cracked this, please post to this message board.

(in reply to arcticflipper)
Post #: 9
RE: domain isn't in my list of allowed rcpthosts (#5.7.1) - 3.Dec.2004 1:18:00 AM   
akumi

 

Posts: 2
Joined: 3.Dec.2004
From: Melbourne
Status: offline
Hi Guys
I'm also getting the same problem,

553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)

I'm running on win 2003 sbs, and when the user use the web login to login to the win2003 server and sends email, it sometimes gets through and sometimes don't! but sending to user of the same domain is alright. what's wrong?

Regards
Ak

(in reply to arcticflipper)
Post #: 10
RE: domain isn't in my list of allowed rcpthosts (#5.7.1) - 3.Dec.2004 1:21:00 AM   
akumi

 

Posts: 2
Joined: 3.Dec.2004
From: Melbourne
Status: offline
This is what i found...

The error, "553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)", means that you are trying to send email using the wrong smtp server.

Smtp related errors may have different numbers and slightly different wording, eg, "Relay access denied for...", but are all related to the same problem.

The smtp server that you use to send email is not determined by who hosts your email, but rather is a service of your Internet connection provider. All ISP's provide their customers with smtp servers, regardless of their email address.

One of the most important reasons for doing this is so spammers cannot connect to an unauthorized smtp server and use it to send mountains of spam. Occasionally, spammers find these "open" systems and flood them with mail. These systems are known as "open relays" and are the result of careless configuration by the operator.

Clients commonly see this error when they configure their PC at work, then try to use the same configuration at home, where the Internet connection is provided by a different ISP.

The fix for this situation is to change the smtp server in the mail client to match the one provided by the ISP.

(in reply to arcticflipper)
Post #: 11
RE: domain isn't in my list of allowed rcpthosts (#5.7.1) - 7.Dec.2004 8:20:00 AM   
arcticflipper

 

Posts: 6
Joined: 6.Jul.2004
From: South Africa
Status: offline
This is the true cause to this error: OPlease take note of this anyone who is using a Linux Firewall or any Firewall for that matter:

There is a certain company who is renting out 192. IP address Range. This was never the case in the past, thus everyone used 192. internal IP ranges.

Now with the firewall you would normally block any 192. access. With the new external 192. ranges that is being rented out, you are blocking your own mail. The only solution that we've found thusfar is:

On Linux - Set a static rout to that specific email box - IP which should then reference their SMTP server - Not the Firewall.

The rule must allow communication to that IP address.

I think it will work the same in windows.

Please note that you must be able to telnet to their mailserver. If you can not do this, you know that there is a IP problem...

(in reply to arcticflipper)
Post #: 12
RE: domain isn't in my list of allowed rcpthosts (#5.7.1) - 7.Dec.2004 12:47:00 PM   
Guest
Let me re-word the top wording.

The problem that I was experiencing was that we ran our internel network on a 192.x.x.x IP Range.

We also use a Linux Firewall for our gateway.
The Firewall has been setup to stop any internal to external communication on any 192.x.x.x IP

The email server that we were trying to send mail to also had a 192.x.x.x IP as a static IP.

Now the firewall did not allow any external communication over a 192.x.x.x IP Range.

The exchange server would then send the mail to the Firewall, which in return then sends it back, because it is not allowed to let any communication through to a 192.x.x.x IP This will then carry on until the exchange then is not allowed to send it any more.

The User would then receive the error.

To resolve this issue, I first found out what the email server's IP address is that I am trying to send the mail to. From here I tried to telnet into the ip:25 which is the mail server, which I could not do.

I then placed a static routeing rule on the firewall only for this specific IP address - Mail server that I am trying to send mail to - which then only allowed communication for mail to that IP.

This resolved my problem.

(in reply to arcticflipper)
  Post #: 13
RE: domain isn't in my list of allowed rcpthosts (#5.7.1) - 13.Dec.2004 1:11:00 PM   
Guest
Good work. Often these problems are simple, it takes a special technocrat to see the simple answers sometimes!

quote:
Originally posted by arcticflipper:
This is the true cause to this error: OPlease take note of this anyone who is using a Linux Firewall or any Firewall for that matter:

There is a certain company who is renting out 192. IP address Range. This was never the case in the past, thus everyone used 192. internal IP ranges.

Now with the firewall you would normally block any 192. access. With the new external 192. ranges that is being rented out, you are blocking your own mail. The only solution that we've found thusfar is:

On Linux - Set a static rout to that specific email box - IP which should then reference their SMTP server - Not the Firewall.

The rule must allow communication to that IP address.

I think it will work the same in windows.

Please note that you must be able to telnet to their mailserver. If you can not do this, you know that there is a IP problem...


(in reply to arcticflipper)
  Post #: 14
RE: domain isn't in my list of allowed rcpthosts (#5.7.1) - 13.Dec.2004 1:13:00 PM   
Guest
Sorry I gave credit to the wrong person below...
You solution being the simplest was also the most effective.

quote:
Originally posted by akumi:
This is what i found...

The error, "553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)", means that you are trying to send email using the wrong smtp server.

Smtp related errors may have different numbers and slightly different wording, eg, "Relay access denied for...", but are all related to the same problem.

The smtp server that you use to send email is not determined by who hosts your email, but rather is a service of your Internet connection provider. All ISP's provide their customers with smtp servers, regardless of their email address.

One of the most important reasons for doing this is so spammers cannot connect to an unauthorized smtp server and use it to send mountains of spam. Occasionally, spammers find these "open" systems and flood them with mail. These systems are known as "open relays" and are the result of careless configuration by the operator.

Clients commonly see this error when they configure their PC at work, then try to use the same configuration at home, where the Internet connection is provided by a different ISP.

The fix for this situation is to change the smtp server in the mail client to match the one provided by the ISP.


(in reply to arcticflipper)
  Post #: 15
RE: domain isn't in my list of allowed rcpthosts (#5.7.1) - 25.Aug.2009 6:35:51 PM   
iainhu

 

Posts: 2
Joined: 25.Aug.2009
Status: offline
There is a simpler solution than blocking 192.x.x.x and then setting specific rules for individual IPs address in the 192.x.x.x range.

RFC 1918 provides 3 private address space ranges:

10.0.0.0/8               10.0.0.1-->10.255.255.255.254
172.16.0.0/12         172.16.0.1-->172.16.255.254
192.168.0.0/16       192.168.0.1-->192.168.0.126

Note that the 'Class C' range is NOT the entire 192.0.0.0/8 range, just addresses 192.168.0.1-->192.168.0.254, so by blocking everything in the range 192.0.0.1-->192.255.255.254 you have in fact blocked access to a whole bunch of legitimate 192. public (not private) addresses. If you then want to communicate with one of these addresses, your firewall will stop you just as you (mistakenly) asked it to do.

This isn't anything to do with 'someone renting 192 addresses' but a misunderstanding over the 192.168.0.0/16 range of PRIVATE addresses. These do not include all 192.x.x.x addresses, and that is where your problem lies. See http://en.wikipedia.org/wiki/Private_network for more details of address private address space allocation.

.../Iain

(in reply to Guest)
Post #: 16
RE: domain isn't in my list of allowed rcpthosts (#5.7.1) - 25.Mar.2010 4:24:28 AM   
berg128

 

Posts: 2
Joined: 7.Dec.2006
Status: offline
Although this is an old post to let everyone understand above correctly I must point you all that the private ranges are:

10.0.0.1    - 10.255.255.255  = 10.0.0.0/8     mask 255.0.0.0
172.16.0.0  - 172.31.255.255  = 172.16.0.0/12  mask 255.240.0.0
192.168.0.0 - 192.168.255.255 = 192.168.0.0/16 mask 255.255.0.0 


(in reply to iainhu)
Post #: 17
RE: domain isn't in my list of allowed rcpthosts (#5.7.1) - 25.Mar.2010 6:30:34 AM   
iainhu

 

Posts: 2
Joined: 25.Aug.2009
Status: offline
Oops...now how did I get that so wrong?...I even pointed to a resource quoting the exact ranges you mention, however, in my defence, my general point was advice was being given by others to block 192.x.x.x (192.0.0.0/8) which is broader than the 192.168.0.0/16 private address range and so would result in legitimate public 191.168.x.x addresses being blocked.

Also as to address ranges, I deliberately dropped the network and broadcast addresses as these are not assignable, hence quoting from .1 to .254 and not .0 to .255.

.../Iain

(in reply to berg128)
Post #: 18
RE: domain isn't in my list of allowed rcpthosts (#5.7.1) - 25.Mar.2010 10:22:59 AM   
berg128

 

Posts: 2
Joined: 7.Dec.2006
Status: offline
No problem, I just wanted to make sure everyone understands just that. Al though not assignable the 0 and 255 addresses are correct ip-addresses pointing to networks or being broadcast addresses and valid to use in routers/firewalls.

(in reply to arcticflipper)
Post #: 19

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [Microsoft Exchange 2003] >> General >> domain isn't in my list of allowed rcpthosts (#5.7.1) Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts


Follow TechGenix on Twitter