• RSS
  • Twitter
  • FaceBook

Exchange Server Forums

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

NDR unable to relay

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [Microsoft Exchange 2003] >> Message Routing >> NDR unable to relay Page: [1]
Login
Message << Older Topic   Newer Topic >>
NDR unable to relay - 13.Apr.2010 4:21:16 PM   
jayoub1

 

Posts: 32
Joined: 17.Mar.2009
Status: offline
I have the following:
Server 2003 SP1
Exchange 2003 SP1 or 2 not sure

The server has been working for 4 years and no issues and I have made no changes to the server, but the other day I began getting the following NDR's

The following recipient(s) cannot be reached:

theiremail@theirdomain.com on 4/13/2010 9:21 AM
You do not have permission to send to this recipient. For assistance, contact your system administrator.
<myserver.mydomain.COM #5.7.1 smtp;550 5.7.1 Unable to relay for

And the following message

theiremail@theirdomain.com on 4/9/2010 12:04 PM
You do not have permission to send to this recipient. For assistance, contact your system administrator.
<myserver.mydomain.com #5.7.1 smtp;550 5.7.1 <theiremail@theirdomain.com>... Relaying denied. Proper authentication required.>

What i have done:
I figured out that if the person opens the delivery failure message and clicks resend it works fine and the message goes through. Also they are resending the messages regular and it goes just fine.

I looked to see if we where blacklisted and all was ok. I check 2 or 3 sites

I checked the rDNS and got mixed reviews. DNSSTUFF = ok, but MXTOOLBOX.com said Reverse DNS failed. I did nslookup and it was fine, but had an alias.

I checked with the Anti-Spam provider and he said its not our software

I enabled SMTP logging and will continue to check.

I went into the Virtual SMTP and under Permission for submit and Relay submit permissions was check and relay permissions was not, so I checked it and I thought the problem went way, but the came back.

Does anybody know what could have all of the sudden happened to get this issue.

Thanks,
Jeff
Post #: 1
RE: NDR unable to relay - 14.Apr.2010 10:24:54 AM   
uemurad

 

Posts: 8232
Joined: 7.Jan.2004
From: California, USA
Status: offline
Search your SMTP logs to confirm to where your outbound messages are being delivered.  Relaying means you are sending your messages to a system that doesn't process mail for that domain.  If it's one of your systems that is rejecting the relay, and it is where you intend your messages to go, you have to adjust your configuration to allow it.

_____________________________

Regards,

Dean T. Uemura
Microsoft MVP - Exchange (2007-2011)
exchangeguy.blogspot.com
uemurad@yahoo.com

(in reply to jayoub1)
Post #: 2
RE: NDR unable to relay - 14.Apr.2010 10:38:35 AM   
jayoub1

 

Posts: 32
Joined: 17.Mar.2009
Status: offline
I dont beleive we are relaying to any other server. I have one Exchange server and it should be sending out directly. I have 3 DNS server set up to route the mail and nothing set up as a relay. I will check the logs today and see if there is a server that my server is sending to.

Thanks for the reply.

Jeff

(in reply to jayoub1)
Post #: 3
RE: NDR unable to relay - 21.Apr.2010 12:24:09 PM   
jayoub1

 

Posts: 32
Joined: 17.Mar.2009
Status: offline
I looked at the log after getting the rejectes and they have the following information:

C-IP 209.155.3.179, 65.36.206.68
Site Name says outboundconnectionreponse

I will try to NSLookup these and see

I feel like the messages are going out of my server and relaying from these servers to get to the recipient and thats where the message is rejected. A resend of the message usually goes through, but one person had to copy the text from the old message into a new message to get it through.

Please help

(in reply to jayoub1)
Post #: 4
RE: NDR unable to relay - 25.Apr.2010 5:14:31 PM   
uemurad

 

Posts: 8232
Joined: 7.Jan.2004
From: California, USA
Status: offline
Analyze your logs to see what differences there are between the messages that are delivered with those that fail.  Are the messages going to the same server (IP address)?  What command gets the failure response?

_____________________________

Regards,

Dean T. Uemura
Microsoft MVP - Exchange (2007-2011)
exchangeguy.blogspot.com
uemurad@yahoo.com

(in reply to jayoub1)
Post #: 5
RE: NDR unable to relay - 1.May2010 10:43:59 PM   
jayoub1

 

Posts: 32
Joined: 17.Mar.2009
Status: offline
Around the 16th of April I began getting NDR email delivery failures. It started out with 2 persons then became about 5 or 6 people. All the NDR where for emails with domain name and not Comcast, Verizon or Hotmail type email accounts.

I first worked with the configuration of the SMTP Default Virtual server to allow relaying from Authenticated users and it did not help. The following are the NDR replies

5.7.1 Unable to relay for email@domainname.com
5.5.0 authentication required for relay
5.5.0 relaying mail to domainname.com not allowed
5.7.1 relaying denied
5.7.1 relay denied proper authentication required

I first asked the ISP to check the reverse DNS, MX and PTR records and all was fine.

I then turned on SMTPSVR logging and tried to figure out what IP was giving me trouble and this did not get me anywhere.

I looked up the NDR and found the following possibilities:

A: the server may have been used as an open relay server and now is blacklisted, so I followed the Microsoft articles to ensure that the server was not configured to be an open relay. I checked the configuration on both the SMTP Virtual Server and the Connector.

See the articles below:
http://support.microsoft.com/kb/895853
http://support.microsoft.com/kb/314734/
http://support.microsoft.com/kb/895853

B: I checked the blacklists and did not see any blacklists

C: We turned on diagnostic Logging and found the following even logs when a message is rejected

Event Type: Error
Event Source: MSExchangeTransport
Event Category: SMTP Protocol
Event ID: 7004
Date: 5/1/2010
Time: 7:59:50 PM
User: N/A
Computer: EXCH1
Description:
This is an SMTP protocol error log for virtual server ID 1, connection #55426. The remote host "209.155.3.179", responded to the SMTP command "rcpt" with "555 RCPT TO [rmorton@thedomain.com] not allowed (#5.7.1) ". The full command sent was "RCPT TO:<rmorton@tatc.com> ". This will probably cause the connection to fail.

For more information, click http://www.microsoft.com/contentredirect.asp.



Event Type: Warning
Event Source: MSExchangeTransport
Event Category: NDR
Event ID: 3022
Date: 5/1/2010
Time: 7:59:50 PM
User: N/A
Computer: EXCH1
Description:
A non-delivery report with a status code of 5.5.0 was generated for recipient rfc822;rmorton@the domain.com (Message-ID <50AC2E7482C98F42ABDB9C7ACEC8BDCD02515264@exchange.mydomain.com>).
Cause: This message indicates a generic protocol error (SMTP error). For example, the remote SMTP responds to an issued EHLO with a 500 level error and the sending system will QUIT the connection and report this with NDR indicating the remote SMTP server canÆt handle the protocol.
Solution: View the SMTP log or run a netmon trace to see why the remote SMTP server rejects the protocol request.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

And now we get thousands of the following event log:[/size]

Event Type: Error
Event Source: MSExchangeTransport
Event Category: SMTP Protocol
Event ID: 7010
Date: 5/1/2010
Time: 9:55:12 PM
User: N/A
Computer: EXCH1
Description:
This is an SMTP protocol log for virtual server ID 1, connection #60307. The client at "124.217.225.169" sent a "rcpt" command, and the SMTP server responded with "550 5.7.1 Unable to relay for henryferguson@gmx.com ". The full command sent was "rcpt TO:henryferguson@gmx.com". This will probably cause the connection to fail.

For more information, click http://www.microsoft.com/contentredirect.asp.

Can anyone please help!

(in reply to jayoub1)
Post #: 6
RE: NDR unable to relay - 3.May2010 9:39:50 AM   
uemurad

 

Posts: 8232
Joined: 7.Jan.2004
From: California, USA
Status: offline
Contact the administrators of the other domain. If you have not made any changes to your environment then it would make sense to conclude that this new development is being caused by a change to theirs. At least find out if they made any changes.

_____________________________

Regards,

Dean T. Uemura
Microsoft MVP - Exchange (2007-2011)
exchangeguy.blogspot.com
uemurad@yahoo.com

(in reply to jayoub1)
Post #: 7

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [Microsoft Exchange 2003] >> Message Routing >> NDR unable to relay Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts


Follow TechGenix on Twitter