Microsoft KB Archive/274638

= XCON: NDRs May Result Based on SMTP Configuration =

PSS ID Number: 274638

Article Last Modified on 6/18/2003

-

The information in this article applies to:


 * Microsoft Exchange 2000 Server

-



This article was previously published under Q274638





SYMPTOMS
Non-delivery reports (NDRs) that contain 5.7.1 or 5.7.3 error codes may be generated intermittently:

From:  System Administrator Sent:  Thursday, August 17, 2000 8:08 PM To:     User Two Subject:       Undeliverable: Independent Study (2nd Draft) after edits.doc

Your message did not reach some or all of the intended recipients.

Subject: Independent Study (2nd Draft) after edits.doc Sent:    8/17/00 8:07 PM

The following recipient(s) could not be reached:

User Three on 8/17/00 8:07 PM            You do not have permission to send to this recipient. For assistance, contact your system administrator. 

-Original Message- From:  System Administrator Sent:  Tuesday, September 12, 2000 8:04 PM To:     User Four; User Five Subject:       Undeliverable: RE: Virus ..

Your message did not reach some or all of the intended recipients.

Subject: RE: Virus .. Sent:    9/12/2000 8:04 PM

The following recipient(s) could not be reached:

User Four on 9/12/2000 8:04 PM            The recipient could not be processed because it would violate the security policy in force 

User Five on 9/12/2000 8:04 PM            The recipient could not be processed because it would violate the security policy in force 

The 5.7.1 error code is associated with Application event log event IDs 1709 and 1710:

Event Type: Warning

Event Source: MSExchangeTransport

Event Category: SMTP Protocol

Event ID: 1709

Date: 9/6/2000

Time: 5:21:28 AM

User: N/A

Computer: SERVERNAME

Description: An SMTP client did not authenticate before attempting to send mail. Access was denied. Data: 0000: 05 00 07 80 ...?

Event Type: Warning

Event Source: MSExchangeTransport

Event Category: SMTP Protocol

Event ID: 1710

Date: 9/5/2000

Time: 3:31:03 PM

User: N/A

Computer: SERVERNAME

Description: An SMTP client authenticated as user &quot;NT AUTHORITY\ANONYMOUS LOGON&quot; attempted to send as &quot;User.one@domain.edu&quot;. Access was denied because the authenticated client does not have permission to Send As this SMTP address. Data: 0000: 05 00 07 80 ...?

The 5.7.3 error code is associated with event ID 1701.



CAUSE
NDRs that contain an 5.7.1 error code can occur if the allow computers which successfully authenticate to relay check box is not selected on the Simple Mail Transfer Protocol (SMTP) virtual server (to locate this check box, click the SMTP virtual server's Access tab, click Relay).

This behavior can also occur if the Domain Name System (DNS) feature is not configured correctly. Ensure that MX records point to the correct SMTP virtual server. If DNS is not configured correctly, incoming SMTP connection attempts might randomly connect to the wrong SMTP virtual server.

This behavior can also occur if users have e-mail addresses that were manually entered, but do not match any existing recipient policies. As a general rule, proxy addresses should match at least one recipient policy.

NDRs that contain the 5.7.3 error code can occur if servers occasionally authenticate as anonymous, which does not work because these servers require authentication (to send, as well as to relay); therefore, NDRs are generated.

An additional cause for this error when using Microsoft ISA Server 2000 is if the external IP address of the ISA server changes, and the IP address for the SMTP Publishing rule has not been updated to reflect the new external IP on the ISA server, and/or if the Isactrl service has not been restarted after changing the IP address of the SMTP Publishing rule.



WORKAROUND
To work around this behavior, properly configure DNS MX records, allow computers that successfully authenticate to relay, and ensure that user proxy addresses match at least one recipient policy.

To work around the NDRs that contain 5.7.1 error codes, enable anonymous access in the properties of all of the SMTP virtual servers. Restart these virtual servers, as well as the SMTP service and Routing Engine service to make sure that this change takes effect.



MORE INFORMATION
For additional information, click the article numbers below to view the articles in the Microsoft Knowledge Base:

283287 XADM: Users Receive Random 5.7.1 and 5.7.3 NDRs

291222 XGEN: Rollup of Selected Exchange 2000 Server Post-Release Fixes

Additional query words: RUS

Keywords: kbprb KB274638

Technology: kbExchange2000Search kbExchange2000Serv kbExchange2000ServSearch kbExchangeSearch

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© 2004 Microsoft Corporation. All rights reserved.