Microsoft KB Archive/327759

= HOW TO: Use Recipient Policies to Resolve Nondelivery Reports Caused by 5.7.1 or 5.7.3 Errors =

PSS ID Number: 327759

Article Last Modified on 10/9/2003

-

The information in this article applies to:


 * Microsoft Exchange Server 2003 Enterprise Edition
 * Microsoft Exchange Server 2003 Standard Edition
 * Microsoft Exchange 2000 Server
 * Microsoft Windows Small Business Server 2003, Premium Edition
 * Microsoft Windows Small Business Server 2003, Standard Edition

-



This article was previously published under Q327759



IN THIS TASK

 * SUMMARY
 * ** 5.7.1 and 5.7.3 Messages
 * Common Causes of NDRs
 * Resolve Nondelivery Reports by Creating Recipient Policies
 * Troubleshooting
 * REFERENCES



SUMMARY
Exchange issues nondelivery reports (NDRs) for a number of reasons. Sometimes Exchange Server also issues error messages and event messages to provide information about the NDRs and to help you identify the problem. NDRs accompanied by 5.7.1 or 5.7.3 error messages have a number of possible common causes, as described in this article.

back to the top

5.7.1 and 5.7.3 Messages
The 5.7.1 and 5.7.3 messages include the following information:

     From:   System Administrator Sent:  Thursday, August 17, 2000 8:08 P.M.       To:     User Two Subject:       Undeliverable: Independent Study (2nd Draft) after edits.doc

Your message did not reach some or all of the intended recipients.

Subject: Independent Study (2nd Draft) after edits.doc Sent:    8/17/00 8:07 P.M.

The following recipient(s) could not be reached:

User Three on 8/17/00 8:07 P.M.            You do not have permission to send to this recipient. For assistance, contact your system administrator. 

-Original Message- From:  System Administrator Sent:  Tuesday, September 12, 2000 8:04 P.M. To:     User Four; User Five Subject:       Undeliverable: RE: Virus ..

Your message did not reach some or all of the intended recipients.

Subject: RE: Virus .. Sent:    9/12/2000 8:04 P.M.

The following recipients could not be reached:

User Four on 9/12/2000 8:04 P.M.            The recipient could not be processed because it would violate the security policy in force 

User Five on 9/12/2000 8:04 P.M.            The recipient could not be processed because it would violate the security policy in force 

The 5.7.1 error code is associated with the following 1709 and 1710 application event log event IDs:

Event Type: Warning

Event Source: MSExchangeTransport

Event Category: SMTP Protocol

Event ID: 1709

Date: 9/6/2000

Time: 5:21:28 A.M.

User: N/A

Computer:

Description: An SMTP client did not authenticate before

attempting to send mail. Access was denied.

Data: 0000: 05 00 07 80 ...?

Event Type: Warning

Event Source: MSExchangeTransport

Event Category: SMTP Protocol

Event ID: 1710

Date: 9/5/2000

Time: 3:31:03 P.M.

User: N/A

Computer:

Description: An SMTP client authenticated as user &quot;NT

AUTHORITY\ANONYMOUS LOGON&quot; attempted to send as

&quot;User.one@domain.edu.&quot; Access was denied because the

authenticated client does not have permission to Send As this

SMTP address. Data: 0000: 05 00 07 80 ...?

The 5.7.3 error code is associated with event ID 1710.

back to the top

Common Causes of NDRs
The following are the four most common causes for these NDRs:  NDRs that contain a 5.7.1 error code occur if the Allow computers which successfully authenticate to relay check box is not selected on the SMTP virtual server.

To locate this check box, follow these steps:  In Exchange System Manager, expand Servers, expand the container for your server, expand Protocols, and then expand SMTP. Right-click the SMTP virtual server, and then click Properties. Click the Access tab of the SMTP virtual server, and then click Relay.</ol>

NOTE: An NDR that contains a 5.7.1 error code may occur if the Domain Name System (DNS) tables are not configured correctly. Make sure that mail exchanger (MX) records point to the correct SMTP virtual server. If DNS is not configured correctly, incoming SMTP connection attempts may randomly connect to the wrong SMTP virtual server.

</li> Although the DNS records exist that point the domain to the server that is running Exchange, the matching recipient policy may not exist. Recipient policies control the behavior of SMTP, and they also control the proxy addresses that are stamped on users. For each domain supported by your DNS configuration, there should be a recipient policy. For more information about how to create or update recipient policies, see the &quot;Resolve Nondelivery Reports by Creating Recipient Policies&quot; section of this article.</li> An NDR that contains a 5.7.1 error code may occur if users have e-mail addresses that were created manually but which do not match any existing recipient policies. As a general rule, proxy addresses should match at least one recipient policy. For more information about how to create or update recipient policies, see the &quot;Resolve Nondelivery Reports by Creating Recipient Policies&quot; section of this article.</li> 5.7.1 and 5.7.3 errors may occur if you are using Microsoft Internet Security and Acceleration (ISA) Server 2000. If the external IP address of the server that is running ISA Server changes, and the IP address for the SMTP publishing rule is not updated to reflect the new IP address, an NDR occurs. This also occurs if you do not restart the Isactrl service after you change the IP address in the SMTP publishing rule.</li></ul>

back to the top

Resolve Nondelivery Reports by Creating Recipient Policies
To create new recipient policies, follow these steps: <ol> In Exchange System Manager, expand the Recipients object, and then expand the Recipient Policies object.</li> Right-click Default Policy, and then click Properties.</li> To add a new SMTP address, click the E-Mail Addresses tab, and then click Add.</li> In the SMTP Address Properties dialog box, type the domain that you use for the manually entered e-mail addresses in the Address box.</li> In the Default Policy Properties dialog box, click the E-Mail Address tab, and then click to select the check box next to the SMTP address that you just created.</li> Click Apply, and then click OK when you receive the following notification:

The e-mail addresses of types [SMTP] have been modified. Do you want to update all corresponding recipient e-mail addresses to match these new addresses?

NOTE: If you want to update these addresses immediately, force the Recipient Update Service to update your organization and your server that is running Exchange.</li></ol>

back to the top

Troubleshooting
The resolution of e-mail names and other names may not work correctly if a Microsoft Windows 2000 or Microsoft Windows NT 4.0-based DNS server receives a nonauthoritative response from a root hint or forwarder. The Windows 2000 or Windows NT 4.0-based DNS server sends a &quot;Server Failure&quot; message to the client when it receives a Start of Authority (SOA) record from a nonauthoritative resource.

For additional information about the &quot;Server Failure&quot; message, click the article number below to view the article in the Microsoft Knowledge Base:

295933 A DNS Server Sends a &quot;Server Failure&quot; Message When It Receives a Non-Authoritative Response

back to the top

<div class="references_section">