Permission denied for a certain domain.

Could someone please explaing the following error message:

------------------------------------------------------------------
You do not have permission to send to this recipient.  For assistance,
contact your system administrator.
            <Servername.domainname#5.7.1 smtp;550 5.7.1
<Email.address@domain.com>... Access denied>
------------------------------------------------------------------

We have Exchange 2003 and it seems that no-one on our domain can send to
this one specific domain without the mail getting bounced (it seems from our
own SMTP server). Everyone gets the same error. Our exchange box sends all
mail through another SMTP box on the same domain before going out to the
internet.

Thanks for any help,
Grant


0
gpsnett (52)
2/10/2004 2:41:55 AM
exchange.admin 57650 articles. 2 followers. Follow

8 Replies
491 Views

Similar Articles

[PageSpeed] 16

Seems they are blocking your domain for some reason.  Could be you were
recently blacklisted or have no Reverse PTR record.  I assume you can send
to them from another account like hotmail or yahoo?  Try telnet to their
mail server on port 25 and see if you get a response?

--
John Oliver, Jr.
MCSE, MCT, CCNA, Exchange MVP
Microsoft Certified Partner

"Grant" <gpsnett@hotmail.com> wrote in message
news:#nSa1937DHA.2924@tk2msftngp13.phx.gbl...
> Could someone please explaing the following error message:
>
> ------------------------------------------------------------------
> You do not have permission to send to this recipient.  For assistance,
> contact your system administrator.
>             <Servername.domainname#5.7.1 smtp;550 5.7.1
> <Email.address@domain.com>... Access denied>
> ------------------------------------------------------------------
>
> We have Exchange 2003 and it seems that no-one on our domain can send to
> this one specific domain without the mail getting bounced (it seems from
our
> own SMTP server). Everyone gets the same error. Our exchange box sends all
> mail through another SMTP box on the same domain before going out to the
> internet.
>
> Thanks for any help,
> Grant
>
>


0
jcoliverjr (1013)
2/10/2004 3:27:00 AM
Sounds as if the domain you are trying to send to has blocked your ip
address or domain name for one reason or another. Some ISP's block mail that
comes from a range of dynamic ip addresses.

Go to http://mail-abuse.org/cgi-bin/lookup and enter in your IP address, or
contact the domain that is blocking your mail and find out if they have you
on a block list.

-- 
Cheers,

Steve Antonio
Microsoft Exchange Support

This posting is provided "AS IS" with no warranties, and confers no rights.

Note: Please do not reply to this e-mail address. It is used for newsgroup
purposes only.


"Grant" <gpsnett@hotmail.com> wrote in message
news:%23nSa1937DHA.2924@tk2msftngp13.phx.gbl...
> Could someone please explaing the following error message:
>
> ------------------------------------------------------------------
> You do not have permission to send to this recipient.  For assistance,
> contact your system administrator.
>             <Servername.domainname#5.7.1 smtp;550 5.7.1
> <Email.address@domain.com>... Access denied>
> ------------------------------------------------------------------
>
> We have Exchange 2003 and it seems that no-one on our domain can send to
> this one specific domain without the mail getting bounced (it seems from
our
> own SMTP server). Everyone gets the same error. Our exchange box sends all
> mail through another SMTP box on the same domain before going out to the
> internet.
>
> Thanks for any help,
> Grant
>
>


0
steveant (150)
2/10/2004 3:30:08 AM
I just called the helpdesk and they arent blocking our domain. The admin
bloke sent through an email to me but I couldnt reply to it - I got the
access denied error. I tried telnetting into their server which worked using
the following commands:

helo mydomain.com
mail from: myemailaddress@yourdomain.com
rcpt to: failedemailaddress@domain.com

I get a recipient OK - which I think means that our domain should be OK to
send to their domain and is not blocked.
The mail gets returned within a few seconds so it must be our own SMTP
server but I cannot find anything that would be a reason for this denial?

Grant



"John Oliver, Jr. (MVP)" <jcoliverjr@hotmail.com> wrote in message
news:eDCXsY47DHA.2300@TK2MSFTNGP10.phx.gbl...
> Seems they are blocking your domain for some reason.  Could be you were
> recently blacklisted or have no Reverse PTR record.  I assume you can send
> to them from another account like hotmail or yahoo?  Try telnet to their
> mail server on port 25 and see if you get a response?
>
> --
> John Oliver, Jr.
> MCSE, MCT, CCNA, Exchange MVP
> Microsoft Certified Partner
>
> "Grant" <gpsnett@hotmail.com> wrote in message
> news:#nSa1937DHA.2924@tk2msftngp13.phx.gbl...
> > Could someone please explaing the following error message:
> >
> > ------------------------------------------------------------------
> > You do not have permission to send to this recipient.  For assistance,
> > contact your system administrator.
> >             <Servername.domainname#5.7.1 smtp;550 5.7.1
> > <Email.address@domain.com>... Access denied>
> > ------------------------------------------------------------------
> >
> > We have Exchange 2003 and it seems that no-one on our domain can send to
> > this one specific domain without the mail getting bounced (it seems from
> our
> > own SMTP server). Everyone gets the same error. Our exchange box sends
all
> > mail through another SMTP box on the same domain before going out to the
> > internet.
> >
> > Thanks for any help,
> > Grant
> >
> >
>
>


0
gpsnett (52)
2/10/2004 4:00:34 AM
Grant wrote in microsoft.public.exchange.misc:

> I get a recipient OK - which I think means that our domain should be
> OK to send to their domain and is not blocked.

Until you get "250 Message Accepted for Delivery" or similar, it's not a 
sure thing.  Try the MAIL FROM: RCPT TO: DATA <cr>.<cr> set and see if 
you get a 250 OK response.


You also mentioned in your original message that your Exchange server 
hands off to another box prior to it going out to the world.  

Did you attempt to telnet to their defined MX from the SMTP relay box 
itself? 

Do they have more than one MX, and perhaps you're being blocked at one of 
them, but not others?

Can you set your Exchange server to send directly via DNS and not via the 
Smarthost to see if it goes thru?

Did you check the IP address from your relay box on http://openrbl.org  ?  
OpenRBL checks all of the blacklists in one swoop.  You may be on one or 
another of them.

Just a few ideas to try.

-PhilA
0
pa5 (3)
2/11/2004 5:33:29 AM
Interesting new development. Phil I telneted from the SMTP server and after
the 'RCPT to:" command I got "Access denied" but from my workstation I got
"recipient OK". I tried this on 2 seperate mx routes.

In our domain we have Exchange 2003 - which delivers all mail through a
smart host (another SMTP server on our domain) which then gets forwarded out
to the world.
I checked http://openrbl.org and we are not on a spam list (I think - my
domain got 21 negatives and zero positives)

The other domain (tpg.com.au) has about 7 mx servers - they all have the
same preference.

I havent tried setting the exchange server to send via DNS without relaying
through the SMTP because all other mail is working normally and I dont want
to start messing with things too much. However if it is a straight forward
thing to do then I will give it a go (if all else fails.)

Grant


"Phil Arnold" <pa5@hormel.products.not.welcome.iname.com.invalid> wrote in
message news:Xns948BEFA54F61Dpa5hormelproductsnot@65.24.7.150...
> Grant wrote in microsoft.public.exchange.misc:
>
> > I get a recipient OK - which I think means that our domain should be
> > OK to send to their domain and is not blocked.
>
> Until you get "250 Message Accepted for Delivery" or similar, it's not a
> sure thing.  Try the MAIL FROM: RCPT TO: DATA <cr>.<cr> set and see if
> you get a 250 OK response.
>
>
> You also mentioned in your original message that your Exchange server
> hands off to another box prior to it going out to the world.
>
> Did you attempt to telnet to their defined MX from the SMTP relay box
> itself?
>
> Do they have more than one MX, and perhaps you're being blocked at one of
> them, but not others?
>
> Can you set your Exchange server to send directly via DNS and not via the
> Smarthost to see if it goes thru?
>
> Did you check the IP address from your relay box on http://openrbl.org  ?
> OpenRBL checks all of the blacklists in one swoop.  You may be on one or
> another of them.
>
> Just a few ideas to try.
>
> -PhilA


0
gpsnett (52)
2/11/2004 11:55:47 PM
Grant wrote in microsoft.public.exchange.misc:

> Interesting new development. Phil I telneted from the SMTP server and
> after the 'RCPT to:" command I got "Access denied" but from my
> workstation I got "recipient OK". I tried this on 2 seperate mx
> routes. 

Is it possible that your workstation goes out via a different router or 
presents a different NAT address than your SMTP smart host?  When you try 
from your workstation, do you present the same data for the HELO/EHLO 
string?

i.e.  EHLO smtp.mydomain.au  <--- use the id for your relay box while 
telneted from your workstation.

Your original indication sounds like it's an administrative block list, 
rather than a recognized RBL.


> I checked http://openrbl.org and we are not on a spam list (I think -
> my domain got 21 negatives and zero positives)

You should check by your IP space, not only your listed MXs, but your 
netblock, too.  There are 31 lists of IP RBLs in their query.

> The other domain 

Just out of curiousity, what SMTP software are they using?  Sendmail, 
etc?  

> is a straight forward thing to do then I will give it a go (if all
> else fails.) 

It's just one setting that you remove the smart host setting in the 
Exchange SMTP connector.  All it means is that your outbound will be 
directly delivered without the relay in-between.  Shouldn't cause any 
major snafu if you want to try it.  You can always just put the setting 
back.  It adds a tiny additional system load as your server has to manage 
its outbound queue directly.

Let me know how it works.

-PhilA
0
pa5 (3)
2/12/2004 2:09:37 AM
Phil you are right about them blocking our public IP address - I changed the
Exchange server to use DNS instead of forwarding through the SMTP server
(Which presents a different NAT address) and our mail gets through OK now.
Ive emailed their postmaster to ask what the hell their problem is :)

Thanks for all your help!
Regards,
Grant

"Phil Arnold" <pa5@hormel.products.not.welcome.iname.com.invalid> wrote in
message news:Xns948CCD157B624pa5hormelproductsnot@65.24.7.150...
> Grant wrote in microsoft.public.exchange.misc:
>
> > Interesting new development. Phil I telneted from the SMTP server and
> > after the 'RCPT to:" command I got "Access denied" but from my
> > workstation I got "recipient OK". I tried this on 2 seperate mx
> > routes.
>
> Is it possible that your workstation goes out via a different router or
> presents a different NAT address than your SMTP smart host?  When you try
> from your workstation, do you present the same data for the HELO/EHLO
> string?
>
> i.e.  EHLO smtp.mydomain.au  <--- use the id for your relay box while
> telneted from your workstation.
>
> Your original indication sounds like it's an administrative block list,
> rather than a recognized RBL.
>
>
> > I checked http://openrbl.org and we are not on a spam list (I think -
> > my domain got 21 negatives and zero positives)
>
> You should check by your IP space, not only your listed MXs, but your
> netblock, too.  There are 31 lists of IP RBLs in their query.
>
> > The other domain
>
> Just out of curiousity, what SMTP software are they using?  Sendmail,
> etc?
>
> > is a straight forward thing to do then I will give it a go (if all
> > else fails.)
>
> It's just one setting that you remove the smart host setting in the
> Exchange SMTP connector.  All it means is that your outbound will be
> directly delivered without the relay in-between.  Shouldn't cause any
> major snafu if you want to try it.  You can always just put the setting
> back.  It adds a tiny additional system load as your server has to manage
> its outbound queue directly.
>
> Let me know how it works.
>
> -PhilA


0
gpsnett (52)
2/12/2004 4:11:06 AM
Grant wrote in microsoft.public.exchange.misc:

> Ive emailed their postmaster to ask what the hell their problem is :)
> 
> Thanks for all your help!

Glad to help.  And welcome to the world of postmasters trying to kill UCE.  

-PhilA
0
pa5 (3)
2/12/2004 2:01:03 PM
Reply:

Similar Artilces:

exporting Sendas permissions in Exchange 5.5
Hi, Is it possible to export the sendas permissions on the objects (mailbox, distribution lists) in Exchange 5.5. The article http://support.microsoft.com/kb/188628 says that it is not possible to export the permissions using Directory export tool. I tried to see the header information using admin program in raw mode and tried exporting NT-Security-Descriptor field which gives out junk (or something which i am not able to make any sense out of). Could you guys help me with this? Are there any tools which do this? Thanks Chandrasekhar ...

Child domain can't get the Offline Address book but parent domain can.....
Our child domain outlook users keep getting the following synch error: 13:35:52 Synchronizer Version 11.0.8000 13:35:52 Synchronizing Mailbox 'Dan Kringle' 13:35:52 Synchronizing Hierarchy 13:35:52 Done 13:35:52 Microsoft Exchange offline address book 13:35:52 0X8004010F But when I log on to one of their machines as a parent domain user and access my mail, I don't get the error. any ideas??? The replication status is In Sync.... but the users are still getting the same errors... "Dan Klinge" <Dan@YoMamasHouse.com> wrote in message news:ukoz0DvPGHA.5740...

Managing List Permissions Permission
Hi, I wonder if are there any permission to manage list permissions ? Or the only way for giving this right to some user is giving "manage list" permission. There are some overheads, if i give the user "manage list" permission then he can do a lot like deleting list, adding-changing list columns. So i am looking for a way to give some user distinct permission, so he can give other users permissions on that list. Thanks. Is this resolved by making a user the Owner of a permissions list? From the SP Group Settings screen: "Owner The owner can ...

Find NTFS permissions for an account
We need to use an application that runs as a number of windows services. Those services run under a local user account that was created when the application was installed. We need those accounts to be Windows 2008 Domain level accounts (the services will be set up to access files on other servers, not the way the application is designed, but for up-time reasons we want those files on our fail-over file server). We don't know what permissions were given to the accounts. We could go through manually looking at permissions on every directory to see whether they are there ...

Exchange Router
We have CRM 1.2 installed and fully functional in our companies main domain (crm). Our exchange server is installed in it's own domain (mail). We are able to send mail from CRM with no problem, but mail from Exchange is not being routed to CRM. Any help or ideas would be greatly appreciated. what domain trusts have you set up? "Bferguson" <anonymous@discussions.microsoft.com> wrote in message news:AD452D35-F6D6-4FED-94D5-C2724A1F931A@microsoft.com... > We have CRM 1.2 installed and fully functional in our companies main domain (crm). Our exchange server is install...

Does not have permission???
The error message states that the user does not have permission yet she is one of the owners of the mailbox. She is set up along with two other to have access to another mailbox. I noticed that under this mailbox, there is not a sent folder nor a deleted items folder. Her own inbox seems to be working just fine. It is only when she goes to send from this other mailbox. Help please. :o( Thank you thank you thank you. ...

You do not have permission to send to this recipient #16
I just added several domains to our Exchange 2003 environment. I created a new recipient policy, have external DNS setup properly and we are able to recieve email on behalf of the new domains, for those users that have such email addresses. My question however has to do with the sending of email from these domains. Of course Exchange has a set default/primary email address that all email is sent out from, however I need to enable the users that recieve email from these new domain names to reply back to it from that address using the from field. When I do specify one of these email addr...

Share Permissions
Hello, I have a requirement to give a server built in account permissions to a share on a another file server. I have not had this requirement before and can't see how to do it or even whether you can. Any help appreciated. "Mike" <Mike@discussions.microsoft.com> wrote in message news:858F440D-1A9E-4B44-8E32-CFB9774906D0@microsoft.com... > Hello, > > I have a requirement to give a server built in account permissions to a > share on a another file server. > I have not had this requirement before and can't see how to do it or even > ...

Remove child domain after child domain DC has failed
Active Directory: Domain Functional Level: 2008 Forest Functional Level: 2003 I used to have a dev domain, which was a child domain of our production domain (dev.domain_name.local). This dev domain had a single domain controller and that domain controller has died. Now I would like to remove that dev child domain from my production domain to get rid of the event log errors on my production domain controllers. Has anyone seen an article on how to remove a child domain from active directory when there is no DC to demote? -- thanks, Jeff Winters, Rimrock Corpor...

Restore permissions on GAL
Hi. I changed the permissions on GAL by mistake. I said deny read access. Now I can't access the property page to change back the permissions. Any help will be appreciated. Use the admin account. Go in a few times and keep clicking ok - after a few tries the securtiy tab should return. -- Hope that helps, Dan Townsend This posting is provided "AS IS" with no warranties, and confers no rights. Please do not send email to this address, post a reply to this newsgroup. Use of included script samples are subject to the terms specified at http://www.microsoft.com/info/cpyrigh...

What does "553 sorry that domain isn't in my list of rcphosts" mean?
I get the following message when I try to send a message using Outlook 2003: The following recipient(s) could not be reached: 'bobby@europe.com' on 05/11/2003 13:06 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1) Any ideas? I'm not receiving mail from my POP3 account at all. Cheers. Bobby it's not a pop error, it's a misconfigured mail server (or properly configured server, but wrong mx records). it means you can't send mail using the smtp server... one cause could be that you aren't authenticating and should be. (mail account, ser...

permission problem
hi, i recently upgraded my NT4 domin to windows 2003 and encountered permission problem with the delegates in outlook. my upgrade plan was : installed 2 domain on new computers with new domain name install exchange on new computer and same site as exchange 5.5 moved all the users with admt to the new domain and installed ADC now my users are still logon to the old domain because i didnt do computer admt whan i moved all the mailboxs from the old server to the new server all the users that can see other users mailboxs can not see tham anymore, the only solution i found is to move the compute...

Delegate Permission Guidelines
Hi, I am creating guidelines in delegating permission of all Manager's Inbox to a particular person that he assigned. Can you give me inputs on these guidelines? Mark ...

Domain name within a lab environment
Is it possible to configure my lab environment to send mail as jsmith@abc.com, when my production environment is already jsmith@abc.com? when i tried to send an email to someone in the production environment. - (the user was not in the lab setup ) Exchange would not deliver it because now it thinks it abc.com and it would keep the email local. It's very possible yes, But both Exchange Orgs would have to have your SMTP space configured as non-authoritative and you would still encounter issues if you had the same proxy SMTP address added to an object at both locations. If you want to ...

Everyone/Admin permissions for print driver problems
Hi All, Calling all Aces! I have a WS08 server running QuickBooks 2009 Enterprise Edition (QB). The users do not have admin rights as I do not want them to see each others QB company files (among other things). Problem: the users are not able to eMail invoices unless I give the user(s) (Windows) admin privileges over the computer. The standard (Windows) user account gives the following *stupid* error message: QuickBooks cannot connect to remote server because part of your company data is currently in use Apparently, QB is using a printer d...

Calendar Permissions
I have two users and one user(A) is a delegate of user(B)'s calendar. User a can create events on User B's calander but cannot accept meeting on thier behalf. An error message comes up and says that "you do nothave access to User B's calendar folder". Any suggestions? ...

Users in child domain can't access OWA
I have a DC in a child domain (child.company.com) and an exchange server 2003. I have a recipient policy (based on country) for the users in the child domain so they get addresses like @child.company.com and not @company.com Whenever i create a new user in the child domain, i can't access the mail account thru OWA (i get 401 unauthorized). Thru outlook everything works well. However, I observed that if i create the user without the policy and then apply the policy (and the email address changes from @company.com to @child.company.com) everything works fine. If I delete the old ad...

Administrators Permission
I was going to edit some text on a CD-RW,and I got a message saying. You do not have permission to save in this director. See the administrator to obtain permission. Would you like to save in my document folder instead. How do I get permission from the administrator ? When I set this computer up I set myself up as the administrator. What anti-virus application or security suite is installed and is your subscription current? What anti-spyware applications (other than Defender)? What third-party firewall (if any)? Has a(nother) Norton or McAfee application ever been installed...

Set "allow inheritable permissions to propagate..." to folders, subfolders, files with script
Is there a dsacls syntax or vbscript that I can use to enable the "allow inheritable permissions to propagate...etc" setting to all folders, subfolders, files? I have about 500 user home folders and half of them are not set to inherit and the rest are. Instead of manually going into each one, is there a better method? This really has nothing to do with Active Directory Script out using setacl http://setacl.sourceforge.net/ Freeware from SourceForge -- Paul Bergson MVP - Directory Services MCTS, MCT, MCSE, MCSA, Security+, BS CSci 2008, 2003, 2000 (Early Achiever)...

Permissions on Distribution lists
Is there a way to set permissions on distribution lists as to who can send to them? "Keith" <anonymous@discussions.microsoft.com> wrote: >Is there a way to set permissions on distribution lists as to who can send to them? Absolutley, it's on the Delivery Restrictions tab of the DL properties in Exchaneg Administrator Mark Arnold MCSA MCSE+M MVP, mark@mvps.org FAQ: http://www.swinc.com/resource/exchange.htm & http:http://www.swinc.com/resource/e2kfaq.htm ...

2 domains #2
We've to offices on different places. We got Windows2003/AD/Exchange 2003 here. In 2nd Office they got Windows 2003/AD (Not Exchange). We just registered 2 domain xyz1 and xyz2. In our office we are using xyz1 for exchange2003 and its running fine. We want to use 2nd domain for our 2nd office. Can we use same exchange 2003 for different 2 domains? Any help ASAP please! http://support.microsoft.com/kb/268838/en-us - Configuring Exchange to receive mail for multiple domains -Jason "@smi" <imaasim@gmail.com> wrote in message news:1174981635.169915.218670@e65g2000hsc.goog...

I do not have permissions to restore a .PST file
Outlook's PST file was backed up, but when I attempted to restore it in Outlook2002, it said I do not have permission. I have admininstrator rights. Is there any way to restore this PST file? Make sure the file isn't marked read-only. If it's on a CD, move it to your hard drive and remove the read-only attribute. -- Jocelyn Fiorello MVP - Outlook *** Replies sent to my e-mail address will probably not be answered -- please reply only to the newsgroup to preserve the message thread. *** "Steve Diaz" <steved@scripps.edud> wrote in message news:005f01c3507c$...

Hidden mail-enabled Security Group for PF Permissions?
Can a mail-enabled Security Group that is hidden from the GAL be used to assign permissions to a Public Folder? A little background on my situation...I have a newly built Exchang 2003 server in native mode setup to support two SMTP domain (Company "A" and Company "B"). To do this, I configured the Default Recipient Policy for Company "A" and created a second policy for Company "B" that uses a USG/LDAP filter to assign addresses to Company "B" users. I am trying to setup a PF that only Company "B" users can see. I created QBDG'...

Permissions set on Word files differ from other permissions
We have a peer-to-peer network in Windows XP Pro. On ONE of our computers, Word documents do not get the same permissions for sharing that all other files get, or that all files on all other computers get. As a result, we can't copy Word files from this one computer. That computer is set to give "Everyone" "Full Control"; yet the individual Word files keep getting set to NOT give "Everyone" "Full Control". Why would Word override the other security settings, and how can I make it stop? ...

Public folder permissions
Outlook 2003 Where can I find information on how permissions work for the Public folders in outlook? For instance.. If user does not have access to the parent folder, can I give him access to a child folder? There are many more questions. Where can I go for "how to use Permissions to Public folders" Thanks -- deb They will need at least view permission to the top level folders. They don't need read/write permissions. -- Diane Poremsky [MVP - Outlook] Outlook Tips: http://www.outlook-tips.net/ Outlook & Exchange Solutions Center: http://www.slip...