Troubleshooting Guide

'You do not have permission to send to this recipient' errors

Resolving Exchange Server NDRs caused by 5.7.1 or 5.7.3 errors

Countless Exchange Server administrators have been faced with the 'You do not have permission to send to this recipient' non-delivery report (NDR) as a result of a 5.7.1 or 5.7.3 error. There are numerous potential causes for these errors, including firewall configuration issues, bad

    Requires Free Membership to View

DNS settings, updating recipient policies, and blocked SMTP communication -- just to name a few. This Exchange Server Troubleshooting Guide will help you diagnose 'You do not have permission to send to this recipient' errors and resolve your email delivery dilemmas.
 

  Potential Cause   Firewalls
If users are having problems sending email from Exchange Server, the firewall could be the culprit. Your checklist should include: firewall configurations and settings, personal firewalls installed on a client machine, and a change in the external IP address of the Microsoft Internet Security and Accleration (ISA) Server.
More firewall troubleshooting tips:

 
Disable the Mailguard feature on your Cisco PIX firewall

 
Adjust firewall policies for less restrictive SMTP monitoring rules

 
Learn how to (properly) configure ISA Server as an SMTP filter  

 

  Potential Cause   DNS and MX records
A Mail Exchanger DNS record -- better known as an MX record -- helps an email message reach its intended recipient. You should analyze your public DNS record to make sure that the server's PTR (pointer) record has the server name mapped to the correct IP address.
More DNS troubleshooting tips and tools:

 
A primer on DNS and MX records

 
Nslookup: Check the DNS record associated with your domain

 
End reverse DNS lookups

 
Reverse DNS lookup failure  

 

  Potential Cause   SMTP authentication and relaying
SMTP authentication and relaying may be affected by a blocked domain, spam filters not allowing country-code domains, attachments, and MSExchange Transport errors (check event logs for these errors). If the "Allow all computers which successfully authenticate to relay" checkbox is not ticked, this also may cause Exchange Server non-delivery errors.
More SMTP authentication and relaying tips:

 
Stop relaying and enable outgoing SMTP authentication

 
Mail relay issues in Exchange Server 2003 and Exchange 2000 Server

 
Telnet to port 25 to test SMTP communication

 
Should you turn off your network's outbound SMTP (port 25)?

 
Testing IP restrictions on port 25  

 

  Potential Cause   Internet Service Providers
Your Internet Service Provider (ISP) or your recipient's ISP may be at the root of your email delivery woes.
More on ISPs causing email delivery failure:

 
Problems sending email to free Internet email accounts

 
Many ISPs now blocking port 25  

 

  Potential Cause   Recipient policies and permissions
Proxy addresses should match at least one Exchange Server recipient policy. If you do not have an Exchange Server recipient policy configured for the domain to which the message is sent or the sender does not have permissions, you may receive a 5.7.1 error.
More on configuring recipients and permissions:

 
How to effectively manage recipients and distribution lists  

 

  Potential Cause   Spam filtering
The intended recipient's spam filter may be identifying your Exchange Server email as unsolicited commercial email (UCE) or spam.
More spam-filtering troubleshooting tips:

 
Message blocked because it contains a banned word

 
Fighting spam with SMTP 'tar pits'

 
Configuring the smart host setting for outbound mail on Exchange 2003

 
Exchange Intelligent Message Filter  

 


Additional resources for diagnosing and troubleshooting NDRs:
 

  Expert Advice: 'You do not have permission to send to this recipient'
  FAQ: Exchange Server non-delivery reports
  Discussion Forum: 'You do not have permission to send to this recipient'
  Tip: Troubleshooting non-delivery reports
  Tip: POP3 users cannot send mail outside the server
  Tip: An introduction to Exchange Server diagnostic logging
  Download: Investigate errant email with Exchange Message Tracking Center
  Reference Center: Exchange Server NDR tips and resources

This was first published in November 2006

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: