Attempts to email new users externally results in NDR 550 Invalid Recipient
Hi there, I have an SBS 2003 install running Exchange 2003 SP2. Recently, I have had an issue with a couple of user accounts where external email sent to those accounts has been returned with an NDR 550 Invalid Recipient. I have tried telnet to the Exchange SMTP and find that I can send an email to the .local email address of the user, but not the .com email address which still come back with a 550 error. I have tried deleting the accounts and recreating them, but this has not worked. Additionally, any new accounts that are created do not have a functioning external email address although the .local address works just fine. Furthermore, if a new external email address is added to an existing, functioning account, that does not work either. All other users' email is working just fine, both internally and externally, and they are able to send internal email to these new users without any problems. It is almost as if Exchange is not accepting any more external email addresses..... If anyone has any ideas on this, I would be most grateful as I seem to be going round in circles. Cheers, Mark
January 7th, 2008 6:49pm

Check your recipient update service and recipient policies. 1. for the .com address have you got a recipient policy? 2. Does your recipient update service (RUS)have valid exchange server and domain controller names bound to it? Here's more on troubleshooting RUS: http://msexchangeteam.com/archive/2004/07/07/175444.aspx
Free Windows Admin Tool Kit Click here and download it now
January 8th, 2008 9:22pm

The .com address is defined in the default recipient policy and the RUS is bound to the correct server. The behaviour is very strange - its almost as if the server won't accept any more .com addresses.
January 8th, 2008 10:20pm

I am having exactly the same issue...has there been a resolution to this?
Free Windows Admin Tool Kit Click here and download it now
April 10th, 2008 5:49am

Unfortunately not - we have even had to resort to using old accounts and renaming them rather than creating new accounts. What I can't get my head round is that we use Hexamail as a Spam Filter, and when we do an import of email addresses, the new ones come across fine - so you would imagine that it isn't an active directory issue, but I can't think where else to look.
April 10th, 2008 12:00pm

You have described it perfectly, everything works except the receipt of external email. When someone tries they get the "Invalid recipient" error.I updated the SBSserver & Exchange to SP2 confident that this would resolve the issue, but no luck. I cannot understand why we cannot find more discussion on this..it must be happening to others.I am at a complete loss of what to try next. Maybe if we keep discussing it someone will chime in.......Just had a thought, by any chance are you using Messagelabs or similar?
Free Windows Admin Tool Kit Click here and download it now
April 10th, 2008 4:44pm

I understand the frustration - I have found a couple of postings which are almost identical to my original question, but without any reply - a good indication that no one has a clue what the answer is. I too hoped that applying the latest SPs would fix the problem, but to no avail. I have sat and used Telnet to connect to the SMTP server, testing everything I can think of - and what is even more bizarre is that if I drop the domain name (i.e. just use the username) the 2.1.5 response gives the email address that doesn't work! For example, assuming the invalid email address is abc@company.com, if I telnet to the SMTP server and use "rcpt to: abc@company.com" I get "550 Invalid Recipient: <abc@company.com>" however, if I just do "rcpt to: abc" I get "250 2.1.5 abc@company.com"which is just crazy. To make matters worse of course, the email address belongs to one of the directors of the company who does not want excuses, just fixes..... A little light at the end of the tunnel would always be appreciated.
April 10th, 2008 5:01pm

I think I found it. Messagelabs started asking for a list of email addresses (they never used to) when I setup this client with them. I went to the clients config site for ML and have added the accounts. It will take a few hours but I bet by morning the problem is solved . If this is it I'm gonna feel real stupid.
Free Windows Admin Tool Kit Click here and download it now
April 10th, 2008 5:16pm

If you are connecting and trying to submit inbound messages directly to your Exchange 2003 server and they fail, then MessageLabs isn't coming into the picture. BTW I recommend using a command line mailer like POSTIE to test SMTP flow through a server as doing it through TELNET is really painful in comparison. The syntax for POSTIE would be as follows: C:\postie>postie -host:yourexchangeserver -to:yourvp@yourcompany.com -from:whatver@gmail.com -s:Test -msg:Test -gmt You would need to tweak the server name and email addresses, but otherwise it's a quick test utility. Anyway I saw where you said the .com address is defined on a recipient policy. I did not see where you verified that the .com address was stamped on the user account. Can you verify that the .com is showing up on the email addresses tab of the user? Ifthe .com addressisn't listed, but you see all the Exchange information filled in including other email addresses, then perhaps the user is being linked to another recipient plocy that doesn't have the .com address defined. If you have only one recipient policy, then this is probably not the case. If you do see the .com email address on the user, and the AD object hasn't been modified in hours (View -> Advanced View -> Object tab), then for whatever reason your Exchange server isn't refreshing the directory cache. To force a directory cache reset, you would need to restart the System Attendant service which will bring down your whole Exchange server temporarily. BTW - it's possible the accounts are getting updated correctly, but that replication between two DC's isn't working, and that Exchange server is reading the GAL from a different server that is getting the RUS updates on it. If you never see the email addresses show up on the user, then it's possible your RUS is stuck in an applied state and not processing new accounts correctly. But before I tell you how to solve that (as it can get very involved) I wanted to verify that you don't have a problem above.
April 10th, 2008 9:20pm

The account has all the correct email addresses - I have even tried modifying the Recipient Policy to check that the user account gets updated and that all works fine. There is only one recipient policy to worry aboutand only one server so replication isn't the issue. What I can't understand is that the SMTPserver obviously knows the correct address as it appends the domain name to the username correctly if you omit the domain name, but rejects the message with a 550 if you use the full email address.
Free Windows Admin Tool Kit Click here and download it now
April 10th, 2008 10:01pm

It's actually quite standard for SMTP servers to apply the default @smtpaddress to a name when just a name is given w/o an address for the TO line. I think you can turn this behavior off in Exchange, but I have never found a need to. When you say there is only one server, you mean you have only one Exchange server, one AD server, or one server period (as in both roles are installed on the same box)? So if you use a tool like Postie to try and send email to the address (you confirmed is on the AD account and is also in the recipient policy) by talking directly to the server, does it still report the address doesn't exist? If so have you tried restarting the System Attendant and/or rebooting the server (might as well reboot the server if it is only an Exchange server as shutting down the SA brings down all of Exchange anyway).
April 10th, 2008 10:38pm

There is only one server - an SBS2003 box. It has been rebooted recently (certainly a few times since the user was added). When using Postie (neat tool by the way, thanks) still get the same 550: Invalid recipient error. Using ADSI Edit, I have checked the user and all of the mail fields are correctly populated. Not really sure what else to try.
Free Windows Admin Tool Kit Click here and download it now
April 10th, 2008 10:57pm

About the only other thing I can recommend is to turn up diagnostic logging on the Message Transport portion (pay special attention to the NDR sub-section of the Message Transport) of the properties onyour server in ESM and to try it again and see what is logged in the applicaiton log. If you see anything relevant in there, please post it. Sometimes it takes a minute for the diagnostics logging to take effect, but if nothing else you could always restart the SMTP service. Otherwise if it is a self contained server, and you know the email address exists correctly on the user account and the SMTP domain is listed on the only recipient policy, then there should be no reason why Exchange shouldn't accept the email. BTW this means you can skip contacting Message Labs as you bypassed them for incoming email, so they are out of the loop. If nothing else, you might need to open a support ticket with MSFT PSS, and if you do please let us know the outcome.
April 10th, 2008 11:03pm

It was definately MessageLabs for me, are you sure you haven't got your email going through a 3rd party somewhere?....good luck!
Free Windows Admin Tool Kit Click here and download it now
April 12th, 2008 7:51am

Yes it was sophos antispam that did not replicate with our new DNS server that coused this problem. Check 3rd party software and their DNS configurations.
February 28th, 2010 1:16pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics