Archive for September, 2014

MS Exchange NDR Errors

We’ve been running into a number of these as of late (including a few I thought I’d never see), and I’ve been trading answers back and forth with a buddy of mine who had the misfortune of falling into the IT department of a certain phone company in the Philippines (best of luck to you)… On a side note, anyone who tries to attach over 250 documents to an email deserves to have their address revoked. And be hit. Just saying.

Anyways… Here’s a list from SW that I usually send out as a reference. I’ve only referenced it once or twice, but it’s been handy when I’ve needed it.

Code Explanation of Non-Delivery Report error codes 

4.2.2 The recipient has exceeded their mailbox limit. It could also be that the delivery directory on the Virtual server has exceeded its limit. (Default 22 MB)
4.3.1 Not enough disk space on the delivery server. Microsoft say this NDR maybe reported as out-of-memory error.
4.3.2 Classic temporary problem, the Administrator has frozen the queue.
4.4.1 Intermittent network connection. The server has not yet responded. Classic temporary problem. If it persists, you will also a 5.4.x status code error.
4.4.2 The server started to deliver the message but then the connection was broken.
4.4.6 Too many hops. Most likely, the message is looping.
4.4.7 Problem with a timeout. Check receiving server connectors.
4.4.9 A DNS problem. Check your smart host setting on the SMTP connector. For example, check correct SMTP format. Also, use square brackets in the IP address [] You can get this same NDR error if you have been deleting routing groups.
4.6.5 Multi-language situation. Your server does not have the correct language code page installed.
5.0.0 SMTP 500 reply code means an unrecognised command. You get this NDR when you make a typing mistake when you manually try to send email via telnet.
More likely, a routing group error, no routing connector, or no suitable address space in the connector. (Try adding * in the address space)
This status code is a general error message in Exchange 2000. In fact Microsoft introduced a service pack to make sure now get a more specific code.
5.1.x Problem with email address.
5.1.0 Often seen with contacts. Check the recipient address.
5.1.1 Another problem with the recipient address. Possibly the user was moved to another server in Active Directory. Maybe an Outlook client replied to a message while offline.
5.1.3 Another problem with contacts. Address field maybe empty. Check the address information.
5.1.4 Two objects have the same address, which confuses the categorizer.
5.1.5 Destination mailbox address invalid.
5.1.6 Problem with homeMDB or msExchHomeServerName – check how many users are affected. Sometimes running RUS (Recipient Update Service) cures this problem. Mailbox may have moved.
5.1.7 Problem with senders mail attribute, check properties sheet in ADUC.
5.2.x NDR caused by a problem with the large size of the email.
5.2.1 The message is too large. Else it could be a permissions problem. Check the recipient’s mailbox.
5.2.2 Sadly, the recipient has exceeded their mailbox limit.
5.2.3 Recipient cannot receive messages this big. Server or connector limit exceeded.
5.2.4 Most likely, a distribution list or group is trying to send an email. Check where the expansion server is situated.
5.3.0 Problem with MTA, maybe someone has been editing the registry to disable the MTA / Store driver.
5.3.1 Mail system full. Possibly a Standard edition of Exchange reached the 16 GB limit.
5.3.2 System not accepting network messages. Look outside Exchange for a connectivity problem.
5.3.3 Remote server has insufficient disk space to hold email. Check SMTP log.
5.3.4 Message too big. Check limits, System Policy, connector, virtual server.
5.3.5 Multiple Virtual Servers are using the same IP address and port. See Microsoft TechNet article: 321721 Sharing SMTP. Email probably looping.
5.4.0 DNS Problem. Check the Smart host, or check your DNS. It means that there is no DNS server that can resolve this email address. Could be Virtual Server SMTP address.
5.4.1 No answer from host. Not Exchange’s fault check connections.
5.4.2 Bad connection.
5.4.3 Routing server failure. No available route.
5.4.4 Cannot find the next hop, check the Routing Group Connector. Perhaps you have Exchange servers in different Routing Groups, but no connector.
5.4.6 Tricky looping problem, a contact has the same email address as an Active Directory user. One user is probably using an Alternate Recipient with the same email address as a contact.
5.4.7 Delivery time-out. Message is taking too long to be delivered.
5.4.8 Microsoft advise, check your recipient policy. SMTP address should be
5.5.0 Underlying SMTP 500 error. Our server tried ehlo, the recipient’s server did not understand and returned a 550 or 500 error. Set up SMTP logging.
5.5.2 Possibly the disk holding the operating system is full. Or could be a syntax error if you are executing SMTP from a telnet shell.
5.5.3 More than 5,000 recipients. Check the Global Settings, Message Delivery properties.
5.5.5 Wrong protocol version
5.6.3 More than 250 attachments.
5.7.1 Permissions problem. For some reason the sender is not allowed to email this account. Perhaps an anonymous user is trying to send mail to a distribution list.
Check SMTP Virtual Server Access Tab. Try checking this box: Allow computers which successfully authenticate to relay
User may have a manually created email address that does not match a System Policy.
5.7.2 Distribution list cannot expand and so is unable to deliver its messages.
5.7.3 Check external IP address of ISA server. Make sure it matches the SMTP publishing rule.
5.7.4 Extra security features not supported. Check delivery server settings
5.7.5 Cryptographic failure. Try a plain message with encryption.
5.7.6 Certificate problem, encryption level maybe to high.
5.7.7 Message integrity problem.

IT in Higher Education


Hello to everyone reading,

Today, I’m starting a weekly section partially for general questions that come from some of my other friends studying or working in information technology (but mostly for myself so I have all my links, references and guides in one place if I forget to back them up again). I’ll mostly be covering Windows 7, Server 2008/2012, some Hyper-V stuff, AD, Exchange, etc, everything that’s been thrown at me over the course of a month.

“Why are you suddenly jumping into this?” you might ask.

Long story short, I applied for a job in a technology department that didn’t have a network admin, so I’ve had to learn this all really fast. And if you don’t know me, the extent of my knowledge with AD and Exchange is setting up a home server and network so I could toy around with some of this stuff. Yes, that is my idea of “fun”.

Not to mention, I’m even less familiar with Windows in general. It may not be difficult to figure out, but there’s a certain comfort in working on a computer with Linux on it. Something Debian-based, if this is on a day that I’m feeling a little picky.

But if you absolutely must know the whole story, here it is!

So after going to work for Dell and then disappearing off the face of the earth for a good half year, I moved back home to take a break from IT. 10 hours a day of helpdesk calls isn’t exactly my ideal job. Of course, getting paid to sit in a cubicle all day and dispatch parts and listen to customers vent about how their sales rep sold them the wrong configuration or how their new product isn’t acceptable because it has Windows 8 on it isn’t the worst thing in the world either. I know, first world problems.

Almost as soon as I got back into town and settled down at home, I picked up a job at a local computer repair shop. For the most part, I worked in the back room and got rid of viruses that people insisted Microsoft or Dell put on there. Everything was ok minus a few issues like the manager with some anger management problems (who probably drove off more than a few customers due to his habit of yelling at them), and overall the usual disorganization you would see in any small/medium business. Needless to say, that lasted about a month before I broke off.

Once again, I’m kicking myself for picking up work instead of going back to school.

Just about a month ago, I was applying for some grants, looking for scholarships, trying to get back to school for network systems administration (“computer stuff”, for my family that is reading this). Around the same time, I was talking to one of my friends who was working in the tech department as an intern (or workstudy, or part-time employee, I still don’t know what he does). They had a job opening for a “support technician”. Said friend got my name to his supervisor and within the day I received an email asking for an application.

Cool. So I can work at the college, take some classes part time at a discount, and still make a decent income.

After reading the job description, everything seemed fairly easy. Install, repair, and troubleshoot PC hardware. Maintain software. Take care of coordination with faculty and assist/provide training for work studies. Asset management. Terminate network drops. Do switch work. As expected, no major qualifications. Seems simple enough.

The real kicker turned out to be that “Other duties as assigned” at the end of the list.

Evidently the department had a full turnover. The last “long-term” employee left a few weeks after I arrived due to some unforeseen issues. So now I’m feeling my way around a very messy AD and Exchange server. I won’t go into the details of how it’s set up, but trust me on this one. It’s a little scary from working in AD and Exchange with a total of about 30-40 people and some test accounts to one with tens of thousands of users/computers and around a hundred commonly used OUs. Still small scale for an organization, but a big jump nonetheless.

Not to mention I have yet to even look at the GPOs in use. And the servers. And the VMs. You get the idea.

At any rate, I’ve made decent headway since getting here about a month ago. Things start to make more sense if you don’t stop to think about it. And really, I don’t have time to question why things are done. There’s barely enough time to analyze how something is set up and what needs to be done to fix it or work around it. Especially at the beginning of the school year, there’s not a lot of time to worry about implementing new things, and even less time to make mistakes and have to go back and fix them. Not like I needed the time to go back to school anyway.

So I’ll probably throw a weekly post with at least one or two problems I ran into, what I did to fix it, and hope it helps at least one of the many people that get tossed into a situation like this.

Lastly, if you have any questions about any of the previously-mentioned software, feel free to ask. Basic windows/linux/iOS/OS X questions are welcome as well. If I can’t answer off the top of my head, I can at least point you towards the proper channels, whatever they may be.

Hope everyone has a good week, and thanks for reading.

~ Rumeh

%d bloggers like this: