Monday, June 4, 2007

5.7.1 You do not have permission to send to this recipient



We need to investigate the cause of 571.The client claims to be sending mail to every other domain on the internet but some certain domains returns 5.7.1 SMTP code. One of the first things we can do is getting the mail server IP address and manually telnetting into Destination mail server and find out the destination mail server response.

Your message did not reach some or all of the intended recipients.

Subject: test

Sent: 6/1/2007 2:08 PM

The following recipient(s) cannot be reached:

571 on 6/1/2007 2:00 PM

You do not have permission to send to this recipient. For assistance, contact your system administrator.

<mail.smtp25.org #5.7.1>

The host name for the mail server is mail.smtp25.org. and the IP address is 71.246.241.20

PS C:\> telnet mail.smtp25.org 25 ( this is the recipient mail server, instead of host records I could use IP address as well, don't forget to telnet into port 25 !!!)

220 mail.smtp25.org Whatz Up Punk!! Sent it OVER Fri, 1 Jun 2007 14:07:16 -0400'

(Server relies back with 220, it mean go ahead and send me the mail)

Helo (think, when you talk to someone what do you say, Hi or hello isn't it. This is the same way here, only spelling hello is different now)

250 mail.smtp25.org Hello [162.6.243.67] ( mail server gives us 250 again)

Mail from:<> ( now we say mail from: <>, either use brackets or, tell the server who the mail will be coming from by typing the SMTP Proxy address, or Just any word, would be fine example

Mail from: Spammer

Mail from:Spamking@Spamworld.com

Mail from: Hello

Mailfrom:Anything@anything.com

250 2.1.0 <>....Sender OK

rcpt to:571@smtp25.org ( this is the recipient mail address)

250 2.1.5 571@smtp25.org

Data ( this is where you enter the data, no column)

354 Start mail input; end with <CRLF>.<CRLF>

Subject: This is Test E-mail (Subject goes here) Hit enter after this to input the data

Please ignore

. (When you read to finish, hit Dot(.) Enter Dot(.) on the keyboard and you will see If message is getting accepted or now by the recipient mail server

554 5.1.0 Sender Denied This is the last message we get

Using telnet is easy and to determine one more time what is going on, knowing basic is always as good credit

So, we used

Now let's take a look recipient configuration

As you see on the recipient mail box has "From authenticated users only is selected"

It means the recipient is configured not to accept any mail from outside of their SMTP domain. Simply inbound mail is not allowed for this recipient

Here is the Microsoft KB article, and the explanation, who would be External user, or who would be

KB 827616

Because most Internet Simple Mail Transfer Protocol (SMTP) servers do not require authentication for inbound Internet e-mail, there is the risk that unauthorized Internet users might send e-mail messages to users and to distribution lists that are for internal use only. If you configure a user or a distribution group to receive e-mail messages from authenticated users only, those recipients do not receive e-mail messages that are submitted anonymously. Authenticated users can include the following

  • External users who pass credentials when they send e-mail from the Internet.

  • Internal users in the Exchange organization.


Microsoft Exchange Server 2003 has a new feature that permits mailbox users or distribution groups to only receive e-mail messages from authenticated users. This feature permits you to restrict inbound Internet e-mail for specific users or for distribution groups. The feature is enabled when you click to select the From authenticated users only check box in the Message restrictions settings for an individual user or a distribution group.


Best

Oz

No comments: