NDR status codes and corresponding error conditions
NDR status code
Event log message ID
Event log message severity
Event log message text
A non-delivery report with a status code of %1 was generated for recipient %2 (Message-ID %3).
An out-of-memory error occurred. A resource problem, such as a full disk, can cause this problem.
Another possible cause of this error is that your Transport queue is on a FAT partition and the service has reached a Windows-imposed limit on the number of concurrent file handles opened by IIS.
Instead of getting a disk full error, you might be getting an out-of- memory error.
Ensure that your Exchange server has enough disk storage. If possible, move your mail queues to an NTFS disk partition.
Available in Exchange 2000 Service Pack (SP) 1 and later. This NDR is generated when a queue has been frozen.
Unfreeze the queue.
The destination server is not responding. Transient network conditions can cause this error. The Exchange server automatically tries to connect to the server again and deliver the mail. If delivery fails after multiple attempts, an NDR with a permanent failure code is generated.
Monitor the situation. This may be a transient problem that may correct itself.
A connection dropped between the servers. Transient network conditions or a server that is experiencing problems can cause this error. The sending server will retry delivery of the message for a specific time period, and then generate further status reports.
Monitor the situation as the server retries delivery. This may be a transient problem that may correct itself.
The maximum hop count was exceeded for the message.
This non-delivery report can also be caused if a looping condition exists between sending and receiving servers that are not in the same Exchange organization. In this situation, the message bounces back and forth until the maximum hop count is exceeded.
A configuration error in the e-mail system can also cause the message to bounce between two servers or to be forwarded between two recipients.
The maximum hop count is a property set on each virtual server and you can manually override it.
The default maximum hop count is 15.
You should also check for situations that might cause looping between servers.
The message in the queue has expired. The sending server tried to relay or deliver the message, but the action was not completed before the message expiration time occurred. This message can also indicate that a message header limit has been reached on a remote server, or some other protocol time-out occurred while communicating with the remote server.
This message usually indicates an issue on the receiving server. Check the validity of the recipient address and determine if the receiving server is configured correctly to receive messages.
You may have to reduce the number of recipients in the message header for the host about which you are receiving this error. If you resend the message, it is placed in the queue again. If the receiving server is available, the message is delivered.
This indicates a temporary routing error or bad routing configuration. Possible causes are:
· First scenario: Someone configured an SMTP connector to use DNS (rather than a smart host) and added a non-SMTP address space, such as an X.400 address, to this connector.
· Second scenario: Someone created a routing group, and a recipient in this routing group was supposed to receive mail. A routing group connector using DNS was used to bridge the routing group, and then this administrative or routing group was removed. Therefore, any mail sent to this routing group was sent in the MSGWIA.X500 format (the address encapsulation used for non-SMTP addresses); DNS does not recognize this format.Prior to Exchange Server 2003, messages sent to routing groups that no longer exist are stuck on a link.
Routing detects these situations, and Exchange returns DSNs.
· To remedy the first scenario, configure the SMTP connector to use a smart host, instead of DNS, to resolve the non-SMTP address space.
· To remedy the second scenario, ensure that you moved all users in the removed administrative group or routing group to a valid group.
Note Prior to Exchange 2000 SP1, the following codes appeared under the 5.0.0. code:
The categorizer failed; this is a permanent failure. Possible causes include:
· There is no route for the given address space; for example, an SMTP connector is configured, but this address does not match.
· DNS returned an authoritative host that was not found for the domain.
· The routing group does not have a connector defined; mail from one server in one routing group does not have a route to another routing group.
· An SMTP error occurred.
On one or more SMTP connectors, add an asterisk (*) value as the SMTP address space; verify that DNS is working; ensure that routing groups have connectors connecting them.
This NDR is caused by a general categorizer-based failure (bad address failure). An e-mail address or another attribute could not be found in Active Directory. Contact entries without the targetAddress attribute set can cause this problem. Another possible cause could be that the categorizer is unable to determine the homeMDB attribute of a user. The homeMDB attribute corresponds to the Exchange server on which the user's mailbox resides.
Another common cause of this NDR is if you used Outlook to save your e-mail message as a file, and then someone opened the message offline and replied to the message. The message property only preserves the legacyExchangeDN attribute when Outlook delivers the message, and therefore the lookup could fail.
Either the recipient address is incorrectly formatted, or the categorizer was not able to resolve the recipient properly. The first step in resolving this error is to check the recipient address and resend the message.
The e-mail account does not exist in the organization where the message was sent. This can occur when users move to new locations within a site. For instance, if a former Administrative_Group_1 user moves to Administrative_Group_2 and then replies to an old message or does not re-create an Outlook profile, an old Administrative Group style LegacyDN address will be used, and this NDR is issued. Likewise, sending mail to obsolete personal address book entries results in this error.
Also, if you configured your SMTP contact with invalid SMTP characters (as per RFC 821), the categorizer rejects the delivery with this diagnostic code.
Either the recipient address is formatted incorrectly, or the categorizer was not able to resolve the recipient properly. The first step in resolving this error is to check the recipient address, and resend the message.
A non-delivery report with a status code of %1 was generated for recipient %2 (Message-ID %3).
The recipient has a non-SMTP address that can't be matched to a destination. The address does not appear to be local, and there are no connectors configured with address spaces that contain the recipient's address.
Verify that the recipient's address was entered correctly. If the recipient's address is in a non-SMTP e-mail system that you specifically want to provide mail delivery to, you will need to add the appropriate type of connector to your topology and configure it to provide service to the recipient's e-mail system.
This message indicates a problem with the address syntax; this means that the recipient address appears incorrectly on the message. Possible causes are
1) You configured a contact with a targetAddress attribute with no address type.
2) Exchange 5.5 allows an SMTP recipient policy which violates RFC821 (SMTP standards) For example, an Exchange 5.5 site and organization contain an invalid RFC821 domain name.
Having a mixed mode environment (Exchange 5.5 and Exchange 2000 servers) can cause invalid target addresses.
Either the recipient address is formatted incorrectly, or the categorizer was not able to resolve the recipient properly. The first step in resolving this error is to check the recipient address and resend the message.
Also, examine the SMTP recipient policy and ensure that each mail domain for which you want to accept mail appears correctly.
Two objects have the same (proxy) address, and mail is sent to that address. This issue can also occur if the recipient does not exist on the remote server.
Check the recipient address to ensure that two objects do not share the address. Attempt to resend the message.
One possible cause of this NDR is that the user directory attributes such as homeMDB (the user's home mailbox store) or msExchHomeServerName (the server on which the user's mailbox resides) are missing or corrupted.
Check the user directory attribute's integrity, and rerun the Recipient Update Service to ensure the validity of the attributes that are required for transport have been updated in Active Directory (and the metabase).
The sender has a malformed or missing SMTP address, the mail attribute in the directory service. The categorizer cannot deliver the mail item without a valid mail attribute.
Check the sender directory structure, and determine if the mail attribute exists.
Local mail is refused because the message is too large or the recipient’s mailbox is not mail-enabled. A missing Master Account Security ID (SID) number on the recipient can also cause this error.
Check access permissions as well as the message size. Check if the recipient has a SID in Active Directory. Check to ensure that the recipient mailbox is mail-enabled.
This NDR is generated when the recipient's mailbox exceeds its storage limit.
In Windows 2000 or Windows 2003, the DSN is generated when the storage size of drop directory exceeds the SMTP virtual server disk quota.
The quota size is 11 times the maximum messages size or 22 MB if there is no max message size.
If the available storage size of the drop directory is within one maximum size message of the quota, or 2MB if no maximum message size is defined, the system assumes that this message causes the storage size to exceed the quota, so this DSN is generated.
Check the mailbox storage or the queue storage quota limit.
The message is too large, and the local quota is exceeded. For example, a remote Exchange user might have a restriction on the maximum size of an incoming message.
Resend the message without attachments, or set the server or the client-side limit to allow a larger message size limit.
The recipient is a misconfigured dynamic distribution list. Either the filter string or the base DN of the dynamic distribution list is invalid.
Set the categorizer event logging level to at least the minimum level, and send another message to the dynamic distribution list. Check the application event log for a 6025 event or a 6026 event detailing which attribute is misconfigured on the dynamic distribution list object.
Exchange mistakenly attempted mail delivery to an incorrect MTA route.
Exchange 2003 can operate without the message transfer agent (MTA). If mail was mistakenly sent to the MTA, Exchange returns this DSN to the sender. This condition is enforced only if you have disabled the MTA service and used specific registry settings to disable the MTA/StoreDriver. A default configuration strands the misrouted mail on the MTA queues.
Check your routing topology. Use the WinRoute tool to ensure that the routes are properly replicated between servers and routing groups.
When the Exchange remote server reaches capacity of its disk storage to hold mail, it could respond with this NDR. This error usually occurs when the sending server is sending mail with an ESMTP BDAT command. This error also indicates a possible SMTP protocol error.
Ensure that the remote server has enough storage capacity to hold mail. Check the SMTP log.
A mail-looping situation was detected. This means that the server is configured to loop mail back to itself. If you have multiple SMTP virtual servers configured on your Exchange server, ensure that they are serving unique incoming ports. Also, to avoid looping between local SMTP virtual servers, ensure that the outgoing SMTP port configuration is valid.
Check the configuration of the virtual server's connectors for loops and ensure that each virtual server is defined by a unique incoming port. If there are multiple virtual servers, ensure that none are set to "All Unassigned."
Possible causes include:
· Authoritative host not found in DNS.
· Smart host entry is incorrect.
· Fully qualified domain name (FQDN) in HOSTS file (fixed in Windows 2000 SP3).
· DNS failure occurred, or you configured an invalid IP address as your smart host.
· SMTP virtual server does not have a valid FQDN or lookup of your SMTP virtual server.
· A contact's SMTP domain does not resolve to any SMTP address spaces.
Use the DNS Resolver tool (Dnsdiag.exe) or Nslookup to check the DNS configuration. Verify that the IP address is in IPv4 literal format. Verify the valid DNS entry for the server/computer name in question. If you rely on an FQDN in a HOSTS file, update the entry in Exchange System Manager with a valid IP address or correct name.
Available in Exchange 2000 SP1 and later versions.
This NDR occurs if no route exists for message delivery, or if the categorizer could not determine the next-hop destination.
You set up a routing group topology, but no routing group connector exists between the routing groups.
Add or configure your routing group connector between routing groups.
A categorizer forward loop was detected. The targetAddress attribute is set on a mailbox-enabled user.
This common hosting configuration problem occurs when someone creates a contact in one organizational unit, and then uses the provisioning tool to create a user in another organizational unit with the same e-mail address.
This happens when contact A has an alternate recipient that points to contact B, which then has an alternate recipient that points back to contact A. Check the contact's alternate recipient. Check and remove the targetAddress attribute from mailbox-enabled users. For hosting, that is, sending mail from one user in one company in an organizational unit to a user in another company in a separate organizational unit, you should configure the following two related objects: User: SMTP proxy: firstname.lastname@example.org Contact: targetAddress: email@example.com; SMTP proxy: firstname.lastname@example.org, where fourthcoffee.com is the name of the second company.
This message warns of a looping condition, which may occur because one of the recipient policies includes a local domain that matches the FQDN of an Exchange server in the organization. When the categorizer is processing mail that is destined for a domain matching an Exchange server's FQDN, it returns this NDR.
Check your recipient policies. If a recipient policy contains an Exchange server's FQDN, you must remove that entry. Your recipient policy should not contain the FQDN of your server; instead, it should contain the mail domain only—for example, instead of server1.contoso.com, you enter contoso.com.
A generic protocol error or an SMTP error causes this NDR. The remote SMTP server responds to a sending server's identifying EHLO with a 500-level error. The sending system will then terminate the connection and deliver an NDR indicating that the remote SMTP server cannot handle the protocol. For example, if a Microsoft Hotmail® e-mail account is no longer active, a 550 SMTP error will occur.
View the SMTP Log or a Netmon trace to see why the remote SMTP server rejects the protocol request.
A generic SMTP error occurs when SMTP commands are sent out of sequence. For example, a server attempts to send an AUTH (authorization) command before identifying itself with an EHLO command.
It is possible that this error can also occur when the system disk is full.
View the SMTP Log or a Netmon trace, and ensure there is enough disk storage and virtual memory for SMTP to operate.
Too many recipients on a message can cause this NDR.
The recipient limit is a configurable setting. To resolve this issue, either increase the recipient limit or revise the message into multiple messages to fit the server limit.
The default recipient limit on an SMTP message is 5,000. To change this limit, start Exchange System Manager, expand Global Settings, right-click Message Delivery, click Properties, and then use the Defaults tab. This can also be a per-user setting in Active Directory.
The message contains either an invalid sender or an incorrect recipient address format.
One possible cause is that the recipient address format might contain characters that are not conforming to Internet standards.
Check the recipient address for nonstandard characters.
This message indicates a possible protocol error.
Check the X-LINK2STATE protocol and Event Log for possible failures.
· General access denied, and sender access denied—the sender of the message does not have the required permissions necessary to complete delivery.
· You are trying to relay your mail through another SMTP server, and the server does not permit you to relay.
· The recipient may have mailbox delivery restrictions enabled. For example, if a recipient's mailbox delivery restriction is set to receive mail from a distribution list only, non-member's mail will be rejected and produce this error.
· New in Exchange 2003: An anonymous user attempted to send mail to recipients or distribution lists that accept mail only from an authenticated SMTP session.
Check system privileges and attributes for the contact, and try sending the message again. Also, to resolve other potential issues, ensure that you are running Exchange 2000 SP1 or later.
The sender prohibited
How to Publish Microsoft Exchange Active Sync (EAS) with ISA Server 2006 (Part 1) How to troubleshoot
I just got a 5.9.4 NDR code. I can't seem to find what it means. It came in an email with 2 attachments that I can't open due to not knowing what to open them with and I don't even know if it's safe to open them anyway even though my virus scanner didn't stop it. The email was sent from my email address to my email address and the subject line is: "Non delivery report: 5.9.4 (Spam SLS/RBL)". The attachemnts are both called: "Non Deliver Report_9.5.4(SPAM SLS_RBL).dat" but one has 711 bytes and the other has only 707. Any ideas on how to figure out what is not getting delivered and why?