HostWeb Forums » Microsoft Server Applications » microsoft.public.exchange.admin » smpt 553 terminating connection as the sender is spoofed
Topic: smpt 553 terminating connection as the sender is spoofed
This is a short term problem but I would like to know how to resolve it. We
are currently moving remote users from one exchange server to another, on
diffrent domains. What we do is set up the user on the new exchange server
and then forward messages from the old exchange server to the new one.
If a user from new domain.com to a user in new domain.com no problems but if
a user sends an e-mail from the newdomain.com to the olddomain.com the old
exchange server replies with the following message:
There was a SMTP communication problem with the recipient's email server.
Please contact your system administrator.
<olddomain.com #5.5.0 smtp;553 Terminating connection as the
sender is spoofed.>
I know the issues must be that the server is wondering why an e-mail is
coming from newdomain.com only to be forwarded back to newdomain.com. But
because of the nick name lists in outlook still contain the olddomin user
name users are still sending to the old domain.
I tried allowing resolve anoymous e-mail and allowing forwarding from that
specfic exchange server, and those did not work, does any body have any
suggestions how I might prevent this error?
Replies below ↓
Replies
RE: smpt 553 terminating connection as the sender is spoofed
Hello,
Thank you for posting.
First, I want to confirm two things with you:
Did you enable any anti-spam method or software on the old Exchange server?
(Include third party softwares)
Are the two servers in the same organization?
If there are some message filters between the two servers, disable them for
testing.
I suggest you add the IP address of the new Exchange server into the white
list.
1. Open ESM.
2. Global Settings->Right click Message Delivery and click
Properties->Connection Filter->Accept
3. Add the IP address into the list.
4. Restart the Exchange server.
If the problem persists, please try the following steps:
1. Telnet to the old server from the new Exchange server. (Logon to the new
Exchange server locally)
XFOR: Telnet to Port 25 to Test SMTP Communication
http://support.microsoft.com/?id=153119
Please copy the result in the thread.
2. Enable message tracking:
a. Start Exchange System Manager.
b. Right click the server on which you intend to enable tracking.and then
click Properties.
c. On the General tab, click to select the Enable Message Tracking check
box, and then click to select the Enable subject logging and display check
box.
d. Ensure that the log file maintenance information suits the needs for
logging. NOTE: By default, log files older than seven days are deleted.
e. Reproduce the problem and then try to find the NDR in Message Tracking
Center. Double click it and take a screenshot.
f. Send the screenshot to me at: v-jochen@microsoft.com
Please use "smpt 553 terminating connection as the sender is spoofed" as
the title of your emails. Thanks!
If you have any questions or concerns, please feel free to let me know.
Sincerely,
John Chen, MCSE, MCSA, MCDBA, MCSD
Microsoft Online Partner Support
Get Secure! - www.microsoft.com/security
=====================================================
When responding to posts, please "Reply to Group" via
your newsreader so that others may learn and benefit
from your issue.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
RE: smpt 553 terminating connection as the sender is spoofed
Thank you for your reply
The only spam method that is installed on the old server is the intelligent
message filter.
The two servers are in diffrent organizations but the organizations are
connected via a VPN through firewalls. No trusts have been created.
Adding to the connection filtering did not work so here is the telnet
response:
220 olddomain.com Microsoft ESMTP MAIL Service, Version: 5.0.2195.6713 r
eady at Thu, 1 Jun 2006 14:49:31 -0600
ehlo test.com250-olddomain.com.com Hello [24.xxx.xxx.xxx]
250-TURN
250-ATRN
250-SIZE
250-ETRN
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-8bitmime
250-BINARYMIME
250-CHUNKING
250-VRFY
250-X-EXPS GSSAPI NTLM LOGIN
250-X-EXPS=LOGIN
250-AUTH GSSAPI NTLM LOGIN
250-AUTH=LOGIN
250-X-LINK2STATE
250-XEXCH50
250 OK
mail from: larry@test.com500 5.3.3 Unrecognized command
But here is a response form the Exchange server message tracking
smtp: Message submitted to advanced queing
smtp:Started message submission to advanced queue
smtp:message submitted to ctegorizer
smtp:message categorized and qued for routing
smtp message routed and queued for remote delivery
smtp: starte out bound transfer of message
smtp: Non-Delivered report(NDR) Generated.
250-TURN
250-ATRN
250-SIZE
250-ETRN
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-8bitmime
250-BINARYMIME
250-CHUNKING
250-VRFY
250-X-EXPS GSSAPI NTLM LOGIN
250-X-EXPS=LOGIN
250-AUTH GSSAPI NTLM LOGIN
250-AUTH=LOGIN
250-X-LINK2STATE
250-XEXCH50
250 OK
But I was unable to continue the Mail from kept returning an error
RE: smpt 553 terminating connection as the sender is spoofed
I thought the error was quite strange to. I copied exactly the response from
the DOS Prompt where the 500 5.3.3 is the error message received.
mail from: testreplication@Newdomain.com500 5.3.3 Unrecognized command
All though the networks are connected via a VPN exchange is operating as
separate entities. There are not any connectors associated since they are
truly on seperate domains. one server is servicing one domain name and the
other server a seperate domain. So they are communicating with each other as
if you were to send an e-mail to microsoft.com.
One thing that I was wondering could it have to do with a reciepient policy?
since it is coming from newdomain.com and being forwarded back to new
domain.com does the exchange server need to know it is allowed to forward for
newdomain.com?
RE: smpt 553 terminating connection as the sender is spoofed
Hello,
First, I want to double confirm one thing with you:
Did the telnet test end with "Unrecognized command"? It is quite strange. I
suggest you check the command you inputted and try again.
You told me the Exchange servers are in separate organizations. Could you
let me know how the mails are transferred between the two organizations?
SMTP connector?
If you are using SMTP connector and there are more then one server in the
new domain, I suggest you change a bridgehead in the connector.
If you have any questions or concerns, please feel free to let me know.
Sincerely,
John Chen, MCSE, MCSA, MCDBA, MCSD
Microsoft Online Partner Support
Get Secure! - www.microsoft.com/security
=====================================================
When responding to posts, please "Reply to Group" via
your newsreader so that others may learn and benefit
from your issue.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.