none
Specific External Domain - MapiExceptionNotAuthorized - public folder RRS feed

  • Question

  • Hi All

    Exchange 2007 SP3

    I am getting a really weird problem where a specific external company domain is sending an email to a mail enabled public folder on my exchange. They are getting a bounce back with:

    #< #5.2.0 smtp;550 5.2.0 STOREDRV.Deliver: The Microsoft Exchange Information Store service reported an error. The following information should help identify the cause of this error: "MapiExceptionNotAuthorized:16.18969:1E280000, 17.27161:0000000066020000000000000F00000000000000, 255.23226:00000000, 255.27962:7A000000, 255.27962:0A000000, 255.27962:0E000000, 255.27962:0A000000, 255.27962:94000000, 255.17082:D6040000, 0.27745:15000000, 4.21921:D6040000, 255.27962:FA000000, 255.1494:40110000, 255.1238:00000000, 0.31004:0F010480, 0.39497:0F010480, 4.55881:0F010480, 0.27676:0F010480, 0.23580:0F010480, 0.36537:0F010480, 4.5587:0F010480, 0.65193:0F010480, 6.14164:1DFAFFFF0B00F4650F010480, 6.8660:0F0104800B00F4650F010480, 6.21970:0F0104800B00F4650F010480, 6.21970:0F0104800B0097660F010480, 6.21970:0F010480B084A7660F010480, 4.31473:0F010480, 0.21097:0F010480, 4.8756:BFF9FFFF, 4.4580:05000780, 4.4408:05000780, 4.7637:D8040000, 4.5093:D6040000, 4.5318:D6040000, 4.10104:D6040000,! 0.57449: BDF9FFFF, 4.6025:05000780, 4.5257:05000780, 4.4606:D6040000, 255.1750:00000000, 0.26849:00000000, 255.21817:D6040000".> #SMTP#

    The external company can send emails to normal user mailboxes with the same internal domain no problem but when they then send to a mail enabled public folder they get a bounce back. If I send to the same pub folder from my gmail for example, the emails goes straight in.

    I have checked the following:

    Pub folder perms = Anonymouse  Contributor

    The external domain is not in any blacklists.

    Would anyone have any suggestions on this?

    Thanks

    Thursday, March 13, 2014 6:48 PM

All replies

  • Please post the results from running this cmdlet:

    Get-PublicFolderClientPermission \<PF-NAME>

    Do other anonymous SMTP sessions have the same problem with sending e-mail to this folder or is it just this one sender?

    Are there other permissions on the folder? Do any of them include the "anonymous user" (i.e. the "Guest" user)? Is the anonymous user a member of any groups that are denied permission to create items in the folder?

    Are you sure the sender is using an anonymous SMTP session?


    --- Rich Matheisen MCSE&I, Exchange MVP

    Saturday, March 15, 2014 6:03 PM
  • For the domain that doesn't work. It wouldn't happen to be one that is being spoofed that your org is authoritative for, would it? I've seen this if so.

    Twitter!: Please Note: My Posts are provided “AS IS” without warranty of any kind, either expressed or implied.

    Saturday, March 15, 2014 9:30 PM
    Moderator
  • Thanks Rich

    Get-PublicFolderClientPermission \<PF-NAME> =

    Identity                   User                       AccessRights
    --------                   ----                       ------------
    \sub\folder... Default                    {None}
    \sub\folder... Anonymous                  {Contributor}
    \sub\folder... atlgroup.co.uk/Users/TU... {PublishingEditor}
    \sub\folder... atlgroup.co.uk/Microsof... {Owner}

    The external Exchange where the sender resides has multiple other domains coming from it. So it hosts domain1, domain2, domain3 etc

    domain1 fails as mentioned in opening post from multiple users sending from the same domain

    domain2 from the same exchange comes through fine for all users (These are different people from the people using domain1)

    How can I tell if the user is using an anonymous SMTP session?

    I currently use PFDAVAdmin to manage permissions for the pub folders. I noticed that "Everyone" has None applied to it for the folder. Could this be causing an issue?

    Monday, March 17, 2014 9:14 AM
  • The SMTP protocol log should show you if the session is anonymous or authenticated.

    The "Default" user is anyone that's using an authenticated session that isn't granted permission in some other way. It's really the "Everyone" group in disguise. :-)

    What happens if you give the "Default" use the "Contributor" role?


    --- Rich Matheisen MCSE&I, Exchange MVP

    Tuesday, March 18, 2014 3:22 AM