SMTP Error from remote mail server after end of data: host: 550 5.7.1 Message rejected due to content restrictions


  • I have a particular domain that is trying to send email messages to our company. Their emails get blocked by every user BUT ONE. She gets his messages every time. I checked her Junk Email allow list and neither his email address nor his domain are listed in her allow list. So, her account/profile appears to be no different than the rest of the company's.  So, why is she the only one able to receive his email messages.

    I have Exchange 2007 SP2, MS Forefront 2010 in a terminal server environment and have white-listed his domain in Forefront.


    Thursday, January 26, 2012 2:29 PM


All replies

  • Your staff member isn't listed in the Content Filtering -> Exceptions tab, are they?

    This would be on the Edge Transport, if you have one, or the receiving HT server if not.


    Thursday, January 26, 2012 2:38 PM
  • Content Filtering is Disabled...on the Hub Transport.


    I checked that as well...that's why I'm stumped.


    Thursday, January 26, 2012 2:42 PM
  • Yeah, that definitely sounds odd then. And I'm assuming the Edge is where the others are getting blocked? As opposed to everyone getting through the Edge only to be blocked at the internal HT server?


    Thursday, January 26, 2012 2:46 PM
  • That would be logica. But, the content, being disabled with no adjustable settings, you would think it would then be up to the Forefront program then to allow/disallow messages from being accepted. And this blocked user/domain has been allowed for all aspects of his messages to come through in Forefront.


    And yet... my one user, is the only one that can still get his email messages, and the rest of us cannot:(

    Thursday, January 26, 2012 2:50 PM
  • I'm out of bright ideas in that case, as I haven't seen this kind of selective bypass unless it's administratively defined on the HT or Edge, or through someone putting them on their safe senders list.

    It's nothing more than a point of curiosity, but the staff member successfully receiving the messages doesn't have them as a contact, do they?


    Thursday, January 26, 2012 2:57 PM
  • She DOES have him as a contact...now why would that cause her to receive his messages, but none of us??

    Btw...it's unusual that she does have him in her contacts, because we normally work off of shared contact folders.

    You may be onto something!

    Thursday, January 26, 2012 3:03 PM
  • Well, I'm only taking a stab in the dark here, but Outlook does allow you to include your Contacts as safe senders. You don't see the addresses listed in the actual safe sender list, but there is an option nonetheless for this behaviour.

    On Outlook 2010 you can find the setting in the Safe Senders tab listed down the bottom as a checkbox option labelled: Also trust e-mail from my Contacts.

    The outstanding question for my mind is whether or not this is stored server-side just as the actual safe senders list is. If so, then this would explain the behaviour.

    I'm torn between heading off to bed (11pm here) and VPNing into work to look into this. If I opt for the former then I'll look at it in the morning.

    As a test though, you could enable that setting for yourself, wait for whatever your default mailbox refresh time is (we brought ours down from 2 hours to 45min for just this kind of scenario), kick off synchronisation with the Edge through running the following on your internal HT server, then get the troublesome sender to try mailing you. The edge sync command is:

    Start-EdgeSynchronization -Server <internalHTserver>

    Or you could take the easy option and just enable the setting and wait a while (I'm too impatient for that though - one of many failings).


    • Edited by Lain Robertson Thursday, January 26, 2012 3:12 PM Provided clarity on the second sentence of the first paragraph
    Thursday, January 26, 2012 3:11 PM
  • I will take a look at that Outlook setting as soon as I can and give you an update!  I can be impatient as well, but even moreso...my end users are:)  If that doesn't give me the hint of the solution, I'll definitely run the command.


    Thanks so much for your insight.  I'm just getting ramped up for my day being that it's just after 9am.  But, you should be catching your zzzz's :)  lol  


    Thursday, January 26, 2012 3:16 PM
  • Actually, I'll leave you with this as some good news for the morning, as it confirms that Contacts are processed the same way as senders explicitly listed on the Safe Senders list:


    Hope this helps out!


    • Marked as answer by Terence Yu Thursday, February 02, 2012 7:07 AM
    Thursday, January 26, 2012 3:19 PM
  • It worked!  Thanks Lain :)
    Thursday, February 02, 2012 1:48 PM