can not send email to internal users from BPOS RRS feed

  • Question

  • I have been trying to get BPOS to work in coexistance with a non-exchange mail server hosted internally.  I have BPOS set to external relay and the MX records point to our Smarthost which scrubs the mail and sends it to our internal mail server.  We can send email from internal users to BPOS users but BPOS users can not send to internal.  We set our local email host to allow relay only from as requested by support but still not working.  This is the error message they receive;
    NOTE! the names have been changed to proctect the innocent.

    A message that you have sent could not be delivered to one or more
    recipients. This is a permanent error. The following address(es) failed:

    <>: 542 Validating Sender: 5.7.1 You are not allowed to send email via this server

    This is the message header from the original message:
    Received: from unknown [] (EHLO
    by over TLS secured channel
    with ESMTP id (envelope-from <>);
    Wed, 29 Dec 2010 10:27:56 -0700 (MST)
    Received: from ( by ( with Microsoft SMTP Server id; Wed, 29 Dec 2010 17:27:55 +0000
    Received: from mail197-va3 (localhost.localdomain []) by (Postfix) with ESMTP id 2E42D103810A for
    <>; Wed, 29 Dec 2010 17:27:55 +0000 (UTC)
    X-SpamScore: 0
    X-BigFish: VS0(zzzz1202hzzz2dh87h2a8h668h61h)
    X-Spam-TCS-SCL: 0:0
    X-Forefront-Antispam-Report: KIP:(null);UIP:(null);IPVD:NLI;H:VA3DIAHUB028.RED001.local;;EFVD:NLI
    Received: from mail197-va3 (localhost.localdomain []) by mail197-va3
    (MessageSwitch) id 1293643674941046_2703; Wed, 29 Dec 2010 17:27:54 +0000
    Received: from (unknown []) by (Postfix) with ESMTP id D65FA1538052 for
    <>; Wed, 29 Dec 2010 17:27:54 +0000 (UTC)
    Received: from VA3DIAHUB028.RED001.local ( by ( with Microsoft SMTP Server (TLS) id; Wed, 29 Dec 2010 17:27:52 +0000
    Received: from VA3DIAXVS511.RED001.local ([]) by
    VA3DIAHUB028.RED001.local ([]) with mapi; Wed, 29 Dec 2010
    09:27:52 -0800
    From: Me<>
    To: User2<>
    Date: Wed, 29 Dec 2010 09:27:51 -0800
    Subject: test4 12/29
    Thread-Topic: test4 12/29
    Thread-Index: AQHLp324s8YwvlgXYk2/0HXjxIL6fQ==
    Message-ID: <9DEDCEEB9CF1224C8AFAF01120A42483044D5853@VA3DIAXVS511.RED001.local>
    Accept-Language: en-US
    Content-Language: en-US
    acceptlanguage: en-US
    Content-Type: multipart/alternative;
    MIME-Version: 1.0

    Any help would be greatly appreciated

    Wednesday, December 29, 2010 6:02 PM

All replies

  • Hi, the server that seems to be rejecting it is the server.  Have you checked the settings there to make sure the Microsoft Online is allowed to send to it.  One thing that some SPAM systems will do is prevent emails with a from address of that originate from the Internet, into the email system.  To those systems they see as an internal domain, and messages from that domain should not originate from the Internet so they reject them.

      If you contact me through the website below with the actual domain name, we could probably figure it out pretty quick.


    Chad Mosman, MessageOps |
    Wednesday, December 29, 2010 6:59 PM
  • Chad, thanks for the reply.  Do you want me to contact you thru the blog or the contact page?


    Joe R
    Wednesday, December 29, 2010 7:01 PM
  • The contact page is fine.  I'll pick it up there.


    Chad Mosman, MessageOps |
    Wednesday, December 29, 2010 7:32 PM
  • As to the NDR with regards to BPOS users trying to send emails to your On-Prem accounts; do those users exist in BPOS? If they do, are they active, disabled, or disabled users with subscriptions?


    In a co-existence scenario, all users are brought across as disabled users. However, upon given those accounts an subscription ID, the users now exist both in On-Prem as well as BPOS. All active users can email active users from the cloud to on-prem, unless that user exists in both realms. Now if the user does exist, yet they are disabled with an active license, you would receive an NDR.

    One other thing you can to test this issue is to delete both the OAB and NK2(Outlook 2007) or OAB and reset the cache in Outlook 2010 and try sending a piece of mail to the user account by typing in the exact SMTP Address.

    If this continues to persist, I would suggest opening a request with Support.

    Monday, January 3, 2011 8:44 PM
  • David,

    Thanks for the reply.  With the help of Chad from MessageOps wew were able to solve the problem.  It turned out to be that the ip addresses of our smart host had to be added to our emai server's local ip table.


    • Proposed as answer by Joetechstar Wednesday, January 5, 2011 1:30 PM
    Wednesday, January 5, 2011 1:29 PM