Microsoft KB Archive Search

Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

  1. Home
  2. Outgoing message delivery is delayed or rejected in Forefront Online Protection for Exchange and you receive a "Greylisting in action, 451 4.7.1" nondelivery report

Outgoing message delivery is delayed or rejected in Forefront Online Protection for Exchange and you receive a "Greylisting in action, 451 4.7.1" nondelivery report

View products that this article applies to.

Problem

In a Microsoft Office 365 pre-upgrade environment, your outgoing (also known as "outbound") email message delivery is delayed or rejected in Microsoft Forefront Online Protection for Exchange (FOPE). Additionally, you receive the following nondelivery report (NDR) error message:
You do not have permission to send to this recipient. For assistance, contact your system administrator.
<domain.com #4.7.1 smtp; 451 4.7.1 Greylisting in action, please come back later>

↑ Back to the top

Cause

This issue can occur if the receiving domain enforces a retry period that's designed to block spam. This causes message delivery to fail because greylisting blocks all senders until they pass the greylisting test at least one time. Greylisting systems frequently encounter issues when they retry from different Message Transfer Agents (MTAs).

↑ Back to the top

Solution

To resolve this issue, follow these steps:
  1. Troubleshoot issues that are related to Simple Mail Transfer Protocol (SMTP) and mail flow. To do this, go to the following Microsoft TechNet website:
    How to Use Telnet to Test SMTP Communication
  2. If SMTP communication works, contact the recipient administrator directly to request that they add your sending IP address to a safe senders list. These are listed in the FOPE Administration Center.

↑ Back to the top

More information

For more information about greylisting, go to the following website:
http://projects.puremagic.com/greylisting/whitepaper.html
The receiving mail server tries to validate a sender by using a triplet set of information. To form a triplet, this server checks the following three pieces of information about any particular mail delivery attempt:
  • The IP address of the delivery host
  • The envelope sender address
  • The envelope recipient address
For security, the triplet must have the same three pieces of information for two consecutive delivery attempts. The first delivery is always rejected as greylisted or unsafe. However, because data centers send from many MTAs, the greylisting encounters issues in retry mode when it tries to build a triplet to validate the sender.

Microsoft provides third-party contact information to help you find technical support. This contact information may change without notice. Microsoft does not guarantee the accuracy of this third-party contact information.

↑ Back to the top


Still need help? Go to the Office 365 Community website.

↑ Back to the top

Keywords: vkbportal225, vkbportal231, o365, o365a, o365e, o365p, pre-upgrade, o365062011, vkbportal237, KB2624610

↑ Back to the top

Article Info
Article ID : 2624610
Revision : 5
Created on : 6/19/2013
Published on : 6/19/2013
Exists online : False
Views : 456