NDR 502 5.5.1  command not implemented

Hello,

For the last few days some my incoming emails to my on site Exchange 2013 are being bounced back with the sender getting the following error.

A communication failure occurred during the delivery of this message. Please try to resend the message later. If the problem continues,
contact your email admin.<o:p></o:p>

mailservername.domain name.com gave this error:

command not implemented

Are there any log files in Exchange that I can enable to see why they are being bounced?

Any suggestions will eb very much appreciated.

Thank You,

Victor.<o:p></o:p>

August 11th, 2015 10:28am

Hello

tip: if publishing smtp on cisco router check cisco router logs.

Free Windows Admin Tool Kit Click here and download it now
August 11th, 2015 1:32pm

Hi,

I understand you can't receive emails in exchange 2013.

Does the issue occur on all domains or specific domain?

Please post the full NDR message for further analysis.

Please ensure that you have the correct DNS record(MX record,A record) for the Exchange Server.You can use Nslookup to check it.

Please refer to the below link :

http://support.microsoft.com/kb/200525

Then try to restart Microsoft Exchange transport service.

If it doesnt work ,I suggest you can check your receive connector configuration .

You can enable protocol logging to diagnose mail flow problems.

https://technet.microsoft.com/en-us/library/aa997624%28v=exchg.150%29.aspx?f=255&MSPPError=-2147217396

Regards,

David

August 11th, 2015 10:22pm

Hi,

Thank you for your response. Most emails are coming in and going out. Only a few of them are being bounced back. Below is the NDR for one of them that was received by the sender. I have re-started the server a few times and am on version CU9. Thank You.

mail.domain.com rejected your message to the following email addresses:
Rosa  (rosa@domain.com)
A communication failure occurred during the delivery of this message. Please try to resend the message later. If the problem continues, contact your email admin.
mail.domain.com gave this error:
command not implemented


Diagnostic information for administrators:
Generating server: BN1AFFO11HUB0.mail.protection.outlook.com
rosa@domain.com
mail.domain.com
Remote Server returned '502 5.5.1 command not implemented'
Original message headers:
Received: from BN1AFFO11FD.protection.gbl (10.58.00.00) by
 BN1AFFO11HUB0.protection.gbl (10.58.00.00) with Microsoft SMTP Server
 (TLS) id 15.1.243.9; Mon, 10 Aug 2015 17:55:53 +0000
Authentication-Results: spf=none (sender IP is 108.166.00.00)
 smtp.mailfrom=sender.com; domain.com; dkim=none (message not signed)
 header.d=none;domain.com; dmarc=none action=none header.from=sender.com;
Received-SPF: None (protection.outlook.com: sender.com does not designate permitted sender hosts)
Received: from smtp64.ord1c.emailsrvr.com (108.166.00.00) by
 BN1AFFO11FD055.mail.protection.outlook.com (10.58.00.00) with Microsoft SMTP Server (TLS) id 15.1.00.00 via Frontend Transport; Mon, 10 Aug 2015 17:55:54 +0000
Received: from smtp9.relay.ord1c.emailsrvr.com (localhost.localdomain [127.0.0.1])
        by smtp9.relay.emailsrvr1.com (SMTP Server) with ESMTP id 669E13805
        for <rosar@domain.com>; Mon, 10 Aug 2015 13:55:53 -0400 (EDT)
Received: by smtp9.relay.emailsrvr1.com (Authenticated sender: shannonp-AT-sender.com) with ESMTPSA id 2F4513804 for <rosar@domain.com>; Mon, 10 Aug 2015 13:55:52 -0400 (EDT)
X-Sender-Id: shannon@sender.com
Received: from shannon.domain2.com (64-60-00-000.static-ip.telepacific.net [64.60.000.000]) (using TLSv1 with cipher AES256-SHA)by 0.0.0.0:465 (trex/5.4.2); Mon, 10 Aug 2015 17:55:53 GMT


  • Edited by perland 3 hours 14 minutes ago
Free Windows Admin Tool Kit Click here and download it now
August 12th, 2015 12:11am

Hi,

Thank you for your response. Most emails are coming in and going out. Only a few of them are being bounced back. Below is the NDR for one of them that was received by the sender. I have re-started the server a few times and am on version CU9. Thank You.

mail.domain.com rejected your message to the following email addresses:
Rosa  (rosa@domain.com)
A communication failure occurred during the delivery of this message. Please try to resend the message later. If the problem continues, contact your email admin.
mail.domain.com gave this error:
command not implemented


Diagnostic information for administrators:
Generating server: BN1AFFO11HUB0.mail.protection.outlook.com
rosa@domain.com
mail.domain.com
Remote Server returned '502 5.5.1 command not implemented'
Original message headers:
Received: from BN1AFFO11FD.protection.gbl (10.58.00.00) by
 BN1AFFO11HUB0.protection.gbl (10.58.00.00) with Microsoft SMTP Server
 (TLS) id 15.1.243.9; Mon, 10 Aug 2015 17:55:53 +0000
Authentication-Results: spf=none (sender IP is 108.166.00.00)
 smtp.mailfrom=sender.com; domain.com; dkim=none (message not signed)
 header.d=none;domain.com; dmarc=none action=none header.from=sender.com;
Received-SPF: None (protection.outlook.com: sender.com does not designate permitted sender hosts)
Received: from smtp64.ord1c.emailsrvr.com (108.166.00.00) by
 BN1AFFO11FD055.mail.protection.outlook.com (10.58.00.00) with Microsoft SMTP Server (TLS) id 15.1.00.00 via Frontend Transport; Mon, 10 Aug 2015 17:55:54 +0000
Received: from smtp9.relay.ord1c.emailsrvr.com (localhost.localdomain [127.0.0.1])
        by smtp9.relay.emailsrvr1.com (SMTP Server) with ESMTP id 669E13805
        for <rosar@domain.com>; Mon, 10 Aug 2015 13:55:53 -0400 (EDT)
Received: by smtp9.relay.emailsrvr1.com (Authenticated sender: shannonp-AT-sender.com) with ESMTPSA id 2F4513804 for <rosar@domain.com>; Mon, 10 Aug 2015 13:55:52 -0400 (EDT)
X-Sender-Id: shannon@sender.com
Received: from shannon.domain2.com (64-60-00-000.static-ip.telepacific.net [64.60.000.000]) (using TLSv1 with cipher AES256-SHA)by 0.0.0.0:465 (trex/5.4.2); Mon, 10 Aug 2015 17:55:53 GMT


  • Edited by perland Wednesday, August 12, 2015 4:10 AM
August 12th, 2015 4:09am

Hi,

Thank you for your response. Most emails are coming in and going out. Only a few of them are being bounced back. Below is the NDR for one of them that was received by the sender. I have re-started the server a few times and am on version CU9. Thank You.

mail.domain.com rejected your message to the following email addresses:
Rosa  (rosa@domain.com)
A communication failure occurred during the delivery of this message. Please try to resend the message later. If the problem continues, contact your email admin.
mail.domain.com gave this error:
command not implemented


Diagnostic information for administrators:
Generating server: BN1AFFO11HUB0.mail.protection.outlook.com
rosa@domain.com
mail.domain.com
Remote Server returned '502 5.5.1 command not implemented'
Original message headers:
Received: from BN1AFFO11FD.protection.gbl (10.58.00.00) by
 BN1AFFO11HUB0.protection.gbl (10.58.00.00) with Microsoft SMTP Server
 (TLS) id 15.1.243.9; Mon, 10 Aug 2015 17:55:53 +0000
Authentication-Results: spf=none (sender IP is 108.166.00.00)
 smtp.mailfrom=sender.com; domain.com; dkim=none (message not signed)
 header.d=none;domain.com; dmarc=none action=none header.from=sender.com;
Received-SPF: None (protection.outlook.com: sender.com does not designate permitted sender hosts)
Received: from smtp64.ord1c.emailsrvr.com (108.166.00.00) by
 BN1AFFO11FD055.mail.protection.outlook.com (10.58.00.00) with Microsoft SMTP Server (TLS) id 15.1.00.00 via Frontend Transport; Mon, 10 Aug 2015 17:55:54 +0000
Received: from smtp9.relay.ord1c.emailsrvr.com (localhost.localdomain [127.0.0.1])
        by smtp9.relay.emailsrvr1.com (SMTP Server) with ESMTP id 669E13805
        for <rosar@domain.com>; Mon, 10 Aug 2015 13:55:53 -0400 (EDT)
Received: by smtp9.relay.emailsrvr1.com (Authenticated sender: shannonp-AT-sender.com) with ESMTPSA id 2F4513804 for <rosar@domain.com>; Mon, 10 Aug 2015 13:55:52 -0400 (EDT)
X-Sender-Id: shannon@sender.com
Received: from shannon.domain2.com (64-60-00-000.static-ip.telepacific.net [64.60.000.000]) (using TLSv1 with cipher AES256-SHA)by 0.0.0.0:465 (trex/5.4.2); Mon, 10 Aug 2015 17:55:53 GMT


  • Edited by perland Wednesday, August 12, 2015 4:10 AM
Free Windows Admin Tool Kit Click here and download it now
August 12th, 2015 4:09am

Hi,

According to the NDR, I have noticed your mail generating server is BN1AFFO11HUB0.mail.protection.outlook.com.

Have you worked in a existence environment with Exchange online and Exchange 2013?

I want to know which mail server is facing internet? Exchange online or exchange 2013?

If BN1AFFO11HUB0.mail.protection.outlook.com is your company mail server, the issue is related to the Exchange online side.

We can try to check the EOP setting. If the issue persists,we can ask a question in office 365 forum for more help.

https://community.office365.com/en-us/f/

If it isn't your company mail server,  I think the issue is related to the other company side.

Regards,

David

August 13th, 2015 4:04am

Hi David,

BN1AFFO11HUB0.mail.protection.outlook.com is the server at Microsoft that filters our email for spam and viruses before forwarding it to us. I have contacted them and they are saying my onsite exchange server is rejecting the email and their server is creating the NDR.

They insist that the problem is form my email server.

Thank You,

Victor.

Free Windows Admin Tool Kit Click here and download it now
August 14th, 2015 12:03pm

Hi,

As the issue is related to office 365 side ,I suggest we can ask a question in office 365 forum for more help.

Regards,

David 


August 16th, 2015 9:07pm

Hi,

As the issue is related to office 365 side ,I suggest we can ask a question in office 365 forum for more help.

Regards,

David 


Free Windows Admin Tool Kit Click here and download it now
August 17th, 2015 1:06am

Hello,

Per Microsoft support, the problem is caused by the CISCO ASA firewall in front of the Exchange server. The solution they recommend is to disable the Mailguard feature on the firewall by CISCO command no fixup protocol smtp 25. It is not clear why this feature that I have had it set to on for so many years is causing problems now!

https://support.microsoft.com/en-us/kb/320027

https://technet.microsoft.com/en-us/library/Dd277550%28v=EXCHG.80%29.aspx 

More Info

The log file at C:\Program Files\Microsoft\Exchange Server\V15\TransportRoles\Logs\FrontEnd\ProtocolLog\SmtpReceive shows:

2015-08-14T01:08:52.590Z,MY-EMAIL-SERVER\Default Frontend MY-EMAIL-SERVER,08D2A3274633CDBA,17,192.168.10.247:25,207.46.163.145:26147,>,250 XRDST,
2015-08-14T01:08:52.996Z,MY-EMAIL-SERVER\Default Frontend MY-EMAIL-SERVER,08D2A3274633CDBA,18,192.168.10.247:25,207.46.163.145:26147,<,XXXXXXXX,

The <,XXXXXXXX, is what it is received by the Exchange server that triggers the command not implemented NDR. With the Mailguard feature turned off, the <,XXXXXXXX, becomes <,QUIT,

2015-08-16T00:01:41.299Z,MY-EMAIL-SERVER\Default Frontend MY-EMAIL-SERVER,08D2A3274633DDE2,17,127.0.0.1:25,127.0.0.1:25641,>,250 XRDST,
2015-08-16T00:01:41.299Z,MY-EMAIL-SERVER\Default Frontend MY-EMAIL-SERVER,08D2A3274633DDE2,18,127.0.0.1:25,127.0.0.1:25641,<,QUIT,

Victor.


  • Marked as answer by perland 16 hours 27 minutes ago
  • Edited by perland 16 hours 24 minutes ago
August 17th, 2015 10:58am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics