XADM: Users Receive Random 5.7.1 and 5.7.3 NDRs (283287)


The information in this article applies to:

  • Microsoft Exchange 2000 Server
This article was previously published under Q283287

SYMPTOMS

When a user sends a message, the user may receive one of the following non-delivery reports (NDRs):
  • A 5.7.1 NDR:
    From:    System Administrator  
Sent:    Thursday, August 17, 2000 8:08 PM 
To:      User Two 
Subject: Undeliverable: Message Subject

Your message did not reach some or all of the intended recipients. 

      Subject:  Message Subject 
      Sent:     8/17/00 8:07 PM 

The following recipient(s) could not be reached: 

      User Three on 8/17/00 8:07 PM 
            You do not have permission to send to this recipient.  For 
   assistance, contact your system administrator. 
            <SERVERNAME.domain.edu #5.7.1>
  • A 5.7.3 NDR:
    -----Original Message----- 
   From:    System Administrator  
   Sent:    Tuesday, September 12, 2000 8:04 PM 
   To:      User Four; User Five
   Subject: Undeliverable: RE: Subject 2 

   Your message did not reach some or all of the intended recipients. 

      Subject:  RE: Subject 2 
      Sent:     9/12/2000 8:04 PM 

   The following recipient(s) could not be reached: 

      User Four on 9/12/2000 8:04 PM 
            The recipient could not be processed because it would 
   violate the security policy in force 
            <E2K.domain.edu #5.7.3> 

      User Five on 9/12/2000 8:04 PM 
            The recipient could not be processed because it would 
   violate the security policy in force 
            <E2K.domain.edu #5.7.3>

CAUSE

This problem can occur if an SMTP thread calls a function that causes the SMTP thread to impersonate the security context of another security account. When the SMTP thread is done performing all the required tasks, the SMTP thread never reverts back to the original security context. This different security context works for the first task that the SMTP thread has to perform, but when the SMTP thread is used again for a different task, the security context is incorrect, and some functions fail.

The SMTP process contains a pool of worker threads. The thread usage is randomized; each thread does not always travel down the same code path every time. When a thread does travel down this code path, the security context can change. The next time that this thread is used, it may not be able to deliver a message because the thread has the wrong context. This does not happen to every thread in the thread pool, which is why Exchange 2000 seems to randomly generate NDRs.

RESOLUTION

To resolve this problem, obtain the latest service pack for Microsoft Exchange 2000 Server. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:

301378 XGEN: How to Obtain the Latest Exchange 2000 Server Service Pack

The English version of this fix should have the following file attributes or later:

Component: SMTP

File nameVersion
Davex.dll6.0.4418.45

STATUS

Microsoft has confirmed that this is a problem in Microsoft Exchange 2000 Server. This problem was first corrected in Microsoft Exchange 2000 Server Service Pack 1.

MORE INFORMATION

This fix makes sure that all of the code paths that a thread takes revert the security context back to the original security context.
Modification Type:MinorLast Reviewed:6/5/2003
Keywords:kbbug kbExchange2000preSP1fix kbfix kbQFE KB283287
©2002 Microsoft Corporation. All rights reserved.