Exchange Server is rejecting message after "MAIL FROM" with "500 5.3.3" with tarpit despite being a Trusted Receiver

exchange exchange-2010 smtp

7,042

It's not following RFCs for protocol negotiation at a guess. Perhaps it's attempting to use ESMTP commands without using EHLO or something.

One of the better ways to figure out what it is trying to do is to turn on protocol-level logging for the connector that's generating the 500 error. Then retry the connection, and if it throws the error, dig into the log-files (or post 'em here) to see what its trying to do. Because whatever it is doing, Exchange doesn't like it and that means your server is behaving enough out of the normal behavior of mail-servers to be very special.

You can turn on protocol-level logging:

Set-ReceiveConnector "MyTrusted connector (Servername)" -ProtocolLogging Verbose

By default it'll drop the files into C:\Program Files\Microsoft\Exchange Server\V14\TransportRoles\Logs\ProtocolLog\SmtpReceive (or whichever drive you installed Exchange on). It will give you the full SMTP conversation it's trying, and your fault should be pretty obvious in there (or will to us).

7,042

Don Rhummy

Updated on September 18, 2022

Comments

Don Rhummy over 1 year
I'm getting the message: "500 5.3.3 Unrecognized command" from Exchange server and seeing in the Exchange Server logs that it's tarpitting my smtp sender despite the fact that:
1. I added a Receive Connector for my ip that allows connection, uses "Externally Secure"
2. I ran the commands (with the actual server name):
CODE:
```
Set-ReceiveConnector "MyTrusted connector (Servername)" -MaxAcknowledgementDelay 0

Set-ReceiveConnector "MyTrusted connector (Servername)" -TarpitInterval 0                     
```
Despite all that, it STILL fails! Any idea what's wrong?
Don Rhummy over 12 years

Believe it or not the issue turned out to be a missing "\r". That's it. A useless error message from Exchange made it quite hard to figure out. Even the ptotocol logging didn't help.
Admin over 11 years

@Don, I am having the same issue, what do you mean by " a missing \r"? Where did you make the change that made this work? Thanks for your input
Don Rhummy over 11 years

@lucasdrums4 When you send commands to an SMTP server, it expects commands to be on one line. So you need to end a command with a line marker. On some OS's, this is a line feed (indicated by the "escape character" \n) Escape characters are ones that have a backslash in front of them. In SMTP, lines are indicated by a carriage return followed by a line feed: \r\n. To print a line to an OutputStream, I'd used PrintWriter.println() but that method ends a line with only \n. So instead of out.println( message ); I had to do out.println( message + "\r" ); Hope this helps!