Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net. The EventId.Net for Splunk Add-on assumes that Splunk is collecting information from Windows servers and workstation via the Splunk Universal Forwarder.
Categorizer is NDRing a recipient with address <adress> with reason code <code> (The sender does not have the permissions required to send this message to the intended recipients.
|English: Request a translation of the event description in plain English.|
As per Microsoft: "This error event occurs because all public folder replication that uses Simple Mail Transfer Protocol (SMTP) must originate from an authenticated source or from a server that has been granted Send As permissions". See ME830181 and MSEX2KDB for additional information about this event.
A user being invited to a meeting through Exchange calendar generated the event. The user could send and receive email without problem. When someone invites this user to a meeting, the invited user gets the invitation but the meeting organizer also gets an NDR. The user object had been renamed but the rename process did not appear to change the legacyExchangeDN attribute.
In this instance, we used ldifde to modify the attribute, which stopped the NDRs being generated.
- Code: 0xc00402de - As per Microsoft: "If you turn on maximum diagnostic logging on the MSExchangeTransport event source, this event is logged in the application event log when an e-mail message from an anonymous sender is blocked". See ME827616 for more details.
|Private comment: Subscribers only. See example of private comment|
|Links: ME827616, ME830181, MSEX2KDB|
|Search: Google - Bing - Microsoft - Yahoo - EventID.Net Queue (0) - More links...|
Send comments or solutions
- Notify me when updated