This article was previously published under Q283287
This article has been archived. It is offered "as is" and will no longer be updated.
When a user sends a message, the user may receive one of the following non-delivery reports (NDRs):
A 5.7.1 NDR:
From: System Administrator Sent: Thursday, August 17, 2000 8:08 PM To: User Two Subject: Undeliverable: Message SubjectYour message did not reach some or all of the intended recipients. Subject: Message Subject Sent: 8/17/00 8:07 PM The following recipient(s) could not be reached: User Three on 8/17/00 8:07 PM You do not have permission to send to this recipient. For assistance, contact your system administrator. <SERVERNAME.domain.edu #5.7.1>
A 5.7.3 NDR:
-----Original Message----- From: System Administrator Sent: Tuesday, September 12, 2000 8:04 PM To: User Four; User Five Subject: Undeliverable: RE: Subject 2 Your message did not reach some or all of the intended recipients. Subject: RE: Subject 2 Sent: 9/12/2000 8:04 PM The following recipient(s) could not be reached: User Four on 9/12/2000 8:04 PM The recipient could not be processed because it would violate the security policy in force <E2K.domain.edu #5.7.3> User Five on 9/12/2000 8:04 PM The recipient could not be processed because it would violate the security policy in force <E2K.domain.edu #5.7.3>
This problem can occur if an SMTP thread calls a function that causes the SMTP thread to impersonate the security context of another security account. When the SMTP thread is done performing all the required tasks, the SMTP thread never reverts back to the original security context. This different security context works for the first task that the SMTP thread has to perform, but when the SMTP thread is used again for a different task, the security context is incorrect, and some functions fail.
The SMTP process contains a pool of worker threads. The thread usage is randomized; each thread does not always travel down the same code path every time. When a thread does travel down this code path, the security context can change. The next time that this thread is used, it may not be able to deliver a message because the thread has the wrong context. This does not happen to every thread in the thread pool, which is why Exchange 2000 seems to randomly generate NDRs.
To resolve this problem, obtain the latest service pack for Microsoft Exchange 2000 Server. For additional information, click the following article number to view the article in theMicrosoft Knowledge Base:
301378 XGEN: How to Obtain the Latest Exchange 2000 Server Service Pack
The English version of this fix should have the following file attributes or later:
Microsoft has confirmed that this is a problem in Microsoft Exchange 2000 Server. This problem was first corrected in Microsoft Exchange 2000 Server Service Pack 1.
This fix makes sure that all of the code paths that a thread takes revert the security context back to the original security context.