MSExchangeTransport 1024

  • Article

 

This article provides an explanation and possible resolutions for a specific Exchange event. If you don't find what you’re looking for here, try searching Exchange 2010 Help.

Details

Product Name

Exchange

Product Version

14.0

Event ID

1024

Event Source

MSExchangeTransport

Category

SmtpReceive

Symbolic Name

SmtpReceiveSendAsDeniedTempAuthFailure

Message Text

SMTP rejected a (%4) mail from '%1' with '%2' connector and user authenticated as '%3'. There was a transient Active Directory directory service exception thrown with the following information. %5

Explanation

This Error event indicates that the Microsoft Exchange Transport service SMTP Receive component can't process an SMTP message submission from a particular user.

The Microsoft Exchange Transport service controls the sending and receiving of messages in Microsoft Exchange Server 2010. The Exchange 2010 transport pipeline uses the SMTP Receive component to validate the message content before the message can be submitted to the Submission queue. The SMTP Receive component applies a series of receive events and, if configured, antivirus and anti-spam events to validate the message. Additionally, the SMTP Receive component contacts the Active Directory directory service to validate users who submit messages for delivery. This includes connections to route internal users' messages among servers.

This event represents an authentication error for a user who tries to submit an SMTP message. This event could be logged when the user does not have sufficient rights to send as a particular user.

For more information, see the following topics.

User Action

To troubleshoot this issue, do one or more of the following:

  • Review the Application log and System log on your Exchange 2010 servers for related events. For example, events that occur immediately before and after this event may provide more information about the root cause of this error.

  • Review the Operations Console in Operations Manager for detailed information about the cause of this problem. For more information, see the "Introduction" section in this article.

  • Enable diagnostics logging on the affected receive connector. To do this, follow these steps:

    1. Run the following commands from the Exchange Management shell:

      Set-ReceiveConnector "name of connector" -ProtocolLoggingLevel Verbose

      Set-TransportServer Exchange01 -ConnectivityLogEnabled $true

      Set-TransportServer "Exchange01" -IntraOrgProtocolLoggingLevel Verbose

    2. After Event ID 1023 is logged, examine the SmtpReceive log file. By default, this file is located in the following directory:

      %ProgramFiles%\Microsoft\Exchange Server\V14\TransportRoles\Logs\ProtocolLog\SmtpReceive

  • Examine the %5 parameter in the event description to determine the reason for the authentication failure. If the parameter value is Access is denied, examine the permissions on the affected mailbox. To do this, run the following command from the Exchange Management Shell:

    Get-Mailbox | Get-ADPermission | where {$_.ExtendedRights -like "Send-As" -and $_.User -like "tailspintoys\user1" -and $_.Deny -eq $false} | ft Identity,User,IsInherited -AutoSize

  • Assign the user Send As permissions to the mailbox. To do this, follow these steps:

    1. Start the Exchange Management Console.

    2. Expand Recipient Configuration, and then click Mailbox.

    3. Click the affected mailbox, and then click Manage Send As Permission in the Actions pane.

    4. Click Add, and then add the user to the mailbox.

    You can also run the following command from the Exchange Management Shell to assign the user Send As permissions to the mailbox. To do this, run the following command:

    Add-ADPermission -Identity 'CN=User1,CN=Users,DC=tailspintoys,DC=com' -User 'TAILSPINTOYS\User2' -ExtendedRights 'Send-As'

    In this command, User1 represents the name of the affected mailbox and User2 represents the name of the user who should have Send-As permissions to the affected mailbox.

    For more information, see Manage Send As Permissions for a Mailbox.

  • Resolve your issue by using self-support options, assisted support options, and other resources. You can access these resources from the Exchange Server Solutions Center. From this page, click Self-Support Options in the navigation pane to use self-help options. Self-help options include searching the Microsoft Knowledge Base, posting a question at the Exchange Server forums, and other methods. Alternatively, in the navigation pane, you can click Assisted Support Options to contact a Microsoft support professional. Because your organization may have a specific procedure for directly contacting Microsoft Product Support Services, be sure to review your organization's guidelines first.

For more information about the transport pipeline in Exchange 2010, see the following topics:

The content of each blog and its URL are subject to change without notice. The content within each blog is provided "AS IS" with no warranties, and confers no rights. Use of included script samples or code is subject to the terms specified in the Microsoft Terms of Use.