This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(179.20000000000002, 7.000000000000001%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGM%3C/text%3E%3C/svg%3E)
Hi all
I am using exchange 2016 hybrid environment. i have a dynamic Distribution list in cloud and it has 3000 members. lets say ddl@contoso1.com.
i have mail enabled security group in onprem lets say mailenabledsecuritygroup@contoso1.com(synced to cloud)
Under the Delivery Management of the DDL i have below settings:
Only senders inside my organization
Only the specific senders will be able to send to the group: mailenabledsecuritygroup@contoso1.com
I have a shared mailbox smb@contoso1.com(created in onprem and migrated to online) which is member of the mail enabled security group.(mailenabledsecuritygroup@contoso1.com)
An application is triggering email using the shared mailbox and this application is hosted in external domain lets say contoso2.com and this contoso2.com is added as an internal relay in exchange onprem under accepted domains. When application is sending email to the DL, i am seeing the below error.
Your message couldn't be delivered
The message you sent to ddl@contoso1.com couldn't be delivered due to: Recipient email address is possibly incorrect.
Further information
5. 4.1 Recipient address rejected: Access denied.
I believe if i change the settings of the DDL to senders inside and outside my organization will fix the issue.
Is there any other way to make it work without changing the DDL settings.
currently contoso2.com is add an internal relay in onprem in accepted domains and in exchange online it is added remote domain(Allowed OOF type-external)(Automatic replies:yes)
Experts guide me.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(41.6, 80%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAL%3C/text%3E%3C/svg%3E)
Hi,
I am writing to check if you have tried the suggestions I mentioned before.
Would you please get back to me at your earliest convenience? Because your response is of great importance for the following trouble shooting. If you need further help, please provide more detailed information, so that we can give more appropriate suggestions.
I look forward to hearing from you.
Hi,
5.4.1 Recipient address rejected: Access denied.
when I checked the 5.4.1 error code in Email non-delivery reports in Exchange Online it shows: " The recipient's address doesn't exist.”
In addition, according to my test, messages sent by senders on the non-allow list will bounce an NDR of 550 5.7.124 instead of 5.4.1.
Therefore, in my opinion , the reason why the mail cannot be delivered is not the setting of delivery management of DDL.
To narrow down the issue, please also test sending mail directly to DDL using the shared mailbox to see if the messages are sent successfully.
Besides,create a new account in contoso2.com and send a message to DDL to see if you get the same error(5.4.1)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 80%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETB%3C/text%3E%3C/svg%3E)
now you can accept the answer.
i dont see option to mark the answer
i dont see option to mark the answer