550 relay not permitted distribution group contact
When trying to add an external contact inside a Distribution group. A failure delivery mail with the following NDR is returned.
Delivery has failed to these recipients or groups:
Your message couldn’t be delivered and there was no valid enhanced status code being issued by the remote mail system to determine the exact cause, status: ‘550 relay not permitted’.
The following organization rejected your message: mxserver
Diagnostic information for administrators:
Generating server: server
Remote Server returned '550 relay not permitted'
Original message headers:
with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P521) id 15.1.2375.17; Wed, 15
Dec 2021 11:53:30 -0500
Received: from mail-ot1-f41.google.com (126.96.36.199) by
with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P384) id 15.1.2375.17 via Frontend
Transport; Wed, 15 Dec 2021 11:53:30 -0500
Received: by mail-ot1-f41.google.com with SMTP id a23-20020a9d4717000000b0056c15d6d0caso25610296otf.12
for <inboundemail@Exchangedomain.com>; Wed, 15 Dec 2021 08:53:01 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
X-Received: by 2002:a9d:7b51:: with SMTP id f17mr9431931oto.88.1639587180247;
Wed, 15 Dec 2021 08:53:00 -0800 (PST)
From: External Sender <Sender@gmail.com>
Date: Wed, 15 Dec 2021 22:22:47 +0530
Subject: Fwd: test email to Exchange DG
Content-Type: multipart/alternative; boundary="00000000000074fd9b05d33223fa"
X-Auto-Response-Suppress: DR, OOF, AutoReply
By default, the ReportToManagerEnabled parameter is set to False and the ReportToOriginatorEnabled parameter is set to True when a distribution group is created in Exchange Online. When the parameters are both set to False, the Return-Path field in the header of the message is <> (blank). This means that the remote messaging system will not send delivery reports to the user who sent the message to the distribution group.
Additionally, if spam filtering is enabled on the remote messaging system, the message is dropped, and delivery reports are suppressed. This occurs because some anti-spam devices might flag messages whose Return-Path field is blank and not let the messages be delivered.
In my earliest article about Lync with Asterisk Now (FreePBX) I have written step by step guide on how to integrate Lync and FreePBX but since Skype for Business came out and the new version of Free PBX 13.0.84 I thought it would be good idea to try the integration between both of them ..
In Skype for Business server I am using the latest CU version 6.0.9319.0.
The steps are very similar to the original article except with some UI changes..
In the following article I will be only showing the main steps which I have taken to integrate Skype for Business with FreePBX and will show the steps that have been done on the FreePBX side only not on the Skype for Business server as it is very similar to the original article.
Integration of AsteriskNow (FreePBX 13.0.84) and Skype for Business Server
Creating Trunk for Skype for Business
First I will start by creating a new trunk for S4B and configure it. To configure the trunk (Skype for Business trunk for outgoing calls from Asterisk to S4B)
Click on Connectivity >> Trunks and follow the below screenshots.
Under the SIP settings (Outgoing) tab type the followinghost=10.10.124.120 transport=tcp port=5060 insecure=very type=friend context=from-internal promiscredir=yes qualify=yes canreinvite=yesIn the incoming tab make sure you delete everything and then submit changes
Configure the Trunk with an outbound route
While creating the Outbound route, this route must be associated with the Trunk that I have created earlier in the trunk sequence as in the below screenshot..
In my case the pattern NXXX should be enough as it’ll route the call to my S4B’s 4 extension users (5000)
Click on Connectivity >>> Inbound routes
Click add inbound route
Now the most important is the SIP settings
Configuring Asterisknow to accept TCP calls from S4B
From the Settings menu ->> click on Asterisk SIP settings then choose Chan SIP settings and do the same configuration like the one below
Scroll further down to the “Advanced General Settings”
Enter the two “Other SIP settings” fields below and submit changes.
Conference with 2 Extensions on Asterisk now with s4B
I can call from S4B to Asterisk extensions and vice versa without any issues.
So in this case we won’t need to assign any IP address to the DAG…
I’ll click on save and see what happens
Navigating to the administrators group on AD, The Exchange subsystem group is not added so I’ll add it.
Now I will add Exchange servers as members to the DAG
Upon adding the Exchange members to DAG I got the following error
A server-side database availability group administrative operation failed. Error The operation failed. CreateCluster errors may result from incorrectly configured static addresses. Error: Windows Failover Clustering isn’t installed on ‘EXCH2K16.test.com’.. [Server: EXCH2K16.test.com] error A server-side database availability group administrative operation failed. Error The operation failed. CreateCluster errors may result from incorrectly configured static addresses. Error: Windows Failover Clustering isn’t installed on ‘EXCH2k1602.test.com’.. [Server: EXCH2k1602.test.com]
So I checked the following, 1- Firewall 2- CNO’s security settings.
Error occurs due to firewall being enabled on the DC (Where the FSW is )
I disabled the firewall and gave full permission to the Exchange trusted system to the DAG object
After that I signed out of Exchange servers, signed back in.. Deleted DAG and recreated it… that didn’t work either
Tried using Exchange management shell but it didn’t work too
Checking the log coming in the description, I find out the log is complaining about not finding DAG while trying to resolve it.
Also the log says that it has installed Failover cluste rbut still the cluster can’t find FQDN called DAG.
So I will have to configure DAG in the dns and give it an IP of my first Exchange server
Checking DAG resolving from Exchange server
As the log says, restart is required after installing failover cluster so I’ll restart Exchange servers and then retry to add Exchange servers to the dag.
After restarting the server, It seems that things are working
The second server gave the following error
The Microsoft Exchange Replication service does not appear to be running on “EXCH2k1602”. Make sure that the server is operating, and that the services can be queried remotely.
Apparently the error is correct, After restarting the server it turned out that most of the second Exchange server’s services were not working..
To be honest I didn’t ask myself why did not the services started since I am using a preview version of Exchange 2016 and Windows as well so I manually started all the services.
Interestingly while checking services, I noticed new services e.g. (DAG Management, Compliance Audit, Notifications broker)
After starting the services, now I tried to add the second server again to the DAG.
So eventually, DAG doesn’t need an IP address but still a DNS value needs to be created for the NCO object and needs to have an IP assigned to it which will be the Exchange server IP address..
Next: I will add a database copy and see how it’s improved and do I need to restart the IS service as in Exchange 2013.
I will leave all the default values and add the second server for the database to be copied on. Unlike Exchange 2013 in most of the times the database would fail first and gives an error ..
In 2016 it starts directly seeding the database to the second Exchange server that’s member of the DAG.
On the second Server where the database has been copied to, I checked the Logs and Fastsearch was throwing errors as usual since database logs are not copied … as soon as the database logs finished copying the fastsearch will return ok and the database will appear as Healthy in EAC.
Fastsearch finally reported that indexing started on the newly copied DB.
The database copy should now report healthy in the EAC.
Hope you find this useful. In the next article I will publish the Exchange server online to check the rest of the functionalities.