2

We have been using 'distribution groups' to send SSRS reports because they are easier to manage, but the reports are not being delivered when 'Senders inside and outside of my organization' is not checked on the distribution group under 'delivery management' on our on-prem Exchange. Yes, we have a hybrid setup.

We get the error message below when 'Only senders inside my organization' is checked:

Remote Server returned '550 5.7.133 RESOLVER.RST.SenderNotAuthenticatedForGroup; authentication required; Delivery restriction check failed because the sender was not authenticated when sending to this group'

The mailbox sending the reports is a shared O365 mailbox. The distribution groups are visible in 'Exchange Admin Center' under Mailboxes > 'Distribution lists', but have a message stating that the group can only be managed on-prem Echange.

I have a feeling the sending O365 mailbox is being considered as an external mailbox. However when we were using a static list in SSRS we did not have this issue; same sending mailbox, more or less same recipients.

Any idea how to fix this situation?

EDIT: SSRS mail settings

MeMario
  • 25
  • 6
  • How exactly are you sending those reports? This looks more like an authentication issue ("sender was not authenticated"). – Massimo Jul 25 '22 at 11:08
  • I edited my post with the mail settings. – MeMario Jul 25 '22 at 12:19
  • You'll need to provide more details. Which server are you using to send the messages? Which sender address are you using? Which service account is Reporting Services running as? – Massimo Jul 25 '22 at 13:24
  • 2
    Shared Mailboxes don't authenticate, don't have passwords, and the user account for a shared mailbox is disabled by default (unless you've fudged with it). Have a read of this article and see which scenario applies to you, and implement that method. - https://docs.microsoft.com/en-us/exchange/mail-flow-best-practices/how-to-set-up-a-multifunction-device-or-application-to-send-email-using-microsoft-365-or-office-365 – joeqwerty Jul 27 '22 at 03:49

2 Answers2

2

The shared O365 mailbox. Is it a cloud-only or a hybrid (synchronized) object?
Does your on-premises Exchange server know about it?

If the mailbox has been created directly in Office 365 / Exchange Online without being synchronized from your on-premises Active Directory, your Exchange server will know nothing about it and thus will not recognize it as an internal sender.

Massimo
  • 68,714
  • 56
  • 196
  • 319
  • 1
    The mailbox was created on-prem and migrated to O365, so hybrid. On-prem I can see the mailbox as "Remote shared mailbox". – MeMario Jul 25 '22 at 10:55
0

It seems the way to fix it is that you have already posted. Allow all internal and external senders to send messages to this group or Use the group's allowed senders list

https://docs.microsoft.com/en-us/exchange/mail-flow-best-practices/non-delivery-reports-in-exchange-online/fix-error-code-5-7-133-in-exchange-online

Aaron
  • 359
  • 4