Event ID - 1710

Event Id1710
DescriptionAn SMTP client authenticated as user "NT AUTHORITY\ANONYMOUS LOGON" attempted to send as "User.one@domain.edu." Access was denied because the authenticated client does not have permission to Send As this SMTP address. Data: 0000: 05 00 07 80 ...?
Event InformationCause:
The four most common causes for these nondelivery reports (NDRs) are the following:
1) NDRs that contain a 5.7.1 error code occur if the Allow computers which successfully authenticate to relay check box is not selected on the SMTP virtual server.

2) NDRs that contain a 5.7.1 error code occur if the DNS tables are not configured correctly. Ensure that mail exchanger (MX) records point to the correct SMTP virtual server.

3) NDRs that contain a 5.7.1 error code occur if users have e-mail addresses that were created manually but do not match any existing recipient policies. As a general rule, proxy addresses should match at least one recipient policy.

4) 5.7.1 and 5.7.3 errors might also occur if you are using Microsoft Internet Security and Acceleration (ISA) Server 2000. If the external IP address of the server running ISA Server changes, and the IP address for the SMTP publishing rule is not updated to reflect the new IP address, an NDR results. In addition, if you do not restart the Isactrl service after changing the IP address in the SMTP publishing rule, an NDR results.

Related events:
Event ID: 1709, Event Source: MSExchangeTransport
Reference LinksResolution:

Catch threats immediately

We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.

See what we caught

Did this information help you to resolve the problem?

Yes: My problem was resolved.
No: The information was not helpful / Partially helpful.