Reporting-MTA: dns;<server>Received-From-MTA: dns;service31.mimecast.comArrival-Date: Mon, 27 Jan 2014 19:54:08 +0000
Final-Recipient: rfc822;<email address redacted>Action: failedStatus: 5.5.0Diagnostic-Code: smtp;550 Administrative prohibition - envelope blocked -http://www.mimecast.com/knowle
The reason for this was because I had set on the server-side for a mailbox to auto-forward to an external email address. Of course you can do it via the mailbox rules but these can sometimes be a bit unreliable.
So instead you can set it via one of the Exchange tabs in the Active Directory. You do first have to create an SMTP contact though, because it can only forward to another AD object.
After I did this, the above error was produced from Mimecast, our email relay service.
It is easily fixed. First, I synchronized our Active Directory with Mimecast. This usually happens twice a day, I think, so now I was going to force the change. Simply go to Services, Directory Sync, Synchronize LDAP Data.
I then went to the relay settings to configure an exception. I expected the synchronization to have done that but there was no sign of the external email address. So I just added it anyway. Here were the steps: User Directory, Profile Groups, Relay. I then added the external email address.
That's it! After that, the problematic messages disappeared and forwarding worked very swiftly as it was meant to.