EOP 中的邮件流智能Mail flow intelligence in EOP

重要

改进的 Microsoft 365 安全中心现在可用。The improved Microsoft 365 security center is now available. 此新体验将 Defender for Endpoint、Defender for Office、365 Microsoft 365 Defender 等引入了 Microsoft 365 安全中心。This new experience brings Defender for Endpoint, Defender for Office 365, Microsoft 365 Defender, and more into the Microsoft 365 security center. 了解新增功能Learn what's new.

适用对象Applies to

在邮箱位于 Exchange Online 或独立 Exchange Online Protection (EOP) 组织中(没有 Exchange Online 邮箱)的 Microsoft 365 组织中,通常使用连接器将电子邮件从 EOP 路由到本地电子邮件环境。In Microsoft 365 organizations with mailboxes in Exchange Online or standalone Exchange Online Protection (EOP) organizations without Exchange Online mailboxes, you typically use a connector to route email messages from EOP to your on-premises email environment. 您还可以使用连接器将邮件从 Microsoft 365 路由到合作伙伴组织。You might also use a connector to route messages from Microsoft 365 to a partner organization. 当 Microsoft 365 无法通过连接器传递这些邮件时,它们会排入 Microsoft 365 队列。When Microsoft 365 can't deliver these messages via the connector, they're queued in Microsoft 365. Microsoft 365 将继续每封邮件重试传递 24 小时。Microsoft 365 will continue to retry delivery for each message for 24 hours. 24 小时后,排队的邮件将过期,并且该邮件将在未送达报告(也称为 NDR 或退回邮件 (中返回到原始发件人) 。After 24 hours, the queued message will expire, and the message will be returned to the original sender in a non-delivery report (also known as an NDR or bounce message).

当无法通过使用连接器传递邮件时,Microsoft 365 将生成错误。Microsoft 365 generates an error when a message can't be delivered by using a connector. 本文介绍了最常见的错误及其解决方案。The most common errors and their solutions are described in this article. 通过连接器发送的未送达邮件的排队和通知错误统称为"邮件 流智能"。Collectively, queuing and notification errors for undeliverable messages sent via connectors is known as mail flow intelligence.

错误代码:450 4.4.312 DNS 查询失败Error code: 450 4.4.312 DNS query failed

通常,此错误意味着 Microsoft 365 尝试连接到连接器中指定的智能主机,但查找智能主机的 IP 地址的 DNS 查询失败。Typically, this error means Microsoft 365 tried to connect to the smart host that's specified in the connector, but the DNS query to find the smart host's IP addresses failed. 导致此错误的可能原因包括:The possible causes for this error are:

  • 您的域的 DNS 托管服务存在 (维护您的域服务器的权威名称服务器的一) 。There's an issue with your domain's DNS hosting service (the party that maintains the authoritative name servers for your domain).

  • 您的域最近已过期,因此无法检索 MX 记录。Your domain has recently expired, so the MX record can't be retrieved.

  • 您的域的 MX 记录最近已更改,并且 DNS 服务器以前仍缓存了您的域的 DNS 信息。Your domain's MX record has recently changed, and the DNS servers still have previously cached DNS information for your domain.

如何修复错误代码 450 4.4.312?How do I fix error code 450 4.4.312?

  • 使用 DNS 托管服务识别和修复域问题。Work with your DNS hosting service to identify and fix the problem with your domain.

  • 如果错误来自你的合作伙伴组织 (例如,第三方云服务提供商) 联系你的合作伙伴来修复此问题。If the error is from your partner organization (for example, a 3rd party cloud service provider), contact your partner to fix the issue.

错误代码:450 4.4.315 连接时间已过Error code: 450 4.4.315 Connection timed out

通常,这意味着 Microsoft 365 无法连接到目标电子邮件服务器。Typically, this means Microsoft 365 can't connect to the destination email server. 错误详细信息将解释此问题。The error details will explain the problem. 例如:For example:

  • 您的本地电子邮件服务器已关闭。Your on-premises email server is down.

  • 连接器的智能主机设置出错,因此 Microsoft 365 尝试连接到错误的 IP 地址。There's an error in the connector's smart host settings, so Microsoft 365 is trying to connect to the wrong IP address.

如何修复错误代码 450 4.4.315?How do I fix error code 450 4.4.315?

  • 了解适用于你的方案,并进行必要的更正。Find out which scenario applies to you, and make the necessary corrections. 例如,如果邮件流一直运行正常,并且尚未更改连接器设置,则需要检查本地电子邮件环境以查看服务器是否关闭,或者是否对网络基础结构进行了任何更改 (例如,您更改了 Internet 服务提供商,因此您现在具有不同的 IP 地址) 。For example, if mail flow has been working correctly, and you haven't changed the connector settings, you need to check your on-premises email environment to see if the server is down, or if there have been any changes to your network infrastructure (for example, you've changed internet service providers, so you now have different IP addresses).

  • 如果错误来自你的合作伙伴组织 (例如,第三方云服务提供商) 联系你的合作伙伴来修复此问题。If the error is from your partner organization (for example, a 3rd party cloud service provider), contact your partner to fix the issue.

错误代码:450 4.4.316 连接被拒绝Error code: 450 4.4.316 Connection refused

通常,此错误意味着 Microsoft 365 在尝试连接到目标电子邮件服务器时遇到连接错误。Typically, this error means Microsoft 365 encountered a connection error when it tried to connect to the destination email server. 导致此错误的一个可能原因是防火墙阻止了来自 Microsoft 365 IP 地址的连接。A likely cause for this error is your firewall is blocking connections from Microsoft 365 IP addresses. 或者,如果你已完全将本地电子邮件系统迁移到 Microsoft 365 并关闭本地电子邮件环境,则此错误可能是设计使的。Or, this error might be by design if you've completely migrated your on-premises email system to Microsoft 365 and shut down your on-premises email environment.

如何修复错误代码 450 4.4.316?How do I fix error code 450 4.4.316?

  • 如果你在本地环境中有邮箱,则需要修改防火墙设置以允许从 TCP 端口 25 上的 Microsoft 365 IP 地址连接到本地电子邮件服务器。If you have mailboxes in your on-premises environment, you need to modify your firewall settings to allow connections from Microsoft 365 IP addresses on TCP port 25 to your on-premises email servers. 有关 Microsoft 365 IP 地址的列表,请参阅 Microsoft 365 URL 和 IP 地址范围For a list of the Microsoft 365 IP addresses, see Microsoft 365 URLs and IP address ranges.

  • 如果不应将更多邮件传递到本地环境,请单击警报中的"立即修复",以便 Microsoft 365 可以立即拒绝收件人无效的邮件。If no more messages should be delivered to your on-premises environment, click Fix now in the alert so Microsoft 365 can immediately reject the messages with invalid recipients. 这将降低超出组织对无效收件人的配额的风险,这可能会影响正常邮件传递。This will reduce the risk of exceeding your organization's quota for invalid recipients, which could impact normal message delivery. 或者,可以使用以下说明手动修复该问题:Or, you can use the following instructions to manually fix the issue:

    • Exchange 管理中心 (EAC) , 禁用或删除将电子邮件从 Microsoft 365 发送到本地电子邮件环境的连接器:In the Exchange admin center (EAC), disable or delete the connector that delivers email from Microsoft 365 to your on-premises email environment:

      1. 在 EAC 中,转到"邮件流 > ""连接器"。In the EAC, go to Mail flow > Connectors.

      2. Select the connector with the From value Office 365 and the To value Your organization's email server and do one of the following steps:Select the connector with the From value Office 365 and the To value Your organization's email server and do one of the following steps:

        • 通过单击"删除 ""删除"  图标删除连接器Delete the connector by clicking Delete Remove icon

        • 通过单击"编辑 编辑"  图标并 清除" 打开"来禁用连接器Disable the connector by clicking Edit Edit icon and clearing Turn it on.

    • 将 Microsoft 365 中与本地电子邮件环境关联的接受域从"内部中继"更改为 "权威"。Change the accepted domain in Microsoft 365 that's associated with your on-premises email environment from Internal Relay to Authoritative. 有关说明,请参阅 在 Exchange Online 中管理接受的域For instructions, see Manage accepted domains in Exchange Online.

    注意:通常,这些更改需要 30 分钟到 1 小时才能生效。Note: Typically, these changes take between 30 minutes and one hour to take effect. 一小时后,请确认您不再收到该错误。After one hour, verify that you no longer receive the error.

  • 如果错误来自你的合作伙伴组织 (例如,第三方云服务提供商) ,你需要联系你的合作伙伴来修复此问题。If the error is from your partner organization (for example, a 3rd party cloud service provider), you need to contact your partner to fix the issue.

错误代码:450 4.4.317 无法连接到远程服务器Error code: 450 4.4.317 Cannot connect to remote server

通常,此错误意味着 Microsoft 365 连接到目标电子邮件服务器,但服务器立即响应错误,或不符合连接要求。Typically, this error means Microsoft 365 connected to the destination email server, but the server responded with an immediate error, or doesn't meet the connection requirements. 错误详细信息将解释此问题。The error details will explain the problem. 例如:For example:

  • 目标电子邮件服务器响应了"服务不可用"错误,指示服务器无法与 Microsoft 365 保持通信。The destination email server responded with a "Service not available" error, which indicates the server is unable to maintain communication with Microsoft 365.

  • 连接器配置为需要 TLS,但目标电子邮件服务器不支持 TLS。The connector is configured to require TLS, but the destination email server doesn't support TLS.

如何修复错误代码 450 4.4.317?How do I fix error code 450 4.4.317?

  • 验证本地电子邮件服务器的 TLS 设置和证书,以及连接器上的 TLS 设置。Verify the TLS settings and certificates on your on-premises email servers, and the TLS settings on the connector.

  • 如果错误来自你的合作伙伴组织 (例如,第三方云服务提供商) ,你需要联系你的合作伙伴来修复此问题。If the error is from your partner organization (for example, a 3rd party cloud service provider), you need to contact your partner to fix the issue.

错误代码:450 4.4.318 连接突然关闭Error code: 450 4.4.318 Connection was closed abruptly

通常,此错误意味着 Microsoft 365 难以与本地电子邮件环境通信,因此连接已中断。Typically, this error means Microsoft 365 is having difficulty communicating with your on-premises email environment, so the connection was dropped. 导致此错误的可能原因包括:The possible causes for this error are:

  • 防火墙使用 SMTP 数据包检查规则,这些规则无法正常工作。Your firewall uses SMTP packet examination rules, and those rules aren't working correctly.

  • 本地电子邮件服务器无法正常运行 (例如服务挂起、崩溃或系统资源不足) ,从而导致服务器退出并关闭与 Microsoft 365 的连接。Your on-premises email server isn't working correctly (for example, service hangs, crashes, or low system resources), which is causing the server to time out and close the connection to Microsoft 365.

  • 本地环境和 Microsoft 365 之间存在网络问题。There are network issues between your on-premises environment and Microsoft 365.

如何修复错误代码 450 4.4.318?How do I fix error code 450 4.4.318?

  • 了解适用于你的方案,并进行必要的更正。Find out which scenario applies to you, and make the necessary corrections.

  • 如果问题由本地环境和 Microsoft 365 之间的网络问题导致,请与网络团队联系以解决问题。If the problem is caused by network issues between your on-premises environment and Microsoft 365, contact your network team to troubleshoot the issue.

  • 如果错误来自你的合作伙伴组织 (例如,第三方云服务提供商) ,你需要联系你的合作伙伴来修复此问题。If the error is from your partner organization (for example, a 3rd party cloud service provider), you need to contact your partner to fix the issue.

错误代码:450 4.7.320 证书验证失败Error code: 450 4.7.320 Certificate validation failed

通常,此错误意味着 Microsoft 365 在尝试验证目标电子邮件服务器的证书时遇到错误。Typically, this error means Microsoft 365 encountered an error while trying to validate the certificate of the destination email server. 错误详细信息将解释此错误。The error details will explain the error. 例如:For example:

  • 证书已过期Certificate expired

  • 证书主题不匹配Certificate subject mismatch

  • 证书不再有效Certificate is no longer valid

如何修复错误代码 450 4.7.320?How do I fix error code 450 4.7.320?

  • 修复连接器上的证书或设置,以便可以传递 Microsoft 365 中的排队邮件。Fix the certificate or the settings on the connector so that queued messages in Microsoft 365 can be delivered.

  • 如果错误来自你的合作伙伴组织 (例如,第三方云服务提供商) ,你需要联系你的合作伙伴来修复此问题。If the error is from your partner organization (for example, a 3rd party cloud service provider), you need to contact your partner to fix the issue.

其他错误代码Other error codes

Microsoft 365 难以将邮件发送到本地或合作伙伴电子邮件服务器。Microsoft 365 is having difficulty delivering messages to your on-premises or partner email server. 使用 错误中的 "目标服务器信息"检查环境中的问题,或在出现配置错误时修改连接器。Use the Destination server information in the error to examine the issue in your environment, or modify the connector if there's a configuration error.

如果错误来自你的合作伙伴组织 (例如,第三方云服务提供商) ,你需要联系你的合作伙伴来修复此问题。If the error is from your partner organization (for example, a 3rd party cloud service provider), you need to contact your partner to fix the issue.