Fixing the “Recipient Not Found by Exchange Legacy Encapsulated” Error When Forwarding Email

The “Recipient not found by Exchange Legacy encapsulated email address lookup” error, often accompanied by a Non-Delivery Report (NDR) with code 550 5.1.11, can be a frustrating issue in Microsoft Exchange environments, especially when forwarding emails. This error typically occurs in hybrid setups, after mailbox migrations, or when forwarding rules are misconfigured. In this blog post, we’ll explore the causes of this error and provide actionable steps to resolve it.

Understanding the Error

This error arises when Exchange cannot resolve a recipient’s email address using the LegacyExchangeDN attribute, a unique identifier used internally by Exchange for addressing. The LegacyExchangeDN is critical for routing emails, especially in environments with older Exchange versions or hybrid configurations (on-premises and Exchange Online). When forwarding emails, Outlook or Exchange may rely on cached LegacyExchangeDN values, which can become outdated or invalid, leading to the error.

Common scenarios where this error occurs include:

• Mailbox Migrations: After moving mailboxes between Exchange versions (e.g., Exchange 2007 to 2016) or to Exchange Online, the LegacyExchangeDN may not be properly updated.
• Forwarding Rules: Automatic forwarding rules in Outlook or Exchange may reference outdated LegacyExchangeDN values.
• Deleted and Recreated Mailboxes: If a mailbox is deleted and recreated, the new mailbox may lack the original LegacyExchangeDN.
• Hybrid Environments: In hybrid setups, synchronization issues between on-premises Active Directory and Exchange Online can cause mismatches.

The error often manifests when users forward emails, reply to cached recipients, or use Outlook’s autocomplete feature, resulting in an NDR like this:

IMCEAEX-_o=Contoso_ou=Exchange+20Administrative+20Group+20+28FYDIBOHF23SPDLT+29_cn=Recipients_cn=User@domain.com
Remote Server returned '550 5.1.11 RESOLVER.ADR.ExRecipNotFound; Recipient not found by Exchange Legacy encapsulated email address lookup'

Steps to Resolve the Error

Here are practical solutions to fix this error, starting with the simplest approaches and moving to more advanced ones.

1. Clear Outlook’s Autocomplete Cache

Outlook’s autocomplete feature may store outdated LegacyExchangeDN values, causing the error when forwarding emails.

Steps:

1. Open Outlook and click File > Options.
2. Select the Mail tab and scroll to the Send messages section.
3. Click Empty Auto-Complete List and confirm.
4. Close and reopen Outlook.
5. Retype the recipient’s email address manually when forwarding the email and send it again.

This step often resolves the issue for individual users, but may need to be repeated for multiple affected users.

2. Verify and Update the X500 Address

The LegacyExchangeDN is stored as an X500 proxy address in Active Directory. If the mailbox was migrated or recreated, the X500 address may be missing or incorrect.

Steps:

1. Identify the LegacyExchangeDN from the NDR. For example, in the error:IMCEAEX-_o=Contoso_ou=Exchange+20Administrative+20Group+20+28FYDIBOHF23SPDLT+29_cn=Recipients_cn=User@domain.comConvert the IMCEAEX string to an X500 address by:
   • Removing IMCEAEX- from the start and @domain.com from the end.
   • Replacing _ with /.
   • Converting +20 to a space, +28 to (, +29 to ), etc.
   • Prepending X500 to the result. Example result: X500:/o=Contoso/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=User
2. Open Active Directory Users and Computers or use PowerShell to add the X500 address to the user’s mailbox:Set-Mailbox -Identity "user@domain.com" -EmailAddresses @{add="X500:/o=Contoso/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=User"}
3. Force an Active Directory synchronization in hybrid environments using:Start-ADSyncSyncCycle -PolicyType Delta
4. Test forwarding an email to the recipient again.

3. Check Forwarding Rules

If the error occurs due to an automatic forwarding rule (e.g., in Outlook or Exchange), the rule may reference an invalid LegacyExchangeDN.

Steps:

1. In Outlook, go to File > Manage Rules & Alerts and review any forwarding rules.
2. Delete or update rules that reference problematic recipients.
3. In Exchange Admin Center (EAC):
   • Navigate to Mail Flow > Rules.
   • Disable or delete any forwarding rules that might be causing the issue.
4. Test email forwarding after removing or updating the rule.

4. Update the Offline Address Book (OAB)

An outdated Offline Address Book (OAB) may contain incorrect LegacyExchangeDN values, causing the error.

Steps:

1. In Exchange Management Shell, update the OAB:Update-OfflineAddressBook -Identity "Default Offline Address Book"
2. Force clients to download the updated OAB:Update-GlobalAddressList -Identity "Default Global Address List"
3. Instruct users to download the OAB in Outlook:
   • Go to File > Account Settings > Download Address Book and select Download changes since last Send/Receive.

5. Verify Hybrid Configuration

In hybrid environments, ensure that directory synchronization is working correctly.

Steps:

1. Check Azure AD Connect synchronization status:Get-ADSyncScheduler
2. Ensure the LegacyExchangeDN attribute is synchronized to Exchange Online.
3. If issues persist, rerun the Hybrid Configuration Wizard to fix connectivity problems.

6. Advanced Troubleshooting

If the above steps don’t resolve the issue:

• Check Event Logs: Review Exchange server event logs for errors related to recipient resolution or transport.
• Run Update-Recipient: Use PowerShell to update Exchange attributes: Update-Recipient -Identity "user@domain.com"
• Consult Microsoft Support: For complex hybrid issues, open a support ticket with Microsoft, providing the NDR and server logs.

Preventing Future Issues

To avoid this error in the future:

• Preserve LegacyExchangeDN During Migrations: When migrating mailboxes, export and reapply LegacyExchangeDN values as X500 addresses in the destination environment.
• Regularly Update OAB and GAL: Schedule periodic updates to ensure address lists are current.
• Test Forwarding Rules: Validate rules after mailbox changes to ensure they reference valid recipients.
• Monitor Synchronization: In hybrid setups, monitor Azure AD Connect to prevent sync failures.

The “Recipient not found by Exchange Legacy encapsulated email address lookup” error can disrupt email forwarding, but it’s often fixable by addressing cached data, X500 addresses, or configuration issues. By following the steps above, you can restore normal email flow and prevent recurrence. If you’re dealing with this error in a large-scale migration, consider using tools like Stellar Migrator for Exchange to streamline the process and minimize such issues.