We've disabled several Active Directory (AD) accounts for which we still want to receive email. Unfortunately, when we send test messages to these accounts, the messages generate nondelivery reports (NDRs). How can we fix this behavior?
Although you can't use disabled accounts to log on to the domain, these accounts should still be able to accept inbound email. The fact that some of these accounts won't accept email makes me suspect that you originally migrated these accounts from Exchange Server 5.5. Exchange 5.5 accounts that you migrate and then disable sometimes lose their ability to accept mail. The simplest cure is to open the Microsoft Management Console (MMC) Active Directory Users and Computers snap-in, edit the user account's security properties, then remove and re-add the security descriptor for the SELF pseudo-account.