Incoming Emails into DocLib does not work when


you have the following scenario.

  • Email enabled DocLib with an address e.g. MyDocLib@contoso.com
  • E-Mail security settings: “accept e-mail from only members of the site who can write to the DocLib“

Two user accounts:

  • contoso\andy with Email address info@contoso.com
  • contoso\chris with Email address info@contoso.com
  • Both users are set as contributors and are able to create, delete and edit items in that DocLib.

Now one of the two users sends an email to that DocLib and the question is: Will this email arrive and be stored in the DocLib?

Short Answer: NO!

Long Answer:

The email arrives at the SharePoint Server with the sender-email-address info@contoso.com and due to the security settings SharePoint will look for the user because SharePoint uses the user’s name for “Created By” and also that user has to have the right permissions to create new items in that DocLib. With the email address info@contoso.com SharePoint will find two users and that is not expected because to set the right user-info into “Created By” we need a unique email address. If such a Sender Email Address results not into a unique user we will have a security violation and should not store this email into the DocLib.

Solution:

You can set the E-Mail security to accept emails from everyone and the result for a non-unique email address will be that you can see “System Account” as the “Created By”.

Troubleshooting:

In ULS log you can find:

MOSS2007:

01.01.2012 20:20:00.11

OWSTIMER.EXE (0x0512)

0x0A28

Windows SharePoint Services

E-Mail

6873

Warning

An error occurred while processing the incoming e-mail file C:\Inetpub\mailroot\Drop\xy37ll3331cd05e80006666.eml. The error was: Access denied. You do not have permission to perform this action or access this resource..

 

SPS2010:

01.01.2012 20:20:00.22

OWSTIMER.EXE (0x1768)

0x15A8

SharePoint Foundation

E-Mail

6873

Warning

An error occurred while processing the incoming e-mail file C:\inetpub\mailroot\Drop\36ab155201cd06af00000002.eml. The error was: Access denied. You do not have permission to perform this action or access this resource..

References:

Enable and configure e-mail support for a list or library:
http://office.microsoft.com/en-us/sharepoint-server-help/enable-and-configure-e-mail-support-for-a-list-or-library-HA010082307.aspx?CTT=3

 

We have to respect security and the result here is one of much more scenarios when an email will not arrive in the DocLib at the end.

Comments (2)

  1. Joerg, is there a fix for this if I actually want to use library permissions?

  2. Victor says:

    Note: to be sure you are actually hotting this, you should look for two AD lookups in the performance category, verbose level, just before the error:

    they'll look something like this:

    SharePoint Foundation         Performance  

    for account 1

    ftq4 Verbose GetAccountNameFromSid "0x010500000….10000" start …

    ftq4 Verbose GetAccountNameFromSid "0x010500000….10000" returned. returnValue=True

    ftq4 Verbose GetAccountNameFromSid "0x010500000….80000" start …

    ftq4 Verbose GetAccountNameFromSid "0x010500000….80000" returned. returnValue=True

    for account2

    the SIDs will be the value from the tp_SID in the User_info table

    then the conclusion

    ftq2 Verbose SearchFromGC name = <YOURDOMAINHERE>. returned. Result count = 2

    This shows that for one emailaddress, TWO accounts in AD got resolved.

    To fix this, either run a SQL Query for the two encoded SIDs or use AD lookup to check for same email address on different accounts.Start with the user that sent the mail in the first place.

    V