incoming mail fails but outgoing mail succeeds in exchange 2003

I have Windows Server 2003 and Microsoft Exchange Server 2003

I have set up a couple test accounts in exchange. One of those is

I have a dynamic IP which is redirected using using dynamic dns (

So far it has worked for my website, ftp etc.

I am able to use Outlook Web Access and send mail out to peopel with exhange 2003.

it is trying to send mail to the exchange account ( where i get the following error:

The original message was received at Wed, 29 Oct 2003 19:01:51 -0700 from []

   ----- The following addresses had permanent fatal errors ----- <>
    (reason: 550 access denied)

   ----- Transcript of session follows ----- ... while talking to
<<< 550 access denied
554 5.0.0 Service unavailable

I have tried going to Message Delivery properites, SMTP properties, and POP3 properties to make sure that it is not denying anything from any IP addresses, and also allowed anonymous SMTP access as well as any IP to Relay. I have checked the box for allowing any computer which succesfully authenticates to relay, regardless of any IP restrictiosn (which there are none).

i am using as my fully qualifed domain name, and have no masquerade domain name, do not have perform reverse DNS lookup in SMTP settings, nor do i have any external DNS set up.

I use Windows Server 2003 as a DNS server and it does the DHCP etc. my router (I have DSL hense the dynamic IP) so i can also get my acutal DNS settings and my actual IP if needed (but redirects my IP to anyway).

outbound security is also anonymous.

i am completely stumbled on what further action to take or check or if my settings are correct. I am using my exchange server mainly to provide web based e-mail to ROTC cadets that dont' normally have e-mail.
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

make sure in ur iis default web site annonymous is set fror authentication.On ur virtual directories in ur exchange system manager make sure u have basic authentication and for domain just
put \ and nothing more.It wont hurt to give ur owa users log on local right to the exchange server(if it is domain controller u may want to think twice about it).
David WilhoitSenior Consultant, ExchangeCommented:
"also allowed anonymous SMTP access as well as any IP to Relay"

Remove that before you get blocklisted, and then you WILL have issues.
" "===Is this your SMTP domain? Is it in the default recipient policy, and is the policy set to be responsible for all email to this domain? Is this address on the user object in question? This is something small, just recheck all the stuff...

David WilhoitSenior Consultant, ExchangeCommented:
nevermind, just checked your dns records, and you forgot to create an MX record. Create one, like "" or whatever you want it to be, point it to your IP address, and have some fun...:)


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

utelit3Author Commented: is my smtp domain. when i send out mail to say i receive mail from just fine.

it is in the default recipient policy, and the policy is set to be responsible for all email in this domain. the e-mail account is set for user alvinfong@headquarters.ncc.

For Mail Exchanger, i put in When i tried to put in in my account it gives me the error message: "The MX entered ("") did not resolve or resolved to a CNAME." so i assume i can only use cause it made the changes.

Still getting the error message:

The original message was received at Wed, 29 Oct 2003 22:04:01 -0700 from []

   ----- The following addresses had permanent fatal errors ----- <>
    (reason: 550 access denied)

   ----- Transcript of session follows ----- ... while talking to
<<< 550 access denied
554 5.0.0 Service unavailable

when i try to send e-mail from to
David WilhoitSenior Consultant, ExchangeCommented:
you need a server name, an FQDN. create an (A) record in your dyndns for Point it at your Ip address. then create the MX record, and use the (A) record you created as the source. that's about it. Allow your SMTP to be routed to your internal IP address, it will then find your SMTP virtual server, and you're receiving mail :)

utelit3Author Commented:
The name of my server on my network is DELL1ghz. On active directory it is dell1ghz.headquarters.ncc, but refers to my IP. So i am using that as my FQDN. Is that oK? i am an exchange newbie, so thanks for bearing with me. I don't think i can create any records in dynamic dns. all i can do is put in something for mail exchanger, and i have put in I have enabled wildcard extensions which means if you do it will just redirect to Is that all i have to do for the MX? or is there a seperate place where i register my MX? Thanks a lot for your help so far!

just some info if you need it: is my actual dyanmic IP address
my server though is on my "internal network"
Relay restrictions on my SMTP virtual server are set to only allow & (my other network computer) but i have checked "allow all computers which successfully authenitcate to relay, regardless of the list above" - is this a problem?
on every other restriction, it is set to "all except listed below" and there are non listed below.
utelit3 sorry i misunderstood ur question.I thought u dont have owa .
Allow all computers to relay regardless of list above only affects ur pop3 clients that try to send through ur smtp server and should have no
affect on ur setup.Ur recipient policy is also correct and u dont have tp worry about it.As far as adding ur two computers for allowed relay u could but that would also make no diff.
The rest just follow kidegoes suggestion and u will be ok.
utelit3Author Commented:
Would you be able to clarify setting up the MX record through's dynamic dns?

when i click on hostname (, i have the option of changing the following:

IP address?
Enable Wildcard (for so that * will direct to
Mail Exchanger(optional):

Backup MX? enabled.

I am new to exchange server, and any help would be greatly appreciated.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.