Solved

Exchage 2003 email rejected to some domains.

Posted on 2004-08-19
8
4,172 Views
Last Modified: 2012-05-05
HELP!  This is a new installation of Exchange 2003.  I can receive email from the internet, and can send it anywhere from a OWA.  HOWEVER when I try to send email from Outlook some goes through and some bounces back with Undeliverable #5.5.0 smtp;550.

To fix I have tried the following:

1. I set up the internal dns entry for mail.company.com with the public IP address and set up the mx mail.company.com.

2. I also ran the Exchange System Manager, Internet Email Wizard and I get an error:  To send internet email the selected server cannot be a bridgehead server  ID no: c103b530  Exchange System Manager.

Our IP was previously used as a relay but I am working on correcting that now.

What I don't understand is why it works with exchange OWA without problem, and fails to some domains when using outlook.  It is the same server!

Thanks

0
Comment
Question by:avsc
8 Comments
 
LVL 5

Assisted Solution

by:Dragonmen
Dragonmen earned 166 total points
ID: 11839466
Check your internet provider settings - if it is using some kind of mail (spam) control and rejects some emails.
Could also be that some domains are cached bad and not allowing the mail to reach it's recipients.
Try to telnet on the domains that have emails rejected and send email to that user:

telnet domainthatcanthavemailsent.com 25
helo domainthatcanthavemailsent.com
mail from: I@Me.com
rcpt to: "user email"
data
Just testing
.

It you get some error that means it's IP is not resolved ok.
0
 
LVL 3

Assisted Solution

by:tsorensen55
tsorensen55 earned 166 total points
ID: 11840889
You also might want to make sure that if you have it set in exchange to require authentication for outgoing mail, that it is setup properly in the outlook clients. OWA i believe already considers you having authenticated by logging in via the web so there are no settings to define there.
0
 

Author Comment

by:avsc
ID: 11844330
Dragonmen: Here is my results from the telnet.    The line that reads 250 2.1.5 "david@avsc.com"@slingmedia.com looks funny to me the way it is formatted. Is this right? or is this a clue to my problem?

220 slingscream.slingmedia.com Microsoft ESMTP MAIL Service, Version: 6.0.3790.0
 ready at  Thu, 19 Aug 2004 10:54:11 -0700
helo mail.slingmedia.com
250 slingscream.slingmedia.com Hello [208.54.100.241]
mail from: david@slingmedia.com
250 2.1.0 david@slingmedia.com....Sender OK
rcpt to: "david@avsc.com"
250 2.1.5 "david@avsc.com"@slingmedia.com
data
354 Start mail input; end with <CRLF>.<CRLF>
Just testing 1234
.
250 2.6.0 <SLINGSCREAMoYAPNXRP00000009@slingscream.slingmedia.com> Queued mail f
or delivery

tsorensen55: Could you walk me thourgh setting authentication on the server and on the client.  Thanks
0
 
LVL 16

Accepted Solution

by:
Nyaema earned 168 total points
ID: 11863840
set up the internal dns entry for mail.company.com with the internal IP address of the server and not the external

Also urgently sort out the IP relay problem...
because if your IP is registered as a relay,
you definately get some mail going out and others bouncing.
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 

Author Comment

by:avsc
ID: 11865071
It seems that  the entry in the open relay database was causing the bounce.  I knew that was at least part of the problem, however the fact that I could send via the web client without a bounce still has me puzzled.  I had submitted changes to have the IP removed from the open relay before I posted this question so I will split the points between all who contributed.  Thanks to all for the input.
0
 
LVL 3

Expert Comment

by:tsorensen55
ID: 11869969
Do you still need the step by step instructions on setting up the server to require authentication for outgoing mail? Just let me know and I will get it posted ASAP.
0
 

Author Comment

by:avsc
ID: 11870877
tsorensen55: Yes,  I would like that.  Also, if you have any tips for securing OWA that would be great!
0
 
LVL 3

Expert Comment

by:tsorensen55
ID: 11872326
OK first things first, the exchange server part. Since you are running Exchange 03 I’ll do it step by step in how I see it on our Exchange 03 server.
1.      Open the Exchange System Administrator.
2.      Expand the Administrative Groups.
3.      Expand the domain.
4.      Expand Servers.
5.      Expand the server name.
6.      Expand Protocols.
7.      Expand SMTP.
8.      Right click on the Virtual SMTP Server.
9.      Left click on properties.
10.      Click on the access tab.
11.      Click on authentication button at top.
12.      the 3 check boxes we have selected are:
a.      Anonymous Access
b.      Basic Authentication (password sent in clear text)
c.      Integrated Windows Authentication
13.      Click on Users button at bottom of that screen
14.      Make sure authenticated users are listed.
15.      Click ok out of “Permissions for Submit and Relay window
16.      Click OK out of “Authentication” window
17.      Click on relay button at bottom of the “Default SMTP  Virtual Server Properties” window
18.      Select “Only the listed below” option. Ours we keep blank since everyone sends from either inside the company, or from across the VPN.
19.      We also have the box checked for “Allow all computers which successfully authenticate to relay, regardless of the list above.
20.      Click OK
21.      OK out of properties window.

That should take care of the Exchange server part. Now for the Outlook options. This only applies if the users’ Outlook is configured for pop. If they are setup to use exchange, then there is no need for setting up authentication type because they are already authenticated in just opening up the mailbox store when they open Outlook. Incase you have pop clients though, here are the steps.

1.      In outlook click on tools, and then email accounts
2.      Select view or change existing e-mail accounts at the wizard prompt and click next.
3.      Double-Click the appropriate account
4.      Click the more settings button near bottom right.
5.      Click on the Outgoing tab
6.      Select “my outgoing server requires authentication”
7.      Select “Use the same settings as incoming mail server

That should take care of the steps. As far as securing OWA, it works just like an Outlook client being configured to run connected to an exchange server. It already has the authentication embedded when you log on.
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Join & Write a Comment

Suggested Solutions

Today companies are subjected to more-and-more data, and it won't stop any time soon.  But there are obvious opportunities for reducing data, particularly data duplicated among companies.
The article will include the best Data Recovery Tools along with their Features, Capabilities, and their Download Links. Hope you’ll enjoy it and will choose the one as required by you.
Viewers will learn how to use the Hootsuite Dashboard.
The viewer will learn how to successfully download and install the SARDU utility on Windows 7, without downloading adware.

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now