SMTP Gateway will not relay

I have configured an SMTP gatway in my DMZ which has a remote domain (lets call it incoming and outgoing relay worked fine until I removed the server from the domain and placed it in a work group. now it tells me it cannot relay to external domains when I send a mail or telnet onto the box.

The exchange 2003 server has an smtp connector set to forward the mail to the smart host with the correct ip in brackets.

The smtp gateway has the IP addresses of both of my exchange servers in the "allow relay" under the "relay" section of the SMTP virtual server.

Any ideas?
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Just so you know moving exchange server from a domain is not supported by microsoft
they only sugest was 258243 XADM: How to Back Up and Restore an Exchange 2000 Server Computer by Using the Windows Backup Program.
If you are using DMZ i bat you are using a Firewall check if the smtp port is open from your exchange server to your SMART HOST in your DMZ.
ikm7176Sr. IT ManagerCommented:
- In Internet Services Manager, add the SMTP mail domain for which you want the Windows server to relay. To add the SMTP domain:
a. Click Start, point to Programs, point to Administrative Tools, and then click Internet Services Manager.
b. Expand the server you want, and then expand the default SMTP virtual server. By default, the default SMTP virtual server has a local domain with the fully qualified domain name for the server.
c. To create the inbound SMTP mail domain, right-click Domains, point to New, and then click Domain.
d. In New SMTP Domain Wizard, click Remote as the domain type, and then click Next.
e. In Name, type the domain name of your SMTP mail domain for your Exchange organization.
f. Click Finish.

NOTE: step (b) above is important in your scenario since you removed your SMTP server from domain to workgroup

- Configure the SMTP mail domain you just created for relay:
a. In Internet Services Manager, right-click the SMTP mail domain, and then click Properties.
b. Click Allow the Incoming mail to be Relayed to this Domain.
c. Click Forward all e-mail to smart host, and then type the IP address in square brackets ([ ]) or the FQDN of the Exchange server responsible for receiving e-mail for the domain. For example, to enter an IP address, type []. d. Click OK.
JordansGhostAuthor Commented:
Yomanex - I think you have the worng end of the stick

ikm7176 - This is the way i set it up before, i removed it all and reconfigured SMTP as above and same effect incoming relay to remote domain works just fine. outbound mail fails saying my domain not allowed to relay. I think it might have something to do with checkpoint firewall hiding the IP of the mail server.
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

ikm7176Sr. IT ManagerCommented:
Hope your checkpoint firewall is not blocking the ports

Post the NDR you are recieving
ikm7176Sr. IT ManagerCommented:
what are the relay settings in your SMTP gateway server

This step is for hosts, which are most likely your internal servers that would need to send to all domains on the Internet. It is not recommended to not have any restrictions because anyone can use your server as an open relay. It is recommended to only allow the minimum, necessary hosts to openly relay to all domains. To do so:
1.      Open the properties of the Default SMTP Virtual Server.
2.      On the Access tab, click Relay.
3.      Click Only the list below, click Add, and then add the hosts that need to use this SMTP host to send email. On the dialog box that appears, you have the following options:
 -Single computer: Specify one particular host that you want to relay off of this server. If you click the DNS Lookup button, you can lookup an IP address of a specific host.
-Group of computers: Specify a base IP address for the computers that you want to relay. You have to specify the octets in the IP address for hosts that you will allow to relay. For example: If the IP address is, and you want any hosts with the first two octets 192.68 to relay, specify for the subnet mask.
-Domain: Select all of the computers in a domain by domain name that will openly relay. This option adds processing overhead, and might reduce the SMTP service performance because it includes reverse DNS lookups on all IP addresses that try to relay to verify their domain name.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
JordansGhostAuthor Commented:
Thanks for the advice. It turns out the checkpoint firewall was masking the internal IP of the exchange server behind the DMZ gateway. I've set it to not do this and it now works fine.
JordansGhostAuthor Commented:
I will accept your answer ikm7176 as it clearly displays how to correclt set up an SMTP gatway. it just turned out my issue was the firewall.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.