Relaying denied

Posted on 2006-04-05
Medium Priority
Last Modified: 2008-01-09
Exchange 2003..  Outside vendor created an application for us that does order entries and sends out Email confirmations using SMTP.  Many Emails are getting bounced back with this message:    You do not have permission to send to this recipient.  For assistance, contact your system administrator.
 <  (OUR EMAIL SERVER.OUR DOMAIN) #5.7.1 smtp;550 5.7.1 < (EMAILADDRESS)>... Relaying denied>

App vendor thinks the relay restrictions are to blame.  I have allowed the workstation range of IP addresses, the web server IP, and checked the box that allows anybody who successfully authenticates....to relay.  They did mention one odd thing....Emails that go to addresses already in our global list of contacts don't seem to get bounced back, but ones that aren't do.  Is there some kind of relay restriction based on membership in an address list?  

My suspicion is that his app just isn't authenticating properly, if at all, but he insists that the exchange server settings need fixing.  Not sure where to look next.  Any ideas?


Question by:kburmaster
  • 2
LVL 104

Accepted Solution

Sembee earned 1000 total points
ID: 16385498
If the app can authenticate, then that is what I would concentrate on.
To prove whether it is authenticating correctly, setup a second SMTP virtual server on the server, disable anonymous access and then get the application pointing at that. Turn up logging and see what happens.

A cheats route which I have used in the past is to use the ISPs SMTP server. This may mean that some emails come straight back in, but at least you don't have to worry about relaying settings.

LVL 18

Expert Comment

ID: 16387602
re: Is there some kind of relay restriction based on membership in an address list?  
I'm not aware of a exchange SMTP VS setting for that.  Are you running an antispam solution on the exchange server?  I suspect the majority of them use all the resoruces they can find including user and global contacts to do thier jobs.

Are you using a front end/back end/dmz or single box?

The thing that I'm concerned with is how is this bounce message being sent if you are blocking relaying from this application.  The typical application with basic SMTP email sending built in, would just refuse to make the connection, if they were intelligent enough to log it they would spew:
550 5.7.1 Unable to relay for joe@joe.com

how robust are the APP's settings for smtp server?

Author Comment

ID: 16391456
Author of app tells me since I included all workstations that use this app in the range of authorized IPs, his app doesn't need to authenticate.  We use GFI Mailessentials for antispam running on the server, and it's just a single box behind a PIX firewall.  Having a hard time getting answers out of this guy.  All he says is "It's using smtp.  Must be your server settings.."

Thanks for input so far!
LVL 18

Assisted Solution

carl_legere earned 1000 total points
ID: 16392818
go to the machine with the APP (I assume it is run under windows)
initiate a manual SMTP connection
this guide misses one point that the syntax of each command can;t have weird extra spaces in it.
mail from:joe@joe.com is the syntax

use this cheat sheet to send email to your real email address from your (same) real email address
then do it with madeup sending email address, then with the address the APP is programed to send 'from'

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The main intent of this article is to make you aware of ‘Exchange fail to mount’ error, its effects, causes, and solution.
This month, Experts Exchange sat down with resident SQL expert, Jim Horn, for an in-depth look into the makings of a successful career in SQL.
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Suggested Courses
Course of the Month14 days, 14 hours left to enroll

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question