?
Solved

URGENT Relay help - please

Posted on 2006-06-29
10
Medium Priority
?
629 Views
Last Modified: 2008-02-01
Exchange 2003

I have a mailbox called Joe Bloggs (for example)
His Primary SMTP address is joe.bloggs@mydomain.com

I have created a "Contact" to divert his mail to with the SMTP address of joe.bloggs@otherdomain.com

Under the Delivery Option within Exchange General in Active Directory against his account - I have set up the Forward To option to forward to the contact (joe.bloggs@otherdomain.com)

I can send email internally to him using the Global Address List - but when I try and sent mail externally (from a mail account such as hotmail etc), I get a delivery failure sent to my hotmail address saying the following:


Status: 5.7.1 (Permanent failure - security: delivery not authorised, message refused)


I thought it might be becuase i did not have a recipient policy for mydomain.com - but i added one the other day and still it does not work.


Please can someone help me.
 
 
0
Comment
Question by:naifyboy123
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
10 Comments
 
LVL 104

Expert Comment

by:Sembee
ID: 17011356
That message isn't an Exchange message. So it is probably coming from something else.
Do you route your email via your ISP for example?

Simon.
0
 

Author Comment

by:naifyboy123
ID: 17014499
we go through mailsweeper first.

here is the full error message - if it helps more - perhaps this shown in full now is an Exchange meesage.

Reporting-MTA: dns; mailfilter1.XXX.co.uk
Received-From-MTA: dns; XXXXX.com (unverified [xxx.xxx.xxx.xxx])
Arrival-Date: Fri, 30 Jun 2006 00:14:45 +0100

Final-Recipient: rfc822; john.bloggs@mydomain.com
Action: failed
Status: 5.7.1 (Permanent failure - security: delivery not authorised, message refused)
Remote-MTA: dns; {IP address of our Exchange server}
Diagnostic-Code: smtp; 550 5.7.1 Unable to relay for joe.bloggs@mydomain.com
0
 
LVL 104

Expert Comment

by:Sembee
ID: 17016780
This line is not an Exchange message:
"Permanent failure - security: delivery not authorised, message refused"

The Diagnostic code below is.

I suspect that your mailsweeper application is probably causing the problem. When you use a contact to forward, the messages comes in and goes straight back out again. As such, the message can appear to come from the original address on the message, not from the internal server. I have seen some applications cough over that type of configuration, because the message isn't coming from a domain name that they recognise.

Simon.
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 

Author Comment

by:naifyboy123
ID: 17016838
I have totally removed the forward and still get the same error.

I can see the mail coming into our mailsweeper server in the queue. it just does not relay it to Exchange.

All other domains work fine.

0
 
LVL 104

Expert Comment

by:Sembee
ID: 17017509
Is the mailsweeper application doing any kind of LDAP lookup on the address to see if the account exists?

Simon.
0
 

Author Comment

by:naifyboy123
ID: 17017731
no - it just sends all the mail to the exchange server using ip address
0
 

Author Comment

by:naifyboy123
ID: 17017771
i just figured it out!

in the recipient policy i did not have the "The Exchange Organisation is responsible for all mail delivery to this address" option ticked.

I ticked this option and it started working.

thanks for all your help anyway.
0
 

Author Comment

by:naifyboy123
ID: 17017772
Request made to close this question
0
 
LVL 1

Accepted Solution

by:
GhostMod earned 0 total points
ID: 17047239
Closed, 500 points refunded.

GhostMod
Community Support Moderator
0

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In-place Upgrading Dirsync to Azure AD Connect
Unified and professional email signatures help maintain a consistent company brand image to the outside world. This article shows how to create an email signature in Exchange Server 2010 using a transport rule and how to overcome native limitations …
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses
Course of the Month13 days, 23 hours left to enroll

800 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question