Solved

Why can't POP3/IMAP4 clients send to Distribution Lists in AD?

Posted on 2006-07-09
7
265 Views
Last Modified: 2010-03-06
Howdy Experts,

I have a problem in where a pop3/imap4 client sends an email to a Distribution List in Active Directory. Mail Marshall recieves the email, processed it and forwards it to Exchange but the email is not recieved in DL Members' inbox.

We're rolling out RPC which will resolve this problem, however the the rollout phase will be over the next few months and pop3/imap4 clients will still be live.

The Environment:
Exchange 2003 Front-End
   - OWA and soon to be RPC Proxy
Exchange 2003 Back-End
   - Mailstore
   - POP3 and IMAP4 services are and running, I know this should be done through the front-end but this required
     setting up another 'domain' for Exchange which my organisation was not keen on.
   - SMTP VSI set to allow relaying from Mail Marshal and Domain Users, Authenticated Users has default options set.
Mail Marshall SMTP
   - Processes all SMTP deliveries

I've visited Simon's website and found this article http://www.amset.info/exchange/smtp-relaysecure.asp. Just wondering if anyone else has come across this problem and what was their resolution.

Riqsta


0
Comment
Question by:Riqsta
  • 4
  • 3
7 Comments
 
LVL 104

Expert Comment

by:Sembee
ID: 17073582
Does message tracking show the message coming in?
Have you restricted the access to the distribution groups in any way? I tend to lock them down so that external people cannot send to them. If your POP3 users are sending their messages via an external server, and not the Exchange server, then the restriction may be causing the problem.

Simon.
0
 
LVL 1

Author Comment

by:Riqsta
ID: 17077968
On Mail Marshal it shows the message being delivered to Exchange and Message Tracking confirmed the message was recieved in Exchange.

POP3 users are sending via MM, Domain Users have Send To access on the DL in question. I'll continue looking at the restrictions/security settings.

Riqsta
0
 
LVL 104

Expert Comment

by:Sembee
ID: 17077977
If the distribution lists are set to only accept email from domain users, then that is your problem. The email that is coming in from your Mail Marshal application is not a domain user. It is an anonymous connection and will be blocked. The fact that it is coming from an internal IP address will not work - otherwise all anyone would have to do is spoof the from address to abuse the list.

Simon.
0
Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 1

Author Comment

by:Riqsta
ID: 17078024
So if I add the MailMarshall server object to allow Send To access to the DL will this then resolve the problem or shall I configure MM to use a Domain account?
0
 
LVL 104

Accepted Solution

by:
Sembee earned 500 total points
ID: 17081129
I would be surprised if either works.
I haven't used Mail Marshal, but if it is the same as other spam appliances and applications, once it has accepted the email message it just sends it as a standard anonymous SMTP message to the Exchange server - which is how Exchange would receive the message if it was receiving the email directly.
If the Mail Marshal product can be configured to authenticate when it sends email to your internal email server, then you may be able to get the messages distributed to the list. However that would also allow spammers to abuse your lists - because the session would be authenticated.

I don't think you are going to be able to achieve what you want without opening the distribution lists to abuse, unless you change your configuration so that IMAP/POP3 users send their email through the Exchange server, not the Mail Marshal server.

Simon.
0
 
LVL 1

Author Comment

by:Riqsta
ID: 17087220
Yes you're assumption is correct. Yea it's strange as I can can send email from a POP3 client to DLs fine but maybe that's because I'm an administrator. I'll leave this question open for the meanwhile in case I do resolve it.

Riqsta
0
 
LVL 1

Author Comment

by:Riqsta
ID: 17087354
I ended up opening up the DL in question to accept messages from Everyone. Not ideal but its working....Consider this questioned answered.
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Utilizing an array to gracefully append to a list of EmailAddresses
How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question