Exchange IMAP/SMTP Relay Aunthenticate clients

Posted on 2006-11-20
Medium Priority
Last Modified: 2012-05-05
I'm new to exchange. I have the exchange server set up. It is currently working. I'm trying to set up IMAP/SMTP for remote users. I can't seem to get it to relay to external domains. I have it set to relay for auhtenticated computers but it seems that outlook nor Pocket PC's authenticate through the internet. If I take a PC on our network, logged in to AD the smtp server will relay. What am I missing? FYI.... If I add the IP address to the relay restrictions it will relay, But ip address's will change for clients so this is not a solution. I gave this question 500 points because I would like to move on with my install instead of spinning my wheels on something so small and I have not been able to figure it out myself.

Question by:trship49
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
LVL 104

Expert Comment

ID: 17980430
Trying to connect to your SMTP server over the internet for relaying email is not very reliable. If you have mobile devices you should probably look at sending email via the mobile providers SMTP server instead. For other remote users you may find that they are unable to send because many ISPs block access to remote SMTP servers as antispam measures. The only reliable way of connecting is to use a VPN and then send email to your server over that connection.

When you attempt to authenticate, what credential combination do you use?


something else?


Author Comment

ID: 17980521
I have tried username and domain/username. Neither seem to work. I can tell you that I can use the SMTP server to relay mail to our domain just not external domains. Plus adding the client IP to allow relay works. So I don't think our ISP is blocking anything. Put with all that I hear what you have to say about reliable and using the ISP's/mobile providers SMTP. I still would like to see this work.

Thanks Scott
LVL 104

Accepted Solution

Sembee earned 2000 total points
ID: 17980570
You aren't relaying email to your internal domain. Exchange is accepting the email and allowing the email to be delivered. That is how SMTP is designed to work. There is no difference between your client sending an SMTP message to the server and another server on the internet sending an email to your server.

domain\username should work for authentication - note the direction of the slash.

Ensure that you have your authentication settings correct. You need to have basic authentication enabled. Authenticated relaying in its default configuration is also a security risk. It is becoming common for Exchange servers that are exposed to the internet to have their SMTP service hammered for authentication on the administrator account. The server is then used to relay email.

You are also aware that your username and password information is going across in the clear?


Author Comment

ID: 17980707
Yes right now I'm aware of the clear text issue. I'm just trying to get it to work for the first time before I complicate things with a certificate. Currently I have Anonymous, Basic, and integrated windows authentication enabled. When it authenticates to the SMTP server does it use a different port? I'm at a loss as to why I can't get this to work one time. If I can get this to work one time I can follow the articale you showed me to limit which users can relay to only a handfull of people. With good passwords and SSL it should be secure. I have seen similiar articles. From an exchange standpoint it doesn't seem like rocket science, so maybe I need to look at other possible issues. Maybe I should dig in deeper and use a sniffer to see if it ever sends the username password authentication for SMTP. I've tried pocket PC 2003 edition and outlook clients to test with.

Thanks Scott

Featured Post

New feature and membership benefit!

New feature! Upgrade and increase expert visibility of your issues with Priority Questions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
If you troubleshoot Outlook for clients, you may want to know a bit more about the OST file before doing your next job. IMAP can cause a lot of drama if removed in the accounts without backing up.
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
how to add IIS SMTP to handle application/Scanner relays into office 365.
Suggested Courses
Course of the Month13 days, 8 hours left to enroll

801 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question