Exchange IMAP/SMTP Relay Aunthenticate clients

Posted on 2006-11-20
Medium Priority
Last Modified: 2012-05-05
I'm new to exchange. I have the exchange server set up. It is currently working. I'm trying to set up IMAP/SMTP for remote users. I can't seem to get it to relay to external domains. I have it set to relay for auhtenticated computers but it seems that outlook nor Pocket PC's authenticate through the internet. If I take a PC on our network, logged in to AD the smtp server will relay. What am I missing? FYI.... If I add the IP address to the relay restrictions it will relay, But ip address's will change for clients so this is not a solution. I gave this question 500 points because I would like to move on with my install instead of spinning my wheels on something so small and I have not been able to figure it out myself.

Question by:trship49
  • 2
  • 2
LVL 104

Expert Comment

ID: 17980430
Trying to connect to your SMTP server over the internet for relaying email is not very reliable. If you have mobile devices you should probably look at sending email via the mobile providers SMTP server instead. For other remote users you may find that they are unable to send because many ISPs block access to remote SMTP servers as antispam measures. The only reliable way of connecting is to use a VPN and then send email to your server over that connection.

When you attempt to authenticate, what credential combination do you use?


something else?


Author Comment

ID: 17980521
I have tried username and domain/username. Neither seem to work. I can tell you that I can use the SMTP server to relay mail to our domain just not external domains. Plus adding the client IP to allow relay works. So I don't think our ISP is blocking anything. Put with all that I hear what you have to say about reliable and using the ISP's/mobile providers SMTP. I still would like to see this work.

Thanks Scott
LVL 104

Accepted Solution

Sembee earned 2000 total points
ID: 17980570
You aren't relaying email to your internal domain. Exchange is accepting the email and allowing the email to be delivered. That is how SMTP is designed to work. There is no difference between your client sending an SMTP message to the server and another server on the internet sending an email to your server.

domain\username should work for authentication - note the direction of the slash.

Ensure that you have your authentication settings correct. You need to have basic authentication enabled. Authenticated relaying in its default configuration is also a security risk. It is becoming common for Exchange servers that are exposed to the internet to have their SMTP service hammered for authentication on the administrator account. The server is then used to relay email.

You are also aware that your username and password information is going across in the clear?


Author Comment

ID: 17980707
Yes right now I'm aware of the clear text issue. I'm just trying to get it to work for the first time before I complicate things with a certificate. Currently I have Anonymous, Basic, and integrated windows authentication enabled. When it authenticates to the SMTP server does it use a different port? I'm at a loss as to why I can't get this to work one time. If I can get this to work one time I can follow the articale you showed me to limit which users can relay to only a handfull of people. With good passwords and SSL it should be secure. I have seen similiar articles. From an exchange standpoint it doesn't seem like rocket science, so maybe I need to look at other possible issues. Maybe I should dig in deeper and use a sniffer to see if it ever sends the username password authentication for SMTP. I've tried pocket PC 2003 edition and outlook clients to test with.

Thanks Scott

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article describes Top 9 Exchange troubleshooting utilities that every Exchange Administrator should know. Most of the utilities are available free of cost. List of tools that I am going to explain in this article are:   Microsoft Remote Con…
In my humble opinion (IMHO), TouchDown from Symantec is the best in class for this type of application, but Symantec has end-of-lifed it and although one can keep using it, it will no longer be supported or upgraded.  Time to look for alternatives t…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an anti-spam), the admin…
Whether it be Exchange Server Crash Issues, Dirty Shutdown Errors or Failed to mount error, Stellar Phoenix Mailbox Exchange Recovery has always got your back. With the help of its easy to understand user interface and 3 simple steps recovery proced…
Suggested Courses

569 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question