Solved

Exchange IMAP/SMTP Relay Aunthenticate clients

Posted on 2006-11-20
6
909 Views
Last Modified: 2012-05-05
I'm new to exchange. I have the exchange server set up. It is currently working. I'm trying to set up IMAP/SMTP for remote users. I can't seem to get it to relay to external domains. I have it set to relay for auhtenticated computers but it seems that outlook nor Pocket PC's authenticate through the internet. If I take a PC on our network, logged in to AD the smtp server will relay. What am I missing? FYI.... If I add the IP address to the relay restrictions it will relay, But ip address's will change for clients so this is not a solution. I gave this question 500 points because I would like to move on with my install instead of spinning my wheels on something so small and I have not been able to figure it out myself.

0
Comment
Question by:trship49
  • 2
  • 2
6 Comments
 
LVL 104

Expert Comment

by:Sembee
ID: 17980430
Trying to connect to your SMTP server over the internet for relaying email is not very reliable. If you have mobile devices you should probably look at sending email via the mobile providers SMTP server instead. For other remote users you may find that they are unable to send because many ISPs block access to remote SMTP servers as antispam measures. The only reliable way of connecting is to use a VPN and then send email to your server over that connection.

When you attempt to authenticate, what credential combination do you use?

username
username@domain
domain\username

something else?

Simon.
0
 

Author Comment

by:trship49
ID: 17980521
I have tried username and domain/username. Neither seem to work. I can tell you that I can use the SMTP server to relay mail to our domain just not external domains. Plus adding the client IP to allow relay works. So I don't think our ISP is blocking anything. Put with all that I hear what you have to say about reliable and using the ISP's/mobile providers SMTP. I still would like to see this work.

Thanks Scott
0
 
LVL 104

Accepted Solution

by:
Sembee earned 500 total points
ID: 17980570
You aren't relaying email to your internal domain. Exchange is accepting the email and allowing the email to be delivered. That is how SMTP is designed to work. There is no difference between your client sending an SMTP message to the server and another server on the internet sending an email to your server.

domain\username should work for authentication - note the direction of the slash.

Ensure that you have your authentication settings correct. You need to have basic authentication enabled. Authenticated relaying in its default configuration is also a security risk. It is becoming common for Exchange servers that are exposed to the internet to have their SMTP service hammered for authentication on the administrator account. The server is then used to relay email.
http://www.amset.info/exchange/smtp-relaysecure.asp

You are also aware that your username and password information is going across in the clear?

Simon.
0
 

Author Comment

by:trship49
ID: 17980707
Yes right now I'm aware of the clear text issue. I'm just trying to get it to work for the first time before I complicate things with a certificate. Currently I have Anonymous, Basic, and integrated windows authentication enabled. When it authenticates to the SMTP server does it use a different port? I'm at a loss as to why I can't get this to work one time. If I can get this to work one time I can follow the articale you showed me to limit which users can relay to only a handfull of people. With good passwords and SSL it should be secure. I have seen similiar articles. From an exchange standpoint it doesn't seem like rocket science, so maybe I need to look at other possible issues. Maybe I should dig in deeper and use a sniffer to see if it ever sends the username password authentication for SMTP. I've tried pocket PC 2003 edition and outlook clients to test with.

Thanks Scott
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
Find out what you should include to make the best professional email signature for your organization.
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question