Previously I was working with Windows 2003 SMTP mail service and could not get the relay restrictions from external clients to work. (See http://www.experts-exchange.com/Networking/Email_Groupware/Exchange_Server/Q_21909393.html
I now have Exchange 2003 Server running in my test domain and ran into the same exact problem with external clients unable to authenticate for outgoing mail. With a POP3 client setup outside of the network, I would receive an error 550 5.7.1 unable to relay for email@example.com unless I was sending to someone within my domain.
I have checked the settings on the Exchange server and ensured that the box is checked for allowing "..all computers which successfully authenticate to relay, regardless of the list above" under the Exchange 2003 MMC snap-in for SERVERS|PROTOCOLS|SMTP|DEF
AULT SMTP VIRTUAL SERVER|ACCESS. However this did not resolve the issue until I checked the box "Allow messages to be relayed to these domains" under CONNECTORS|INTERNET MAIL SMTP CONNECTOR (Server)|ADDRESS SPACE.
When I did this, I received a the following warning:
"This option is only visible for SMTP connectors. Use this option to allow incoming messages to be relayed through the SMTP connector to the domains whose address spaces are listed on this tab. The default is to block relays, except from those users and computers that are able to authenticate. If your SMTP virtual server is on the Internet, you should leave relaying disabled in order to prevent your server from being used to propagate unsolicited commercial e-mail."
Why can't the POP mail clients relay with the first option? Why do I have to enable the second option on the SMTP connector? Is this right?
I have limitations on my external clients on accessing the Exchange Server. OWA via https works fine, but they have been used to using the Full Outlook client with our existing e-mail provider via POP Mail. I am trying move us away from the outsourcing of our e-mail with as little client impact as possible which is why I am messing with the POP mail configuration.
I am concerned about opening the server up for unsolicited relay but enabling the option under the SMTP connector. Please advise.