?
Solved

Relaying denied. IP name possibly forged

Posted on 2007-07-30
14
Medium Priority
?
1,657 Views
Last Modified: 2008-07-13
I have seen a resolution to this question but it does not fix my situation.  We are using Exchange on a Small Bus Server 2003 with al lthe latest SP's and updates.  We are using a Cisco PIX 501 firewall.  DNSSTUFF comes back clean on all reports except the SPF which I have been unsuccesful in correcting.

The IP address the email rejection error is pointing to as being forged is one number off the actaul mail server / MX record IP which is the PIX.  I found one article that said the PIX MailSecurity feature was the cause but our PIX has no such feature.

Another intersting item is that several users from inside the same office can email to the email address that is being rejected by another employee in the same network.

Any ideas are appreciated.
0
Comment
Question by:telecosfl
12 Comments
 
LVL 8

Expert Comment

by:Jejin Joseph
ID: 19595673
Could you post the exact error message or the content of the NDR ?
0
 

Author Comment

by:telecosfl
ID: 19595707
You do not have permission to send to this recipient.  For assistance, contact your system administrator.  <xyzdomain.com #5.7.1 smtp;550 5.7.1 <Oneal@abcdomain.org>... Relaying denied. IP name possibly forged [72.158.241.4]
0
 
LVL 104

Expert Comment

by:Sembee
ID: 19596941
The PIX mode you have does have the FIXUP SMTP feature. It is part of all Cisco PIX software.
You should ensure that it is not enabled. However if I telnet to that IP address then I don't get any response at all. Do you have multiple IP addresses? Are you sure that you have the NAT configured correctly so that the server appears to come out of the correct IP address when sending email?

Simon.
0
 [eBook] Windows Nano Server

Download this FREE eBook and learn all you need to get started with Windows Nano Server, including deployment options, remote management
and troubleshooting tips and tricks

 

Author Comment

by:telecosfl
ID: 19603239
I am confident we have the NAT setup properly.  We do have multiple IP's x.x.x.5 is the Exchange Server and x.x.x.4 is the PIX to the outside world.  Our MX ispointing to .4

Why would email send OK to 99% of the recepients and not to just one or two.  AND for the one or two it is only happening for one employee where all other employees in the same LAN can email fine to the same person?

Thanks,
0
 

Author Comment

by:telecosfl
ID: 19603262
Sorry - the last post should have read:

I am confident we have the NAT setup properly.  We do have multiple IP's x.x.x.5 is the Exchange Server and x.x.x.4 is the PIX to the outside world.  Our MX ispointing to .5

Why would email send OK to 99% of the recepients and not to just one or two.  AND for the one or two it is only happening for one employee where all other employees in the same LAN can email fine to the same person?

Thanks,
0
 
LVL 104

Expert Comment

by:Sembee
ID: 19607933
The answer to your question about why it happens to some users and not others is a question you have to ask the operators of the server rejecting the message. The message you are getting is not an Exchange message.

Simon.
0
 
LVL 5

Expert Comment

by:kmotaweh
ID: 19615488
try to contact the pix administrator and ask him to enable dns fix protocol from the pix firewall , i think this will help you to override this problem
0
 

Author Comment

by:telecosfl
ID: 19617041
The company rejecting the server does not feel there are any issues on their side and are not interested in trying to help.  Apparently this is the only person that cannot send emails to them - they say ot is our issue.

DNS Fixup did not correct the error.

We found if we send an email through OWA it goes through fine - Regular Outllok it rejects.
0
 
LVL 104

Accepted Solution

by:
Sembee earned 2000 total points
ID: 19617931
Ah you are stuck in a finger pointing exercise. What usually happens is that the other side doesn't know that there is a problem because no one tells them.

If it is just one domain with the problem then route the email for that domain through your ISPs SMTP Server using an SMTP Connector.

Simon.
0
 

Author Comment

by:telecosfl
ID: 19618498
Why would the issue exist from Exchange over Outlook 2003 but not over the Outlook Web from the same server?
0
 
LVL 104

Expert Comment

by:Sembee
ID: 19618746
No idea.
The messages should be identical, they are both using MAPI. It could be a message that says one thing but means another.
I am sure that this has been discussed before on this site. Perhaps if you search the database you might find it.

Simon.
0
 

Author Comment

by:telecosfl
ID: 19618790
Thanks - I really appreciate your help and advice.
0

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Are you looking for the options available for exporting EDB files to PST? You may be confused as they are different in different Exchange versions. Here, I will discuss some options available.
If something goes wrong with Exchange, your IT resources are in trouble.All Exchange server migration processes are not designed to be identical and though migrating email from on-premises Exchange mailbox to Cloud’s Office 365 is relatively simple…
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
how to add IIS SMTP to handle application/Scanner relays into office 365.
Suggested Courses

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question