Link to home
Create AccountLog in
Avatar of luefher
luefherFlag for United States of America

asked on

Setting up Echange 2003 mailboxes

I've been trying to set it up for a while now, and every time something is achieved, some new problem pops up. I have Windows SBS 2003 with Exchange, and I have set up the 2 users in active directory. After that I proceeded to set up mailboxes, and after bumping into a few problems and googling a lot, I managed to have Outlook Express send emails from a machine that's not on the network to external addresses. I've upgraded to Outlook 2003, and now it says the account is not allowed to send messages. Relaying permissions are on for the account in Exchange on the server. I'm sure it's a checkbox somewhere, as usual. I should also mention that whereas I was able to send emails from the domain to outside and within the domain, emails from outside were bounced back, with user does not exist message. Let me know if you need specific settings, I am kind of new to Exchange, just trying to set it up to receive and send emails from - you'd think, how hard can it be :)
Avatar of Jeffrey Kane - TechSoEasy
Jeffrey Kane - TechSoEasy
Flag of United States of America image

The problem is that you don't set up mailboxes separately with SBS.  Instead of creating users in Active Directory, you should be using the Server Management Console > Users Snap-in and run the Add New User Wizard.  

Using this wizard performs the following items:

" Creates user account. Allow multiple users to be created.
" Enables Exchange e-mail services for the user. Exchange mailboxes are created if e-mail alias is specified.
" Sends an introductory e-mail to the user. The e-mail content is located in %sbsprogramdir%\Administration\samplemail.htm.
" Assigns the user to Exchange distribution lists.
" Grants access to network resources such as shared folders, printers, and fax printers.
" Grants permissions to SharePoint.
" Grants the user VPN/Dial-in access or not via group membership.
" Gives the user remote administration privileges or not via group membership.
" Deploys software to user computers (launches the Setup Computer wizard).
" Assigns user(s) a logon script \\servername\NETLOGON\SBS_LOGON_SCRIPT.bat. If a logon script already exists for the user, a pointer to the SBS logon script is appended to the existing logon script. Logon script entry: \\servername\Clients\Setup\Applnch.exe /s servername

Then, When you join a workstation to your SBS Domain, you need to also use the wizards so that Outlook 2003 gets configured automatically.  First you run the Setup Client Computer Wizard (unless you allowed the Add User Wizard to continue on to setting up the computer account), then at the workstation you use IE and go to http://<servername>/connectcomputer to join it to the domain.

If you've not followed these steps to join workstations, please see to fix this.

Finally... (actually this should be the first thing you do), the Configure Email and Internet Connection Wizard (CEICW -- linked as "Connect to the Internet on the To-Do list in the Server Management Console) must be run to make sure that Exchange is configured properly.

A visual how-to for that is here:

Avatar of luefher


I think you misunderstood the question. The network logons work fine, both on the local network and remote; however, for email, I don't want to join the domain - I'd like to have a pop3/smtp server running on the machine so that email for the can be downloaded with any pop3 client from any connection. When I try to download or send it (machine not joined to the domain), I get a response: " Client does not have permission to submit mail to this server"...
Okay then... the problem is that POP3/SMTP is not the recommended method to access email remotely when you have an SBS.  POP3 Email isn't secure, and if you download email from Exchange via POP3, then it is potentially removed from the server which would make backup impossible, and bypass the benefits of "Deleted Item Recovery".  Not to mention, it could remove messages from your Exchange mailbox so that it doesn't sync on every device you connect with and doesn't include your Contacts, Calendar, Tasks, or Notes.  Additionally, Exchange's Intelligent Message Filter (SPAM protection) doesn't work when you use POP3.

Instead, SBS offers a few ways to access email remotely that work much better.  Since you have Outlook 2003 installed, you should be using RPC over HTTPS.  

This feature must be enabled in the Configure Email and Internet Connection Wizard (CEICW -- which is linked as Connect to the Internet in the Server Management Console > To-Do List) by checking the box on the Web Services Configuration Screen for "Outlook via the Internet".

A visual how-to is here:

Port 443 must be open on your router/firewall.

Then RPC over HTTPS client configuration instructions are on the server's Remote Web Workplace main menu -- linked as "Configure Outlook via the Internet" -- access the RWW Main Menu by going to http://localhost/remote from on your server.  (See for more info on RWW).

A full overview for SBS based RPC/HTTPS configurations is here:

If accessing email from a public computer or a non-Windows OS, you can use Outlook Web Access which provides almost the same experience as Outlook 2003.  OWA should also be enabled in the CEICW and then you can access it via (or if you don't have a FQDN configured,


Avatar of luefher


Well, I feel you are not addressing the problem here. I do NOT want to use web interface, or LAN, since the clients are not on it. Let me explain it again: I have SBS 2003, and Exchange (obviously 2003) running on a <domain>. All I want is to set up Exchange properly so that it can send/receive emails from/to LAN/external ips. Any ideas?
I'm not telling you to use the web interface or LAN... I'm telling you that you configure your REMOTE OUTLOOK 2003 with RPC over HTTP and it works with ANY Internet Connection.

Please review the articles I linked to so you can learn about this.

Avatar of luefher


Sorry it took me a while to get back to this.
I've tried the described method - I've enabled Outlook via the Internet in CEICW, and continued to configure Outlook itself. In Exchange Server Settings, I put www.<domain>.com as the server (since I haven't set up a subdomain for Exchange yet), and then my network logon name as the mailbox. When I clicked Check Name, it said the server could not be resolved, and a look at the firewall log revealed that there were packets on ports 445, 110, 335, and 339. After I opened 445 and 339, clicking on Check Name brings up a dialog with User Name (pre-filled with logon name), Password, and Domain Name. For the domain name I enter <domain>.local, and for the password - my logon password. When I click ok, I get an error - "You logon information was incorrect. Check your username and domain, then type the password again." When I check Event Log on the server, under Security there is a Failure Audit, with this info:

Logon Failure:
       Reason:            Unknown user name or bad password
       User Name:      <network logon>
       Domain:            <remote machine domain>
       Logon Type:      3
       Logon Process:      NtLmSsp
       Authentication Package:      NTLM
       Workstation Name:      <remote workstation name>
       Caller User Name:      -
       Caller Domain:      -
       Caller Logon ID:      -
       Caller Process ID:      -
       Transited Services:      -
       Source Network Address:      <WAN ip address>
       Source Port:      0

Did I forget to set something up? I've followed all the steps up until this point...
You can't use for the server if doesn't actually point to your SBS's external IP address.  Please note that the CEICW specifically states that if you don't have a FQDN pointing to your server that you should enter the IP address.

Furthermore, the instructions specifically state that you should NOT click on Check Name.  But that hardly matters if you haven't configured the server correctly.

Avatar of luefher


Oops, my bad - didn't realize it was Outlook 2002 - I've set up 2003 and configured it. I am able to send and receive emails between and It also sends emails from to (I've received the email I sent to my gmail account). However, when trying to send from gmail to, it doesn't show up in Outlook, and searching mailbox on the server doesn't find it as well. Port 25 is open in firewall - tried to disable it and the email bounced back to gmail with error 500 so, I figure it reaches the server but never makes it to the store... Is there a way to track what happened to it, or, perhaps, it's something else altogether?
"searching mailbox on the server doesn't find it as well."

What mailbox on the server?

"Is there a way to track what happened to it"

Sure... but I'm wondering... do you actually have a public MX record even configured for your domain?  Because above you stated that you don't have a FQDN pointing to your SBS's IP.  

Also above you stated, " look at the firewall log revealed that there were packets on ports 445, 110, 335, and 339. After I opened 445 and 339" and I want to be absolutely clear to you that those ports should NOT be opened.  This is RPC over HTTPS which only requires port 443 open on your SBS's firewall (router).  You don't need to go outside of any of the instructions I already linked for you.

Avatar of luefher


I tried to search for that message by going to Exchange Server Manager > Tools > Message Tracking Center and searching for messages addressed to I've setup the MX record for yesterday, and checked it today at, it points to my external IP address. I've closed up ports 445, 110, 335, 339. At this point I have 443 and 25 open and directed to the local IP address of the server...
Please check whether or not your new Host Name is actually connecting to your Exchange Server by going to

Avatar of luefher


The MX Lookup for "" showed the following:

Preference      10
Host Name
IP Address      my external IP address
TTL             14400

10/12/2007 2:28:33 PM Central Standard Time
DNS Host: Unknown
Email Host:

When I clicked Diagnostics, and entered "" for the Mail Server, it showed this:

Banner: Microsoft ESMTP MAIL Service, Version: 6.0.3790.3959 ready at Fri, 12 Oct 2007 15:33:00 -0400 [62 ms]
Connect Time:       0.062 seconds - Good
Transaction Time:       5.281 seconds - Warning
Relay Check:       OK - This server is not an open relay.
Rev DNS Check:       OK - resolves to
GeoCode Info:       Geocoding server is unavailable
Session Transcript:       
501 5.5.4 Invalid Address [5047 ms]
250 Hello [] [47 ms]
454 5.7.3 Client does not have permission to submit mail to this server. [62 ms]

Must be that last line (454 5.7.3) that's the problem?
There's no problem from that report.

If you are having problems receiving email from your GMail account I don't know why, other than you not having your proper SMTP address configured on your user account.  This would normally be done automatically when you run the CEICW and put as your Email Domain Name.

What you might want to do is send a message OUT to your GMail account and then reply back and see if that works.  It could take GMail up to 48-hours from when you configured the MX record to actually get the proper DNS propagation.

Also, if your IP Address is DYNAMIC, then you will need to use your ISP's SMTP Server as a Smart Host for sending email because otherwise, most major ISP's will reject it.  Check the Blacklists at (I'd guess that you're listed... but that's normal with Dynamic IP Address Ranges).

Avatar of luefher


Just checked my gmail - the one I sent yesterday in the morning (from to gmail and then replied) NDN'd with this error:

This is an automatically generated Delivery Status Notification



Delivery to the following recipient has been delayed:

Message will be retried for 2 more day(s)

Technical details of temporary failure:
TEMP_FAILURE: SMTP Error (state 12): 454 5.7.3 Client does not have permission to submit mail to this server.

  ----- Message header follows -----

Received: by with SMTP id h3mr907217wfb.1192192659434;
       Fri, 12 Oct 2007 05:37:39 -0700 (PDT)
Received: by with HTTP; Fri, 12 Oct 2007 05:37:39 -0700 (PDT)
Message-ID: <>
Date: Fri, 12 Oct 2007 08:37:39 -0400
From: "=?UTF-8?Q?L=C5=ABfher?=" <>
To: "=?UTF-8?Q?l=C5=ABfher?=" <>
Subject: test
MIME-Version: 1.0
Content-Type: multipart/alternative;

It's got to be some setting somewhere in Exchange...
Smart host is only for outbound mail, though, right?
Avatar of Jeffrey Kane - TechSoEasy
Jeffrey Kane - TechSoEasy
Flag of United States of America image

Link to home
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Avatar of luefher


hooray!! enabling it solved bounce-backs! thank you so much for all your help!