Solved

Forwarding Mail to External Contacts

Posted on 2008-06-09
14
1,024 Views
Last Modified: 2012-06-21
So I have created a contact, and setup the AD user, to forward + store email to the contact created. The contact is a domain outside the domain hosted by exchange 2003. However when sending a test mail, I recieve the following error :


#< #5.5.0 smtp;551 This is not a relay host - mail must be to or from host domain.> #SMTP#


I dont get it, it shouldnt be relaying the email, just forwarding. Any tips? do I need to add something to the SMTP gateway?
0
Comment
Question by:FirstFocus
  • 4
  • 4
  • 3
  • +1
14 Comments
 
LVL 23

Expert Comment

by:debuggerau
ID: 21747802
some host systems do a reverse DNS check on your client SMTP address to try and establish that the origin is correct.
Can you try another address for a test where you know that no R-DNS test exists?


0
 
LVL 15

Expert Comment

by:LegendZM
ID: 21747862
Sounds like a problem with the smart host on your Exchange server. Try taking a look at it to make sure it's configured properly.
0
 
LVL 15

Expert Comment

by:LegendZM
ID: 21747868
If no smart host, then most likely RDNS:  Contact the ISP to change them.
0
NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

 

Author Comment

by:FirstFocus
ID: 21747869
I dont think its Reverse lookup thats stopping it. I just tried modifing the address to be my own, as I know what checks our own domain performs. Here is the message header. As you can see, it leaves my own internal exchange server, hits thier spam filter, and continues to thier exchange. Once it gets there, the error message is generated. I have a similar setup working on another domain, with practically all the same features (exchange 2003, barracuda filter etc). The only difference I could find in the settings of exchange was the relay permissions, which on the server which worked, allowing itself to relay. I tried changing this with no effect (though I didnt restart SMTP)

Diagnostic information for administrators:

Generating server: server.domain1.com.au

john.doe@domain2.com.au
#< #5.5.0 smtp;551 This is not a relay host - mail must be to or from host domain.> #SMTP#

Original message headers:

Received: from mail.domain1.com.au ([10.2.100.201]) by
 server.domain1.com.au with Microsoft SMTPSVC(6.0.3790.1830);       Tue, 10
 Jun 2008 11:21:58 +1000
Received: from Unknown [202.182.144.82] by Domain1 SMTP Server - SurfControl E-mail Filter (5.5.0); Tue, 10 Jun 2008 11:21:57 +1000
Received: from server.domain2.local ([172.16.0.8]) by server.domain2.local
 ([172.16.0.8]) with mapi; Tue, 10 Jun 2008 11:21:56 +1000
From: "John Doe" <john.doe@domain2.com.au>
To: Other Guy <Otherg@domain1.com.au>
Date: Tue, 10 Jun 2008 11:21:39 +1000
Subject: test # 3
Thread-Topic: test # 3
Thread-Index: AcjKmFUGIZLTX6TbTB+BCcM5fOMLqA==
Message-ID: <87F84EF14ADBD94AAC96353D171CE37A35BF8BD13B@server.domain2.local>
Accept-Language: en-US, en-AU
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US, en-AU
Content-Type: multipart/alternative;
      boundary="_000_87F84EF14ADBD94AAC96353D171CE37A35BF8BD13Bserver.domain2"
MIME-Version: 1.0
X-SEF-6B7ED60F-97E8-456E-AD8B-5BAB5722E58B: 1
X-SEF-Processed: 5_5_0_191__2008_06_10_11_21_58
Return-Path: john.doe@domain2.com.au
X-OriginalArrivalTime: 10 Jun 2008 01:21:58.0279 (UTC)
0
 

Author Comment

by:FirstFocus
ID: 21747881
I might add, that the exchange 2003 server doing the forwarding, does not use a smart host, and does not have RDNS itself turned on
0
 
LVL 15

Expert Comment

by:LegendZM
ID: 21747899
The error is on their end with their smart host.
0
 
LVL 104

Accepted Solution

by:
Sembee earned 500 total points
ID: 21749994
I am not active on this forum any more... however this problem is caused by your ISP restricting who can use their email host.

The email appears to come from the original sender, not a sender on your site. For example if someone at hotmail.com sent the message then the ISPs system sees the message as coming from user @ hotmail.com. They are restricting who can relay through their server. Exchange leaves the email message pretty much intact, so the headers show the original information.

This kind of relay restrictions is become more common now as the war on spam and email server abuse increases and it makes this type of forwarding impossible to carry out in a reliable way. Even if your ISP allowed the messages there is a good chance that the recipient's server may also block the message because it appears to be spoofing. To use my example above - the message is coming from a user at hotmail.com, but your server is not responsible for email for hotmail.com.

I wouldn't call it an error with the ISPs smart host, more like a configuration decision that you either need to live with (by not doing automatic forwarding), or find an alternative ISP or host to relay email through.

Simon.
0
 
LVL 15

Expert Comment

by:LegendZM
ID: 21753294
You're my hero Simon, I wish I had the same level of knowledge.
0
 
LVL 23

Expert Comment

by:debuggerau
ID: 21755909
My take on this problem, hope to be proved wrong, is that the origin of the message becomes the SMTP server (Exchange) address. The 'to' address is the destination..
So when you automatically forward a message to a ISP, they accept it with open arms..
They may have protection mechanism, but unless you try to relay mail from another account, this shouldn't happen.
Do you have a SMTP log, that will really show us one way or another whats happening..
0
 
LVL 104

Expert Comment

by:Sembee
ID: 21759181
While the origin of the message becomes the Exchange server, what most antispam solutions are looking at is the From field in combination with the origin of the message. IN this case the ISP is checking that the From field matches a domain in its list that are allowed to relay through their server. As Exchange doesn't touch the From field, it fails this test - hence the rejection.

Simon.
0
 
LVL 23

Expert Comment

by:debuggerau
ID: 21775540
Sorry Simon, just did some test to verify, and all my automatically forwarded emails have a from address which was NOT the originating account, but the account that did the forwarding.
hotmail accepted the email and delivered it intact.

The 'from' address I got from hotmail, was NOT the gmail account I originated the mail from initially.
It was from the account here that I sent it too...

Cant say anything about the antispam component as it wasn't mentioned...

0
 
LVL 23

Expert Comment

by:debuggerau
ID: 21775764
ok, now I have to backtrack, I tried it the otherway and sure enough the from address was from the originating location.

Either way, they did get delivered, but as we send directly so its not an issue for us.

The SMTP logs show that emails were infact getting sent with the from being the originator.

Simon, Do you think they are using an intermediary for outgoings?
and just not aware of it?
 
0
 
LVL 104

Expert Comment

by:Sembee
ID: 21777055
If you are automatically forwarding through a rule, then header is rewritten.
If you are automatically forwarding via a contact then the header isn't touched.

The original error message looks like something I would expect to see from a ISP or web host system. Depending on the ISP, it could be the case that all SMTP traffic is redirected through the ISPs SMTP server transparently, to block spam from BOTs that may infect the network.

Simon.
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
AD Tool/Script Populate Security Groups Automatically 8 35
Removing Exchange 2003 3 12
exchange 7 15
Mail not being received 19 17
While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…

679 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question