Solved

550 5.7.1 Unable to relay on exchange 2007

Posted on 2008-10-08
37
2,665 Views
Last Modified: 2013-11-29
I am using exchange 2007, And my pop3 clients are getting 550 5.7.1 Unable to relay error message on sending. attached edge server receiver connector  screen shoot. In the outlook cleint i have enable secure logon and outgoing server authentication.

Please advice

Thanks
Sen
Authentication.bmp
premission.bmp
mazaya.bmp
0
Comment
Question by:senmohan
  • 19
  • 16
  • +1
37 Comments
 
LVL 11

Expert Comment

by:Bertling
ID: 22667549
under the network tab what is the iprange?
0
 
LVL 1

Author Comment

by:senmohan
ID: 22668043
attached the network tab.

192.168.0.8 is pointing to external network (Edge Server)

remote ip 0.0.0.0/255.255.255.255
nwtab.JPG
0
 
LVL 11

Expert Comment

by:Bertling
ID: 22668183
inbound mail works though right?
0
 
LVL 1

Author Comment

by:senmohan
ID: 22668535
Yes. i am able to receive mail not able to send. (pop3 cleints)
0
 
LVL 11

Expert Comment

by:Bertling
ID: 22668584
on the pop3 profiles have you used the domain/username and password of the user in AD to authenticate?
0
 
LVL 1

Author Comment

by:senmohan
ID: 22668794
Yes. I am using domain name and user name.

now if i enable outgoing server authentication . it giving attached error message.
if not unable to relay msg.
send-error.bmp
account-seetings.bmp
pop-advance-tab.bmp
0
 
LVL 1

Author Comment

by:senmohan
ID: 22668843
below msg i am getting while sending. (without "my outgoing server authrntication )


Your message did not reach some or all of the intended recipients.

      Subject:      RE: Test POP- IN
      Sent:      10/8/2008 5:37 PM

The following recipient(s) cannot be reached:

      'Sen' on 10/8/2008 5:37 PM
            550 5.7.1 Unable to relay

0
 
LVL 11

Expert Comment

by:Bertling
ID: 22668964
untick the require logon using SPA on the email account.

please advise if that fixes it
0
 
LVL 1

Author Comment

by:senmohan
ID: 22668989
No. If i uncheck , getting unable to relay.. see the error below

Your message did not reach some or all of the intended recipients.

      Subject:      RE: Test POP- IN
      Sent:      10/8/2008 5:51 PM

The following recipient(s) cannot be reached:

      'Sen' on 10/8/2008 5:51 PM
            550 5.7.1 Unable to relay

0
 
LVL 11

Expert Comment

by:Bertling
ID: 22669489
have you done the edge subscription?
0
 
LVL 1

Author Comment

by:senmohan
ID: 22669683
Manually created the connectors. Not subscribed !!!
0
 
LVL 11

Expert Comment

by:Bertling
ID: 22669740
do the connectors on the exchange side allow the edge server to relay?
0
 
LVL 1

Author Comment

by:senmohan
ID: 22669948
How to verify that ?
0
 
LVL 11

Expert Comment

by:Bertling
ID: 22676416
please bare with me i am replicating your problem on a test lab
0
 
LVL 1

Author Comment

by:senmohan
ID: 22676652
Sure. Thanks Bertling...i will wait for ur reply
0
 
LVL 11

Accepted Solution

by:
Bertling earned 500 total points
ID: 22678110
ok i think i found your problem...

please do this step by step.

log on to the edge server
go to the properties of the Default Ext edge receive connector.
click the Permission group tab
check Exchange Servers tick box which is currently unticked.
click Apply
click the authentication tab
Untick Enable Domain Security (Mutual auth TLS)
Untick "Exchange server authentication"
Tick "Externally Secured (for e.g. IPSEC)" check box.
click Apply
The authentication tab should look like this: http://msexchangeteam.com/photos/postpictures2/images/432011/original.aspx
Now you should be able to send external emails using SMTP in a POP3 profile.
on your outlook profile please UNTICK the "require logon using secure password authentication (SPA)"
please advise if this solves your issue
thanks
mike
0
 
LVL 11

Expert Comment

by:Bertling
ID: 22679899
Sorry, also forgot to say after all the server side config restart the hub transport service on the hub transport server role server.
0
 
LVL 1

Author Closing Comment

by:senmohan
ID: 31504172
thanks a lot. its worked fine.
0
Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 1

Author Comment

by:senmohan
ID: 22700375
Hi after doing this i am getting lot of spam mails ..Please advice urgent !!!
0
 
LVL 11

Expert Comment

by:Bertling
ID: 22701081
can you post the headers of the spam emails to see where they are coming from?
0
 
LVL 1

Author Comment

by:senmohan
ID: 22718269
most of the mails are from "hinet" and it will generates lot mails from that say around 6000 and it genetrate another boundle of mail that hinet-17 like it will continues.

each time it is generating the mail from different domain !!!!
0
 
LVL 11

Expert Comment

by:Bertling
ID: 22718664
yes mail is being spoofed. can you plz try this:

put the authentcatio and groups back t po how they where before without the external secure ticked.

then this time on the outlook SMTP setup. dont select use the same usrname and pasword as incomin.

instead this time manually enter the domain\username and password AGAIN.

please aqdvise if you can now still send to external addresses.
0
 
LVL 1

Author Comment

by:senmohan
ID: 22745235
i revert the settings and manually entered the user name and password.  i am getting send error. screen shot attached !!!
send-error2.bmp
0
 
LVL 11

Expert Comment

by:Bertling
ID: 22757976
did you try to tick the enable SPA in the outgoing authentication box?
0
 
LVL 1

Author Comment

by:senmohan
ID: 22759136
i have tried all the ways !!!
do i need to do any change in the server side. please reverse my earlier attachment. now i have revert my setting as per my attachment
0
 
LVL 11

Expert Comment

by:Bertling
ID: 22759292
ok i THINK i have found the problem...

Set as you said every thing to how it was before and remove the external secured tickbox i said which was stupid and wrong!

now all i want you to do is TICK the "intigrated windows authentication" tick box on the authentication tab of your receive connector on the edge server.

make sure on outlook you have:

ticked the my outgoing server requires authentication
enter the username and password again and DONT use the "use the same as my incoming server"
tick require SPA

plz advise

thanks
mike
0
 
LVL 1

Author Comment

by:senmohan
ID: 22765523
its prompting for user name and password. a/c is not locked out and i have rest  the password as well
0
 
LVL 11

Expert Comment

by:Bertling
ID: 22765533
so it is still not working after what i have advised with ticking windows intigrated authentication?

and you hve the SPA ticked?
0
 
LVL 1

Author Comment

by:senmohan
ID: 22765599
no . its not working.i have tried with and without SPA
0
 
LVL 1

Author Comment

by:senmohan
ID: 22799812
Hi .. r u working on this issue ... please update me ...
0
 
LVL 1

Author Comment

by:senmohan
ID: 22807002
hi,i found something related to pop certificate.

i have seen a solution stating that . enable pop3 certificate. what you think abt this.



0
 
LVL 11

Expert Comment

by:Bertling
ID: 22807137
a pop cert would not fix ths as pop3 is an inbound protocal to download/receive your mail from a mailserver.
0
 
LVL 1

Author Comment

by:senmohan
ID: 22807153
its keep on asking for user name and password !!!

what could be the reason.

0
 
LVL 11

Expert Comment

by:Bertling
ID: 22807163
enable spa for incoming and outgoing.
check the settings of the pop3 connector to make sure spa is enabled and reset the pop3 services
0
 
LVL 1

Author Comment

by:senmohan
ID: 22807306
i have enabled SPA for in/out in oultook.

in pop3 connector(edgeserver) which are the option i have to enable. please advice

do i need to check in exchanger server connector also
0
 
LVL 1

Expert Comment

by:IntellecTechs
ID: 26394970
Did you ever get this fixed?
0
 

Expert Comment

by:nsdinc
ID: 27658846
this is the worst thread with WRONG info and is misleading. should be DELETED!!!!
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
Local Continuous Replication is a cost effective and quick way of backing up Exchange server data. The following article describes the steps required to configure Local Continuous Replication. Also, the article tells you how to restore from a backup…
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now