?
Solved

550 Unable To Relay when webserver tries to send external email

Posted on 2009-04-13
5
Medium Priority
?
562 Views
Last Modified: 2013-11-30
I have a web server that is located behind the DMZ interface of our firewall.  The website allows customers to send emails of collections lists.  I have allowed the web server smtp access to the exchange server in our internal network.  On the firewall audits I can see that the traffic is passing the firewall.  The web server will send the email to internal email addresses, but when it tries to send to external email addresses, the exchange server returns a 550 unable to relay error message.  I followed these directions from Microsoft (http://technet.microsoft.com/en-us/library/bb232021.aspx), but the server still will not email external users.  Any suggestions or assistance would be greatly appreciated.  
0
Comment
Question by:beefwilliams
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 5

Accepted Solution

by:
AClockworkTech earned 1500 total points
ID: 24132797
I believe you have to add the Firewall's LAN interface to the allowed relay list in Exchange for this to work, depending on how your firewall is handling Masquerading from the DMZ network into your LAN.  Alternatively, you can use SMTP authentication.
0
 

Author Comment

by:beefwilliams
ID: 24137804
Thanks for the suggestion.  I added the firewall interface to the allow relay list in Exchange.  However, that change did not resolve the issue.  The program on the web server that handles the emailing will not allow me to enter in any type of user name so I don't know if authentication of any type will work.  
0
 

Author Comment

by:beefwilliams
ID: 24138659
I j ust noticed that the email address is not linked to an active directory user account.  Would that cause this problem?
0
 
LVL 5

Expert Comment

by:AClockworkTech
ID: 24139339
No, it should be fine.  Did you make sure to run the following code from the Exchange Management Shell?  Also make sure "Anonymous Users" is checked in the "Permissions" tab on the receive connector properties in the Console.
Get-ReceiveConnector "ServerName\Receive Connector Name" | Add-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON" -ExtendedRights "Ms-Exch-SMTP-Accept-Any-Recipient" 

Open in new window

0
 

Author Comment

by:beefwilliams
ID: 24139521
After looking in the SmtpReceive logs, I noticed that instead of the DMZ firewall interface IP address, it had the firewall internal IP address listed.  Once I added the firewall internal ip as a receive connector, the external emailing problem was fixed.  Thanks again for your help!
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains how to install and use the NTBackup utility that comes with Windows Server.
New style of hardware planning for Microsoft Exchange server.
This video discusses moving either the default database or any database to a new volume.
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the adminiā€¦
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question