Solved

550 Unable To Relay when webserver tries to send external email

Posted on 2009-04-13
5
556 Views
Last Modified: 2013-11-30
I have a web server that is located behind the DMZ interface of our firewall.  The website allows customers to send emails of collections lists.  I have allowed the web server smtp access to the exchange server in our internal network.  On the firewall audits I can see that the traffic is passing the firewall.  The web server will send the email to internal email addresses, but when it tries to send to external email addresses, the exchange server returns a 550 unable to relay error message.  I followed these directions from Microsoft (http://technet.microsoft.com/en-us/library/bb232021.aspx), but the server still will not email external users.  Any suggestions or assistance would be greatly appreciated.  
0
Comment
Question by:beefwilliams
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 5

Accepted Solution

by:
AClockworkTech earned 500 total points
ID: 24132797
I believe you have to add the Firewall's LAN interface to the allowed relay list in Exchange for this to work, depending on how your firewall is handling Masquerading from the DMZ network into your LAN.  Alternatively, you can use SMTP authentication.
0
 

Author Comment

by:beefwilliams
ID: 24137804
Thanks for the suggestion.  I added the firewall interface to the allow relay list in Exchange.  However, that change did not resolve the issue.  The program on the web server that handles the emailing will not allow me to enter in any type of user name so I don't know if authentication of any type will work.  
0
 

Author Comment

by:beefwilliams
ID: 24138659
I j ust noticed that the email address is not linked to an active directory user account.  Would that cause this problem?
0
 
LVL 5

Expert Comment

by:AClockworkTech
ID: 24139339
No, it should be fine.  Did you make sure to run the following code from the Exchange Management Shell?  Also make sure "Anonymous Users" is checked in the "Permissions" tab on the receive connector properties in the Console.
Get-ReceiveConnector "ServerName\Receive Connector Name" | Add-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON" -ExtendedRights "Ms-Exch-SMTP-Accept-Any-Recipient" 

Open in new window

0
 

Author Comment

by:beefwilliams
ID: 24139521
After looking in the SmtpReceive logs, I noticed that instead of the DMZ firewall interface IP address, it had the firewall internal IP address listed.  Once I added the firewall internal ip as a receive connector, the external emailing problem was fixed.  Thanks again for your help!
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

MS Outlook is a world-class email client application that is mainly used for e-communication globally.  In this article, we will discuss the basic idea about MS Outlook, its advanced features, and types of MS Outlook File formats.
Unified and professional email signatures help maintain a consistent company brand image to the outside world. This article shows how to create an email signature in Exchange Server 2010 using a transport rule and how to overcome native limitations …
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question