Exchange 2007 Wont Relay

I am trying to setup a simple application relay through the Exchange 2007 Server and it is giving me nothing but a headache. I have followed the directions in this link backwards and forwards and can not get it to work.
http://msexchangeteam.com/archive/2006/12/28/432013.aspx 
I tried both option 1 and option 2. I had a feeling it may be related to the fact that the local IP's and the remote IPs are in the same network. I originally had the remote IPs setup to include the entire LAN then I cut it back to just the two IPs I was testing with. When I telnet into the server I can get to the RCPT to: section and then it errors out with the 550 5.7.1 Unable to relay for....
I have restarted the Transport service in the hope that might help but no joy. Any help would be appreciated.
m_m_cooperAsked:
Who is Participating?
 
m_m_cooperConnect With a Mentor Author Commented:
Finally figured this dang thing out. We had installed the Server 2003 SMTP service. Once we removed it everything worked just like the article said it should. Thanks.
0
 
NeranelCommented:
Have you setup a specific receive connector for the source of your relay?  With Exchange 2007 you need difference receive connectors.
0
 
NeranelCommented:
See this for more information on the setup of the additional receive connector
 
http://msexchangeteam.com/archive/2006/12/28/432013.aspx  
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
m_m_cooperAuthor Commented:
Yes. As the link suggest I setup a recieve connector specifically for the relay.
0
 
NeranelCommented:
Wow, i just gave you the same link, sorry.
0
 
Rajith EnchiparambilOffice 365 & Exchange ArchitectCommented:
Just specify the application server IP address in the remote network settings in the wizard. It's pretty simple as it says in the link.

Rajith.
0
 
m_m_cooperAuthor Commented:
Tried that
0
 
NeranelCommented:

Here is the 5.7.1 error.  Make sure you allow connections from all sources on your receive connector.  Its rejecting the relay because it is failing authentication.
5.7.1

General access denied error (the sender of the message does not have privileges necessary to complete delivery).

Check privileges for the sender and resend the message.
0
 
NeranelCommented:
this page is wrong in the link
http://msexchangeteam.com/photos/postpictures2/images/432010/original.aspx
go to that page on your receive connector and check everything, but anonymouse users should be enough, but some application servers need the others.
0
 
NeranelCommented:
unless you can provide SMTP Authentication from the sending application you need to open the permissions as explained in my previous post.
0
 
m_m_cooperAuthor Commented:
The sender is anonymous. As the link suggests I enabled this in the receive connector.
0
 
NeranelCommented:
then you should be working, can you post the exchange logs?
0
 
m_m_cooperAuthor Commented:
I checked the event log and I am getting "Receive connector 0.0.0.0:25 requires Transport Layer Security (TLS) before the MailFrom command can be run, but the server can't achieve it. Check the authentication settings of this connector." when I try to telnet into the server and send a message. I removed TLS from the connector I want to use but it seems like the other connector is taking precedence.
0
 
Rajith EnchiparambilOffice 365 & Exchange ArchitectCommented:
As the link says, there are two options. Either to use "Exchange Users" in permission group and TLS & Externally Secured in authentication tab.

OR

Anonymous in permission group and TLS in authentication tab. Don't mix both options. If you can, pose the snapshots of all tabs.

And restart the MS Exchange Transport Service.
0
 
NeranelCommented:
have you added the relay permission to the connector?
 

Get-ReceiveConnector "CRM Application" | Add-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON" -ExtendedRights "ms-Exch-SMTP-Accept-Any-Recipient"

Open in new window

0
 
m_m_cooperAuthor Commented:
Rajit- It says to use "Exchange server" and yes I have tried both methods.
Just now I have repeated both methods to verify it did not work. Attached are the screens from the tabs.
Neranel- I did run that command in the Exchange Shell

Relay.docx
0
 
m_m_cooperAuthor Commented:
Rajit- I also restarted the transport service after each configuration change.
0
 
Rajith EnchiparambilOffice 365 & Exchange ArchitectCommented:
Is the application using an authenticated session?
0
 
m_m_cooperAuthor Commented:
no I don't think so. The APC asks for a from address but no password.
0
All Courses

From novice to tech pro — start learning today.