m_m_cooper
asked on
Exchange 2007 Wont Relay
I am trying to setup a simple application relay through the Exchange 2007 Server and it is giving me nothing but a headache. I have followed the directions in this link backwards and forwards and can not get it to work.
http://msexchangeteam.com/archive/2006/12/28/432013.aspx
I tried both option 1 and option 2. I had a feeling it may be related to the fact that the local IP's and the remote IPs are in the same network. I originally had the remote IPs setup to include the entire LAN then I cut it back to just the two IPs I was testing with. When I telnet into the server I can get to the RCPT to: section and then it errors out with the 550 5.7.1 Unable to relay for....
I have restarted the Transport service in the hope that might help but no joy. Any help would be appreciated.
http://msexchangeteam.com/archive/2006/12/28/432013.aspx
I tried both option 1 and option 2. I had a feeling it may be related to the fact that the local IP's and the remote IPs are in the same network. I originally had the remote IPs setup to include the entire LAN then I cut it back to just the two IPs I was testing with. When I telnet into the server I can get to the RCPT to: section and then it errors out with the 550 5.7.1 Unable to relay for....
I have restarted the Transport service in the hope that might help but no joy. Any help would be appreciated.
Have you setup a specific receive connector for the source of your relay? With Exchange 2007 you need difference receive connectors.
See this for more information on the setup of the additional receive connector
http://msexchangeteam.com/ archive/20 06/12/28/4 32013.aspx
http://msexchangeteam.com/
ASKER
Yes. As the link suggest I setup a recieve connector specifically for the relay.
Wow, i just gave you the same link, sorry.
Just specify the application server IP address in the remote network settings in the wizard. It's pretty simple as it says in the link.
Rajith.
Rajith.
ASKER
Tried that
Here is the 5.7.1 error. Make sure you allow connections from all sources on your receive connector. Its rejecting the relay because it is failing authentication.
5.7.1
General access denied error (the sender of the message does not have privileges necessary to complete delivery).
Check privileges for the sender and resend the message.
this page is wrong in the link
http://msexchangeteam.com/ photos/pos tpictures2 /images/43 2010/origi nal.aspx
go to that page on your receive connector and check everything, but anonymouse users should be enough, but some application servers need the others.
http://msexchangeteam.com/
go to that page on your receive connector and check everything, but anonymouse users should be enough, but some application servers need the others.
unless you can provide SMTP Authentication from the sending application you need to open the permissions as explained in my previous post.
ASKER
The sender is anonymous. As the link suggests I enabled this in the receive connector.
then you should be working, can you post the exchange logs?
ASKER
I checked the event log and I am getting "Receive connector 0.0.0.0:25 requires Transport Layer Security (TLS) before the MailFrom command can be run, but the server can't achieve it. Check the authentication settings of this connector." when I try to telnet into the server and send a message. I removed TLS from the connector I want to use but it seems like the other connector is taking precedence.
As the link says, there are two options. Either to use "Exchange Users" in permission group and TLS & Externally Secured in authentication tab.
OR
Anonymous in permission group and TLS in authentication tab. Don't mix both options. If you can, pose the snapshots of all tabs.
And restart the MS Exchange Transport Service.
OR
Anonymous in permission group and TLS in authentication tab. Don't mix both options. If you can, pose the snapshots of all tabs.
And restart the MS Exchange Transport Service.
have you added the relay permission to the connector?
Get-ReceiveConnector "CRM Application" | Add-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON" -ExtendedRights "ms-Exch-SMTP-Accept-Any-Recipient"
ASKER
Rajit- It says to use "Exchange server" and yes I have tried both methods.
Just now I have repeated both methods to verify it did not work. Attached are the screens from the tabs.
Neranel- I did run that command in the Exchange Shell
Relay.docx
Just now I have repeated both methods to verify it did not work. Attached are the screens from the tabs.
Neranel- I did run that command in the Exchange Shell
Relay.docx
ASKER
Rajit- I also restarted the transport service after each configuration change.
Is the application using an authenticated session?
ASKER
no I don't think so. The APC asks for a from address but no password.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.