Solved

Relaying denied based on private IP address

Posted on 2009-07-13
12
561 Views
Last Modified: 2012-05-07
Hey guys.

I'm trying to set up frontbridge (exchange hosted spam filtration) as a smart host on my exch07 machine.. Now I know how to set up a smart host but when I push email to mail.messaging.microsoft.com (outbound mail server)I get a relaying denied error.

Exchange hosted services requires me to have my outbound IP address registered with them..It is..however, the bounce email shows that they are checking the INTERNAL ip address of my exch07 server. (192.168.0.50)..I cannot add an internally non routed IP address to their service...so I guess I need to be able to change the REPORTED Ip in exchange 2007..anyone know how to do that?

me@mycompany.com
mail199-sin.bigfish.com #554 <me@mycompany.com>: Relay access denied ##

Original message headers:

Received: from exch07svr.clientsurl.com ([192.168.0.50]) by exch07svr.clientsurl.com
 ([192.168.0.50]) with mapi; Mon, 13 Jul 2009 11:49:31 -0700
From: Administrator <Administrator@clientsurl.com>


0
Comment
Question by:MultiTrends
  • 7
  • 5
12 Comments
 
LVL 27

Expert Comment

by:shauncroucher
ID: 24843085
This portion of the header is showing your server accepting the mail you have sent using Outlook. It is not showing the conversation between your server and the smarthost.

You should be able to use Outlook Express / Windows mail with the credentials you have been given to authenticate with and this will eliminate any configuration on Exchange. I suspect either the credentials are not correct OR your external IP has not been registered with them (have you checked the IP that your exchange server uses and double checked with them that they have it registered?).

Shaun
0
 
LVL 2

Author Comment

by:MultiTrends
ID: 24843192
No, this is the bounced email. The correct external IP is registered with Frontbridge. However, the only thing I can see is that in the bounce, the private IP is listed. I cannot list a private IP with frontbridge.

THere are not supposed to be any credentials with Frontbridge. It's an 'open' relay, open meaning, they only allow inbound connections from IPs they have listed in their DB.
0
 
LVL 2

Author Comment

by:MultiTrends
ID: 24843201
Oh and no, i'm not going to configure each workstations copy of outlook to use an outbound mail server other than my exchange server.
0
 
LVL 27

Expert Comment

by:shauncroucher
ID: 24843217
So what happens when you run a telnet SMTP test? At what stage do you get the failure? It sounds like an issue their end to me.

0
 
LVL 2

Author Comment

by:MultiTrends
ID: 24843286
When I manually telnet to the FB servers from inside it does the same deal (manually submitting an email)..

It's totally on their end but they are dumb and can't figure that out so i'm trying to work around the issue.
0
 
LVL 27

Expert Comment

by:shauncroucher
ID: 24843338
so at what stage do you get the error when using telnet test? EHLO / RCPT TO / MAIL FROM?

If this is issuing an error, you will not be able to workaround the issue. Your best bet will be to call them and say you have tested the facility using telnet (the most basic way to test the service) and this has failed. They cannot give you any reason then why it should not work.

Do you have multiple external IP addresses by the way, sometimes a firewall IP address can be seen with outbound IP's instead of the one you are using for your mail server. Just a secondary thought.

Shaun
0
How does your email signature look on mobiles?

Do your employees use mobile devices to reply to emails? With mobile becoming increasingly important to the business world, it is in your best interest to make sure that your email signature looks great across all types of devices.

 
LVL 2

Author Comment

by:MultiTrends
ID: 24843500
RCPT to is the last line..as soon as you ID that you're relaying it tosses you.

It's definitely 100% their issue.. I've registered my IP like they want and it still doesn't work.

Only reason I'm doing this is because telus found it prudent to block emails from our domain for reasons unknown and doesn't provide a number or service center or techsupport techs that know anything...

nor do they indicate who their blacklist provider is or even a suggestion as to what I can do to remove this domain from their apparent blacklist (even though we're clean and not on any other blacklists)
0
 
LVL 27

Expert Comment

by:shauncroucher
ID: 24843606
Your domain will not be blacklisted. Blacklists work on IP address.

You can see if your IP is on common blacklists by using mxtoolbox.com facility

In any case, if your smarthost provider is offering a facility where they allow you to relay mail to them by adding your IP address to their system they are the ones you need to speak with by the sounds of things.

Shaun
0
 
LVL 2

Author Comment

by:MultiTrends
ID: 24843639
Yeah I know we are 100% of blacklists..except the 'value added solution' from telus.. Which they provide no information on even to their own techs. If you're on it, your screwed pretty much.
0
 
LVL 2

Author Comment

by:MultiTrends
ID: 24843651
I'm kind of thinking of setting up a relay agent on our secondary connection which happens to be telus, so our client can forward emails destined for a telus address to our smart host which relays in to their own mail servers..lets see them blacklist their own email servers.
0
 
LVL 27

Accepted Solution

by:
shauncroucher earned 500 total points
ID: 24843679
If you are having trouble delivering mail to telus users, you could use a smarthost yes, this should work as the mail will not be seen as coming from your IP address.

Shaun
0
 
LVL 2

Author Comment

by:MultiTrends
ID: 24851324
sweet hey-zeus they figured it out. Only took them two days too.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Check out this infographic on what you need to make a good email signature that will work perfectly for your organization.
Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now