Pkafkas
asked on
SMTP relay erro messages
Hello:
We work with a 3rd party partner for a specific application. This 3rd party vendor supports the application and we just support the server end (Windows 2003 Server Std). This server is in a workgroup (not in a domain). The network clients (in a Domain, not a workgroup) map a drive to the server through a batch file and can access the needed application that way.
The application is working pretty well except for the e-mail portion of it. The database queries are working fine; but, if one would like to e-mail a report from the program the following error pops up: "STMP reported: 5.7.1 Unable to Relay".
This feature did work until the vendor upgraded a piece of their software. The SMTP settings in the program are correct and have not changed. It has the fully qualified domain name of the existing Exchange server. Keep in mind that this Application Server is in a workgroup, not in a domain with the Exchange server.
Now other workgroup application servers that ask for an SMTP server address have the exact same thing entered in as the rouge Application Server and these other application servers are e-mailing information just fine.
Another PC/Client however gets a different error message when trying to email from that rouge application. The 2nd error message sates that XXX version 7.05 is not installed. Go to the downloads page and install it.
Below are screen shots of the relay rule on the Exchange server for this application. Again this was working until the vendor upgraded some software on teh Server. It was working up until a month ago and we havebeenusing Exchange for 1 year.
The vendor statea that the upgtrade has nothing to do with the email function.
We work with a 3rd party partner for a specific application. This 3rd party vendor supports the application and we just support the server end (Windows 2003 Server Std). This server is in a workgroup (not in a domain). The network clients (in a Domain, not a workgroup) map a drive to the server through a batch file and can access the needed application that way.
The application is working pretty well except for the e-mail portion of it. The database queries are working fine; but, if one would like to e-mail a report from the program the following error pops up: "STMP reported: 5.7.1 Unable to Relay".
This feature did work until the vendor upgraded a piece of their software. The SMTP settings in the program are correct and have not changed. It has the fully qualified domain name of the existing Exchange server. Keep in mind that this Application Server is in a workgroup, not in a domain with the Exchange server.
Now other workgroup application servers that ask for an SMTP server address have the exact same thing entered in as the rouge Application Server and these other application servers are e-mailing information just fine.
Another PC/Client however gets a different error message when trying to email from that rouge application. The 2nd error message sates that XXX version 7.05 is not installed. Go to the downloads page and install it.
Below are screen shots of the relay rule on the Exchange server for this application. Again this was working until the vendor upgraded some software on teh Server. It was working up until a month ago and we havebeenusing Exchange for 1 year.
The vendor statea that the upgtrade has nothing to do with the email function.
Have a look at the below and see does it provide any assistance.
http://msexchangeteam.com/archive/2006/12/28/432013.aspx
http://msexchangeteam.com/archive/2006/12/28/432013.aspx
ASKER
Ok, this is what happend form my normal domained workstation.
220 Voyager.AD.WCD.ORG Microsoft ESMTP MAIL Service ready at Wed, 17 Nov 2010 16:39:49 -0600
helo wcd.org
250 Voyager.AD.WCD.ORG Hello [10.220.21.65]
mail from:pkafkas@wcd.org
250 2.1.0 Sender OK
rcpt to:pkafkas@wcd.org
250 2.1.5 Recipient OK
data
354 Please start mail input.
this is a test from my workstation in the domain.\\
.
250 Mail queued for delivery.
220 Voyager.AD.WCD.ORG Microsoft ESMTP MAIL Service ready at Wed, 17 Nov 2010 16:39:49 -0600
helo wcd.org
250 Voyager.AD.WCD.ORG Hello [10.220.21.65]
mail from:pkafkas@wcd.org
250 2.1.0 Sender OK
rcpt to:pkafkas@wcd.org
250 2.1.5 Recipient OK
data
354 Please start mail input.
this is a test from my workstation in the domain.\\
.
250 Mail queued for delivery.
ASKER
I will try the commands on the rouge application server tomorrow.
OK. pkafkas should have received an email based upon that. Now repeat that but change the helo wcd.org to somethiong else and see whathappens. Then change the sender doamin to something els and see what happens.
I am thinking that either the sender domain from theapplication is not being accpeted or the sending email address is using an external domain that is not being accepted.
I am thinking that either the sender domain from theapplication is not being accpeted or the sending email address is using an external domain that is not being accepted.
I sometimes wish I had a built in spell checker.... :(
I know the feeling lol...
Thansk for that link JBond, it is very helpful.
Here is a Microsoft KB article that explains the smtp test process a little more in depth:
http://support.microsoft.com/kb/304897
Here is a Microsoft KB article that explains the smtp test process a little more in depth:
http://support.microsoft.com/kb/304897
Your welcome, and thank you for Microsoft KB article :)
ASKER
This is from the application server.
220 voyager.ad.wcd.org Microsoft ESMTP MAIL Service ready at Wed, 17 Nov 2010 1:58:56 -0600
helo wcd.org
250 voyager.ad.wcd.org Hello [192.168.1.187]
mail from:pkafkas@wcd.org
500 5.3.3 Unrecognized command
mail from:boxoffice@wcd.org
250 2.1.0 Sender OK
rcpt to:pkafkas@wcd.org
250 2.1.5 Recipient OK
data
354 Please start mail input.
typing info from application server 192.168.1.187
.
250 Mail queued for delivery.
------------
I have not received any e-mails to my email account pkafkas@wcd.org
220 voyager.ad.wcd.org Microsoft ESMTP MAIL Service ready at Wed, 17 Nov 2010 1:58:56 -0600
helo wcd.org
250 voyager.ad.wcd.org Hello [192.168.1.187]
mail from:pkafkas@wcd.org
500 5.3.3 Unrecognized command
mail from:boxoffice@wcd.org
250 2.1.0 Sender OK
rcpt to:pkafkas@wcd.org
250 2.1.5 Recipient OK
data
354 Please start mail input.
typing info from application server 192.168.1.187
.
250 Mail queued for delivery.
------------
I have not received any e-mails to my email account pkafkas@wcd.org
ASKER
It appears that everything is alredy in place for the 'anonymous' logon and the instructions (please see the screen shots above and the web link: http://msexchangeteam.com/archive/2006/12/28/432013.aspx (a very nice web article).
When I tried to make sure that the anonymous rule was enabled in the power shell, it basically told me tha tit was already enabled. Please read below, I copied teh output.
[PS] C:\Windows\System32>Get-Re
edRights "ms-Exch-SMTP-Accept-Any-R
WARNING: Appropriate ACE is already present on object "CN=Archtics,CN=SMTP Receive
Connectors,CN=Protocols,CN
Groups,CN=WCD,CN=Microsoft
AUTHORITY\ANONYMOUS LOGON".
Identity User Deny Inherited Rights
-------- ---- ---- --------- ------
VOYAGER\Archtics NT AUTHORITY\ANON... False False ms-Exch-SMTP-Accept-Any-Re
[PS] C:\Windows\System32>
When I tried to make sure that the anonymous rule was enabled in the power shell, it basically told me tha tit was already enabled. Please read below, I copied teh output.
[PS] C:\Windows\System32>Get-Re
edRights "ms-Exch-SMTP-Accept-Any-R
WARNING: Appropriate ACE is already present on object "CN=Archtics,CN=SMTP Receive
Connectors,CN=Protocols,CN
Groups,CN=WCD,CN=Microsoft
AUTHORITY\ANONYMOUS LOGON".
Identity User Deny Inherited Rights
-------- ---- ---- --------- ------
VOYAGER\Archtics NT AUTHORITY\ANON... False False ms-Exch-SMTP-Accept-Any-Re
[PS] C:\Windows\System32>
ASKER
I will try the suggested commands with another domain name like yahoo.
Before, when this was working, it only worked for internal e-mail addresses. That is the application e-mailed to internal users only. Not to external users.
Before, when this was working, it only worked for internal e-mail addresses. That is the application e-mailed to internal users only. Not to external users.
ASKER
Actually the e-mail address that the application is supposed to be always coming from is 'boxoffice@wcd.org'
I will try a different domain for the helo testing and see what happens.
I will try a different domain for the helo testing and see what happens.
ASKER
This did not help.
220 voyager.ad.wcd.org Microsoft ESMTP MAIL Service ready at Thu, 18 Nov 2010 10:25:02 -0600
helo wi.rr.com
250 voyager.ad.wcd.org Hello [192.168.1.187]
mail from:pkafkas1@wi.rr.com
rc501 5.1.7 Invalid address
rcpt to:pkafkas@wcd.org
data
503 5.5.2 Need mail command
503 No sender.
mail from:pkafkas1@wi.rr.com
503 5.5.2 Need mail command
mail from:pkafkas@wcd.org
250 2.1.0 Sender OK
rcpt to:petros_kaukas@yahoo.com
250 2.1.5 Recipient OK
data
354 Please start mail input.
test from the app server to yahoo account
.
250 Mail queued for delivery.
---------
220 voyager.ad.wcd.org Microsoft ESMTP MAIL Service ready at Thu, 18 Nov 2010 1:36:39 -0600
helo ad.wcd.org
250 voyager.ad.wcd.org Hello [192.168.1.187]
mail from:pkafkas@wcd.org
250 2.1.0 Sender OK
rcpt to:pkafkas@wcd.org
500 5.3.3 Unrecognized command
rcpt to:pkafkas@wcd.org
500 5.3.3 Unrecognized command
rcpt to:pkafkas@wcd.org
250 2.1.5 Recipient OK
data
354 Please start mail input.
10:38 am
.
250 Mail queued for delivery.
q
500 5.3.3 Unrecognized command
------------
220 voyager.ad.wcd.org Microsoft ESMTP MAIL Service ready at Thu, 18 Nov 2010 10:39:24 -0600
helo wcd.org
250 voyager.ad.wcd.org Hello [192.168.1.187]
mail from:pkafkas@wcd.org
501 5.5.4 Unrecognized parameter
mail from:test@wcd.org
250 2.1.0 Sender OK
rcpt to:petros_kaukas@yahoo.com
250 2.1.5 Recipient OK
data
354 Please start mail input.
10:40 am
.
250 Mail queued for delivery.
220 voyager.ad.wcd.org Microsoft ESMTP MAIL Service ready at Thu, 18 Nov 2010 10:25:02 -0600
helo wi.rr.com
250 voyager.ad.wcd.org Hello [192.168.1.187]
mail from:pkafkas1@wi.rr.com
rc501 5.1.7 Invalid address
rcpt to:pkafkas@wcd.org
data
503 5.5.2 Need mail command
503 No sender.
mail from:pkafkas1@wi.rr.com
503 5.5.2 Need mail command
mail from:pkafkas@wcd.org
250 2.1.0 Sender OK
rcpt to:petros_kaukas@yahoo.com
250 2.1.5 Recipient OK
data
354 Please start mail input.
test from the app server to yahoo account
.
250 Mail queued for delivery.
---------
220 voyager.ad.wcd.org Microsoft ESMTP MAIL Service ready at Thu, 18 Nov 2010 1:36:39 -0600
helo ad.wcd.org
250 voyager.ad.wcd.org Hello [192.168.1.187]
mail from:pkafkas@wcd.org
250 2.1.0 Sender OK
rcpt to:pkafkas@wcd.org
500 5.3.3 Unrecognized command
rcpt to:pkafkas@wcd.org
500 5.3.3 Unrecognized command
rcpt to:pkafkas@wcd.org
250 2.1.5 Recipient OK
data
354 Please start mail input.
10:38 am
.
250 Mail queued for delivery.
q
500 5.3.3 Unrecognized command
------------
220 voyager.ad.wcd.org Microsoft ESMTP MAIL Service ready at Thu, 18 Nov 2010 10:39:24 -0600
helo wcd.org
250 voyager.ad.wcd.org Hello [192.168.1.187]
mail from:pkafkas@wcd.org
501 5.5.4 Unrecognized parameter
mail from:test@wcd.org
250 2.1.0 Sender OK
rcpt to:petros_kaukas@yahoo.com
250 2.1.5 Recipient OK
data
354 Please start mail input.
10:40 am
.
250 Mail queued for delivery.
ASKER
I have received no e-mails to either of the emails listed above.
Sorry, been off for the night. Don't be disheartened yet, those responses give us more information to track down.
From the first response above, it looks as though it is not allowing the sending email address to relay.
mail from:pkafkas1@wi.rr.com
rc501 5.1.7 Invalid address
Here is a Microsoft article, but I don't think it is quite right as you are specifying a domain, it is just not recognising it. I wonder if it cannot reolve it?
I'll keep looking.
From the first response above, it looks as though it is not allowing the sending email address to relay.
mail from:pkafkas1@wi.rr.com
rc501 5.1.7 Invalid address
Here is a Microsoft article, but I don't think it is quite right as you are specifying a domain, it is just not recognising it. I wonder if it cannot reolve it?
I'll keep looking.
Response 2 above looks better as it recognises the senders address as vaild, but there is something restricting the basic commands. Possibly some restriction set on your Exchange server.
http://technet.microsoft.com/en-us/library/bb123686.aspx has a good description of the smtp test process.
Can you please try again with boxoffice@wcd.org as the sender and your address as the recipient, with NOTIFY=success,failure
try RCPT TO:"youremail address"
We need a better response at that point. Type the commands in Caps as per the document in case that is enforced in the RFC.
http://technet.microsoft.com/en-us/library/bb123686.aspx has a good description of the smtp test process.
Can you please try again with boxoffice@wcd.org as the sender and your address as the recipient, with NOTIFY=success,failure
try RCPT TO:"youremail address"
We need a better response at that point. Type the commands in Caps as per the document in case that is enforced in the RFC.
One more question, there is nothing like a firewall between the sending server and the Exchange server is there???
ASKER
Hello,
1. There is no firewall between the Application Server and the Exchange server.
2. Should I enter the commands as follows:
type telnet (email server) 25
type helo wcd.org
type mail from:boxoffice@wcd.org
type rcpt to:pkafkas@wcd.org
type NOTIFY=success,failure
type data
type some junk and hit enter
type . and hit enter
type q to exit.
1. There is no firewall between the Application Server and the Exchange server.
2. Should I enter the commands as follows:
type telnet (email server) 25
type helo wcd.org
type mail from:boxoffice@wcd.org
type rcpt to:pkafkas@wcd.org
type NOTIFY=success,failure
type data
type some junk and hit enter
type . and hit enter
type q to exit.
ASKER
According to " http://msexchangeteam.com/archive/2006/12/28/432013.aspx " if I change the Receive connector properties to use 'exchange users' - group instead of the 'Anonymous' - group I will be opening a spam security hole. Others can use this box to e-mail spoof our organization
I am not sure that is a good idea becasuse other business partners connect to this box and who knows what can happen if those other devices get compromised..
I am not sure that is a good idea becasuse other business partners connect to this box and who knows what can happen if those other devices get compromised..
change the rcpt to: to be RCPT TO:
It seems most of the references use upper case and maybe it needs it. Type each command and if there is not a success response we need to find out why.
type telnet (email server) 25
type set localecho
type HELO wcd.org
type MAIL FROM:boxoffice@wcd.org
type RCPT TO:pkafkas@wcd.org
type NOTIFY=success,failure
type DATA
type some junk and hit enter
hit enter (blank line
type something else here
type . and hit enter
type q to exit.
It seems most of the references use upper case and maybe it needs it. Type each command and if there is not a success response we need to find out why.
type telnet (email server) 25
type set localecho
type HELO wcd.org
type MAIL FROM:boxoffice@wcd.org
type RCPT TO:pkafkas@wcd.org
type NOTIFY=success,failure
type DATA
type some junk and hit enter
hit enter (blank line
type something else here
type . and hit enter
type q to exit.
Any time you start letting other devices send email through your system you open up a hole. You need to think carefully about what you are allowing, and where from. I personally find the Exchange "new way" to be confusing, and have to spend time checking each thing I do 50 times to be sure. The key is to allow the least through to get the job done.
If this box can send mail to your internal recipients, then anyone getting control of that box can use it to spam you. Not much you can do about that if you allow it in. I gather that it is not trying to send emails to external recipients, so the risk is limited to internal spam issues.
If this box can send mail to your internal recipients, then anyone getting control of that box can use it to spam you. Not much you can do about that if you allow it in. I gather that it is not trying to send emails to external recipients, so the risk is limited to internal spam issues.
ASKER
When we were using GroupWise (IP address on the 192.168.1.X/ subnet.) emails were able to be sent from this app server to both internal and external e-mail addresses.
Since we migrated to Exchange (Exchange Server on different subnet) only the internal emails were able to receive from this app server.
Since this latest upgrade, from the vendor, no emails were able to be sent. Now what they can do is just export the report to a .pdf or whatever and then save it somewhere. Then e-mail the report as an attachment.
To be honest I think this way is a lot more secure and I do not think its that big of a deal. What do you guys think?
Since we migrated to Exchange (Exchange Server on different subnet) only the internal emails were able to receive from this app server.
Since this latest upgrade, from the vendor, no emails were able to be sent. Now what they can do is just export the report to a .pdf or whatever and then save it somewhere. Then e-mail the report as an attachment.
To be honest I think this way is a lot more secure and I do not think its that big of a deal. What do you guys think?
If the server is not publicy accessible, then I guess the risk is minimal and the ease of use probably ouweighs the risk. No doubt it is more secure without email access but do you really want to cause your customers more hassle for minimal risk?
That decision is entirely yours, we should be able to get it working thoguh and you can make that decision separately.
That decision is entirely yours, we should be able to get it working thoguh and you can make that decision separately.
ASKER
Yes, it was just food for thought. But again you are correct 'Trackhappy' that is a seperate question.
The consultant that helped us migrate from our GroupWise System to Excahnge, also setup the 'Receive Connector' rule for this app server.
Like I mentined when we went to Exchange only e-mails to internal (wcd.org) e-mails were working. You cn see the properties of this rule from teh screen shot above. This was set for 'Anonymous'.
But now its not working at all. Except if the users just send the report as an attachment, instead of e-maling directly from the application. You may see the screen shot above with the E-mail confi tab.
The consultant that helped us migrate from our GroupWise System to Excahnge, also setup the 'Receive Connector' rule for this app server.
Like I mentined when we went to Exchange only e-mails to internal (wcd.org) e-mails were working. You cn see the properties of this rule from teh screen shot above. This was set for 'Anonymous'.
But now its not working at all. Except if the users just send the report as an attachment, instead of e-maling directly from the application. You may see the screen shot above with the E-mail confi tab.
ASKER
Anyone?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I figured this out with the help of our Exchange consultant.
type telnet (email server) 25
type helo domain.internal
type mail from:test@domain.xxx
type rcpt to:internalmailaddress@int
type data
type some junk and hit enter
type . and hit enter
type q to exit.
This is a basic smtp mail conversation and you will get variuos messages depending on what happens. Essentially, follow this through and see what replies come back. You substitute different domains and email addresses obviously and use different combinations of internaland external to test for local delivery (to internal recipients) or external (relay).
Tell us what it responds with.