Managing Active Directory can get complicated. Often, the native tools for managing AD are just not up to the task. The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.
Course Of The Month
4 days, left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
Exchnage 2003 Mail Relay
Posted on 2011-02-24
I manage an Exchange 2003 server with all service packs and security fixes applied. I have triple checked this server so that it does not relay. I even used the following article to confirm its setup not to relay:
http://www.servolutions.com/support/config_exchange_2003.htm#section3
Everything checks out. However, when I run an online relay test on http://www.test-smtp.com/, its states my server is a relay. This site conducts 28 tests, and on Test 17 it states Host is an open relay!
I ran another online test on this site: http://www.antispam-ufrj.pads.ufrj.br/test-relay.html
and it stated "Relay test result
Ops!!! Host appeared to accept a message relay, but it may or not may a positive open relay. I need procced a complete test, sending a test message to probe it. This anonymous user test did not send a test message. "
I manage several Exchange 2003 servers with an identical smpt connector setup and do not have a relay problem.
In the app event viewer, I saw the following Event ID 7010 (MSExchangeTransport) message:
Event Type: Error
Event Source: MSExchangeTransport
Event Category: SMTP Protocol
Event ID: 7010
Date: 2/24/2011
Time: 3:20:21 PM
User: N/A
Computer: APOLLO
Description:
This is an SMTP protocol log for virtual server ID 2, connection #8. The client at "146.164.48.5" sent a "rcpt" command, and the SMTP server responded with "550 5.7.1 Unable to relay for relaytest%antispam-ufrj.pa
I am a bit confused in that this server could a relay, but I've done everything possible to ensure its not. Any ideas as to what is going on?
http://www.servolutions.com/support/config_exchange_2003.htm#section3
Everything checks out. However, when I run an online relay test on http://www.test-smtp.com/, its states my server is a relay. This site conducts 28 tests, and on Test 17 it states Host is an open relay!
I ran another online test on this site: http://www.antispam-ufrj.pads.ufrj.br/test-relay.html
and it stated "Relay test result
Ops!!! Host appeared to accept a message relay, but it may or not may a positive open relay. I need procced a complete test, sending a test message to probe it. This anonymous user test did not send a test message. "
I manage several Exchange 2003 servers with an identical smpt connector setup and do not have a relay problem.
In the app event viewer, I saw the following Event ID 7010 (MSExchangeTransport) message:
Event Type: Error
Event Source: MSExchangeTransport
Event Category: SMTP Protocol
Event ID: 7010
Date: 2/24/2011
Time: 3:20:21 PM
User: N/A
Computer: APOLLO
Description:
This is an SMTP protocol log for virtual server ID 2, connection #8. The client at "146.164.48.5" sent a "rcpt" command, and the SMTP server responded with "550 5.7.1 Unable to relay for relaytest%antispam-ufrj.pa
I am a bit confused in that this server could a relay, but I've done everything possible to ensure its not. Any ideas as to what is going on?
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
-
3
2
2
7 Comments
Active today
I'm not familiar with the sites you used for your test. Try MXToolbox - it's very simple:
www.mxtoolbox.com/diagnostic.aspx
The 7010 error message is a very good indicator that relays are not being allowed.
Just curious - where did you come up with the server name "Apollo"? Is that your actual server name?
www.mxtoolbox.com/diagnostic.aspx
The 7010 error message is a very good indicator that relays are not being allowed.
Just curious - where did you come up with the server name "Apollo"? Is that your actual server name?
Active today
This seems to be Permissions problem. It looks that the sender is not allowed to email this account or an anonymous user is trying to send mail to a DL.
Follow below steps:
Check SMTP Virtual Server Access Tab.
Check : Allow computers which successfully authenticate to relay
Lastly, check at user end, might be user created email address that does not match your exchange server system policy.
Follow below steps:
Check SMTP Virtual Server Access Tab.
Check : Allow computers which successfully authenticate to relay
Lastly, check at user end, might be user created email address that does not match your exchange server system policy.
Active 1 day ago
hypercat - I also tried mxtoolbox, and the results were and still are favorable. Everything gave a green light with the exception of a Warning - Reverse DNS does not match smtp banner. That's no big deal, and I am not concerned with that warning.
I usually name my servers after Greek Gods, and I usually name the Exchange Server Apollo.
I usually name my servers after Greek Gods, and I usually name the Exchange Server Apollo.
Active 1 day ago
amitkulshrestha, The setting "Allow all computers which successfully authenicate to relay, regardless of the list above" setting is checked. The Event ID 7010 message displayed abovdisplayed on the exchange server when I ran the online smtp relay tests. Each individual relay test were denied relay access, but then towards the end the test revealed it was an open relay. So I included the 7010 event id of the attempt to relay by that particular test, and I believe it could not relay based on that message. I just fiind it confusing some online sites indicate this exchange server is a relay and others not. I manage other exchange servers with identical default smpt protocal settings and all sites indicate they are not relays with the exception of this mail server. I hope this explanation makes sense.
Active today
I think you are all set, cmp119. The rDNS warning will not cause any issues in the real-world, as you know, as long as there IS an rDNS record. Although to make everything completely and utterly correct, you should have the ISP change the PTR record to match your public mail server name (the one that it is advertising on the banner) if possible.
(ASIDE) The reason I asked about the server name is because I do a similar thing. I believe even techies (maybe especially techies) need a creative outlet sometimes too, and it just irritates me when someone names all their servers "Server1" Server2" etc., could you be MORE BORING! It seemed a weird coincidence to me, though, that it so happens I have a client site where I use Apollo as the email server name too (along with Circe, Atlas, Mercury, etc., for the other servers).
(ASIDE) The reason I asked about the server name is because I do a similar thing. I believe even techies (maybe especially techies) need a creative outlet sometimes too, and it just irritates me when someone names all their servers "Server1" Server2" etc., could you be MORE BORING! It seemed a weird coincidence to me, though, that it so happens I have a client site where I use Apollo as the email server name too (along with Circe, Atlas, Mercury, etc., for the other servers).
Featured Post
Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies. Only from Platform Scholar.
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
As tax season makes its return, so does the increase in cyber crime and tax refund phishing that comes with it
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center.
Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center.
Navigate to the Mail Flow >> Rules tab.: To cr…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Suggested Courses
Course of the Month4 days, left to enroll
Earn Certification
MTA Mobility Device Fundamentals (Exam 98-368)
$59.00$53.10
691 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.