exchange smtp server relay

we are getting rid of the old mail server, but we will still need a smtp server to send out some email. so I setup smtp server, which is built-in in IIS.
I run a telnet test and try to send it to my own domain user. For example:
rcpt to:kelly!
550 5.7.1 unable to relay for
As soon as I put the PC IP where I am running telnet test in the "Relay" list, I don't have problem send out the test. But this sounds weired, as I checked the old mail server smtp setting and I didn't have to put any ip there and it allowed me to do the test without problem.

Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

If you don't want to add all of the IP's that you would like to have the ability to relay you could change the setting from 'Only the list below' with specified IP's to ''All except the list below'. That would allow relay from all your IP's unless you specify any that should not.
Are you authenticating the accont on either the old environment or the new one?
Add in your accepted domains on your exchange
10 Tips to Protect Your Business from Ransomware

Did you know that ransomware is the most widespread, destructive malware in the world today? It accounts for 39% of all security breaches, with ransomware gangsters projected to make $11.5B in profits from online extortion by 2019.

Suliman Abu KharroubIT Consultant Commented:
please see the check box in your attached screenshot " allow all computers..."
okamonAuthor Commented:
not sure if you guys understand me. Now the exchange server is no longer in my domain. I just setup smtp server using the one found in IIS server.

I just don't understand why I need to add those IPs there in order to send to myself (
I checked my old exchange smtp setting, i didn't put any IP there and it allowed me to send to myself while doing telnet test.
Exchange handles that part for you basically. Since exchange is integrated into your AD you don't need to worry about that. You just have IIS setup fore SMTP relay, the way you have it configured in your screenshot shows that you are requiring auth to relay unless the IP is listed. If you simply change that to 'All except the list below'  you will not need to specify IP's.

I fully understand that you have removed your Exchange server..
okamonAuthor Commented:
>> the way you have it configured in your screenshot shows that you are requiring auth to relay
This is same as my old exchange smtp setting. I know I changed to 'All except the list below', it will not require I put IP. But my question is why I ddin't have to do this in my exchange server, but I have to do this here? Because exchange was ad integrated? but I can still authenticate with my domain login to use the smtp server here.
Suliman Abu KharroubIT Consultant Commented:
does the check box in your screenshot active in the old server?
What you have setup now is not the same as exchange.
okamonAuthor Commented:
>> What you have setup now is not the same as exchange.
What is different?
Right now, you have just SMTP relay setup via IIS.

When Exchange Server is installed, it extends the underlying SMTP functionality by:

Moving management of the SMTP service (by means of SMTP virtual servers) from the IIS administrative console to Exchange System Manager.

Implementing support for link state information. Exchange uses link state information to determine the best method for sending messages between servers, based on the current status of messaging connectivity and cost, and the associated expense of the route that you define based on your topology.

Extending SMTP to support the command verbs that are used to support link state routing and other Exchange functionality.
okamonAuthor Commented:
Thanks. I know the one you mentioned above are different. But I was talking authentication part.
when I had exchange server on premise, I didn't have to add any computer in the Relay property as shown in my first post and I was able to telnet to the server and send message to ay internal users.
But right now, when I cannot telnet unless I add the computer IP in the relay list. This is what I wanted to know why.
Exchage will allow you to relay unauthenticated so long as you are on the same subnet. It does that in a default configuration. Unless you configure it to do otherwise, you will not need to authenticate when in an exchange environment (SMTP auth). You have a much leaner version of the SMTP protocol with just SMTP in IIS. This is the reason for the additional configuration.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.