Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

exchange 2007: how to allow authencated user to relay?

Posted on 2011-04-29
10
Medium Priority
?
432 Views
Last Modified: 2012-05-11
I would like to know how to allow authenticated user to relay through our exchange 2007 server.
But not open relay.
0
Comment
Question by:okamon
  • 3
  • 3
  • 2
  • +1
10 Comments
 
LVL 8

Expert Comment

by:ckeshav
ID: 35493431
What is the exact requirement.
Authenticated user are not required to relay they are authenticated to send mail.
But still you can create a different receive connector and add the IP's of the system from which the user wants to send mail. I'm not sure if this is your requirement.
0
 
LVL 37

Expert Comment

by:Jamie McKillop
ID: 35494358
Hello,

The default client receive connector is configured on port 587. Make sure your mail client is set to use that port and it should work.

JJ
0
 
LVL 3

Expert Comment

by:Mbhushan
ID: 35494653
Thats true, Authenticated user are not required to relay they are authenticated to send mail.


It is required to Create a Receive Connector that Grants Anonymous Relay Permission  to Specific Source IP Addresses

For example, to create a new Receive connector named "Our Relay Connector" that listens on local IP address 10.5.2.10 on port 25 from a source server at IP address 10.5.5.110, run the following command

New-ReceiveConnector -Name "Our Relay Connector" -Usage Custom -PermissionGroups AnonymousUsers -Bindings 10.5.2.10 -RemoteIpRanges 10.5.5.110
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 

Author Comment

by:okamon
ID: 35497414
I thought that too, but it was not working for me. Here is my situation, I am configuring a software on a customer server. And since they don't have SMTP server to use, so I used our smtp server.
I specify our smtp server's internet FQDN(ex:mail.abc.com) and enter my domain user name and password. I don't have problem sending email to any internal users(user@abc.com), BUT I cannot send mail to external user (for ex: xyz.com). Note, The port 25 is not blocked by their ISP
0
 
LVL 8

Accepted Solution

by:
ckeshav earned 800 total points
ID: 35497913
This will not work because you are trying to use your SMTP server which is authoritative to send mails from your domain(say abc.om), but you are trying to send out mails from your Exchange server but the From ID would be of your customer domain(say xyz.com) Your STMP server will accept mails as you have allowed relay but it will you to change the From Domain to send mail.
You may to add your customer domain in the authoritative domain and try sending the mail

I'm not sure of your exact setup. It is better you post the exact setup while posting the question.
From my understanding you don't have any relay server or Edge server. If you have then what I'm suggesting above would not be relevant

0
 
LVL 37

Assisted Solution

by:Jamie McKillop
Jamie McKillop earned 400 total points
ID: 35504478
@ckeshav

What you have posted is incorrect. If the client is permitted to relay, the from domain does not matter. This could cause some issues with anti-spam solutions but it would not prevent Exchange from relaying the message.

The problem here is that the Default receive connected on port 25 is setup by default with Exchange Server authentication. This is intended so that only Exchange servers themselves can use the connector. There is a Client receive connector that is setup by default on port 587 that has basic and integrated authentication enabled by default. You can either change the sending server to use port 587 to send to your server or change the security on the default receive connector so that Basic Authentication is enabled.

JJ
0
 
LVL 8

Assisted Solution

by:ckeshav
ckeshav earned 800 total points
ID: 35504550
JJ - Please try to understand the requirement.

He is trying to send a mail from some application outside his environment, using his SMTP server but the from ID would be of the customer. I'm not sure if he has a relay server or Edge server in between.
If his directly connecting to a Internet facing CAS server, this would not work and that is the reason it is not working.
0
 
LVL 37

Expert Comment

by:Jamie McKillop
ID: 35504625
I understand his requirement and what you said is still wrong. As long as the receive connector is setup correctly and he is authenticating, he will be able to relay, regarless of what From address he uses.

JJ
0
 

Author Comment

by:okamon
ID: 35774579
.
0
 
LVL 3

Assisted Solution

by:Mbhushan
Mbhushan earned 400 total points
ID: 36401728
Test open relay

Telnet to mail.myserver.com at port 25 and issue all the following commands:
helo client.server.com
mail from: user@yourdmian.com
rcpt to: mbhushan@hotmail.com

telnet mail.myserver.com 25

Output:

Trying 202.51.x.xxx...
Connected to mail.myserver.com.
Escape character is '^]'.
220 mail.myserver.com ESMTP Postfix
helo client.server.com
250 mail.myserver.com
mail from: user@yourdmian.com
250 Ok
rcpt to: mbhushan@hotmail.com
554 : Relay access denied

As you see access denied to send email i.e. my mail server is NOT open relay.
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article describes Top 9 Exchange troubleshooting utilities that every Exchange Administrator should know. Most of the utilities are available free of cost. List of tools that I am going to explain in this article are:   Microsoft Remote Con…
You finally migrated Public Folders to Office 365, decommissioned the Public Folder mailbox database and since then, when you send an email from on-premise to mail-enabled Public Folders, you get the following error: "Misconfigured public folder mai…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Whether it be Exchange Server Crash Issues, Dirty Shutdown Errors or Failed to mount error, Stellar Phoenix Mailbox Exchange Recovery has always got your back. With the help of its easy to understand user interface and 3 simple steps recovery proced…
Suggested Courses

571 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question