Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Users in remote Exchange 2010 site get 550 5.7.1 Unable to relay

Posted on 2011-09-12
25
455 Views
Last Modified: 2012-06-27
Hi,
Some of our users in our remote branches are getting a 550 5.7.1 Unable to relay. We have two Exchange sites. Site A hosts HQ’s mailboxes. Site B is the site that hosts the branches. Site B mostly services clients that are configured as SMTP and POP3.  There are 4 servers in each site, 2 HUB/CAS servers and 2 mailbox servers.
Some users running in site B get 550 5.7.1 Unable to relay errors from time to time. So the only way I can get the mail to flow again is to configure one receive connector to “Exchange Server authentication” in site A and one in site B. The other remaining connector must then be configured to “Externally Secured”(See Pic 1). Only then does the mail flow externally . But this configuration does not work for long. After a while the errors are back. I have tried a few config’s. If I put all 4 servers receive connector to “Externally Secured I get the following error: Cannot achieve Exchange server authentication. “ Attempted failover to alternative host, but that did not succeed.” Either there are no alternate hosts, or delivery failed to all alternate hosts. The permissions group on all receive connectors (Client and Default) are all selected except Partners.
It seems like only users that have an SMTP and POP3 configuration are impacted. Web App users and Exchange online mode are not affected.

Pic-1.PNG
0
Comment
Question by:ablsysadmin
  • 13
  • 10
  • +1
25 Comments
 
LVL 14

Expert Comment

by:setasoujiro
ID: 36523000
this might be a stupid question, but outlook is configured to use authentication on the outgoing server?
0
 
LVL 14

Expert Comment

by:setasoujiro
ID: 36523003
also, can you deliver mail using telnet on the server that does not want to relay?
0
 

Author Comment

by:ablsysadmin
ID: 36523061
hi, will check the setting again if i find a user that has this issue. will report back asap. What are the default settings on the receive connectors?
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 14

Expert Comment

by:setasoujiro
ID: 36523112
default would be :
under authentication:
TLS/Basic/Integrated windows/Exchange server

Permission groups:

Anonymous
exchange users
exchange servers
legacy exchange

0
 
LVL 4

Expert Comment

by:ctc1900
ID: 36523221
It sounds like you have more than one receive connector bound to the same IP, thus you are seeing different results at different times.  Verify your receive connectors are bound to distinct IP addresses.
0
 

Author Comment

by:ablsysadmin
ID: 36525034
@setasoujiro: Thanks for the reply. Should these settings be set on site A or site B?
@ctc1900:. Also...thanks for the reply. all bound to the same IP...
0
 

Author Comment

by:ablsysadmin
ID: 36525222
@setasoujiro: your setting are not solving the issue.

i got it working as per screen shot on one CAS server in each site. This setting was set on both client and default receive connectors. Screen Shot
0
 
LVL 14

Expert Comment

by:setasoujiro
ID: 36525253
you need the other ones as well in order to have normal outlook clients+outlook anywhere clients connect. That's why i said the default would be like that :)
0
 

Author Comment

by:ablsysadmin
ID: 36525334
No outlook anywhere clients just yet. .....ok so just to make sure here. should i have all 4 CAS/HUB servers set as the screnshot above?
0
 
LVL 14

Expert Comment

by:setasoujiro
ID: 36525353
no only the CAS servers at the sites where people need to send mail that way...
unless it's in all sites ofcourse
0
 

Author Comment

by:ablsysadmin
ID: 36525451
ok, now they can send mail but not receiving anything
0
 
LVL 14

Expert Comment

by:setasoujiro
ID: 36525476
that's because you need to set the "basic authentication" i think
0
 

Author Comment

by:ablsysadmin
ID: 36525509
ok, let me try
0
 

Author Comment

by:ablsysadmin
ID: 36525540
ok wait. should this be set on the remote CAS servers because it can't be set on the servers with the external secure setting
0
 
LVL 14

Expert Comment

by:setasoujiro
ID: 36525550
on the ones where outlook tries to do pop3 to...
to be honest i'm not following entirely with your several machines anymore :)
so i'll try my best
0
 

Author Comment

by:ablsysadmin
ID: 36525651
not working. I am running out of idea's i have now set it back to the original settings. seems like everythinig is working again but the question is for how long. its getting late so i will have to call it a night now. I will update again when i get the issue. one thing is that i can even log a call with MS because we run these servers on vmware
0
 
LVL 14

Expert Comment

by:setasoujiro
ID: 36525719
so it's not a problem when running on vmware afaik...
vmware is a supported platform...
But i will too call it a night and read everything again tomorrow fresh and revived :)
0
 

Author Comment

by:ablsysadmin
ID: 36525738
thanks for the assistance. speak soon
0
 
LVL 23

Expert Comment

by:Malli Boppe
ID: 36527476
I don't why you creating receive connectors the default conenctors should be sufficient to receive emails.

Can you tell me at each site what exchange servers do you have ?
Do you have send connectors at each site  for sending external email.

"Some users running in site B get 550 5.7.1 Unable to relay errors from time to time " when do you get this message. Is it when using any application to raly emails or when using outlook.
0
 

Author Comment

by:ablsysadmin
ID: 36527581
hi, i am not creating receive connectors. These are the default ones created when you install. The users get this error if the receive connectors are all configured as Exchange Server Authentication

The users getting this error when sending use outlook config'ed as smtp/pop3
0
 

Author Comment

by:ablsysadmin
ID: 36527831
When the same users log on to webapp and try to send mail every mail gets sent
0
 

Author Comment

by:ablsysadmin
ID: 36528263
0
 
LVL 14

Accepted Solution

by:
setasoujiro earned 500 total points
ID: 36528395
i don't get it, this is the same thing that i said a couiple posts earlier...
0
 

Author Comment

by:ablsysadmin
ID: 36528402
ooh crap...sorry dude. was late last night nad i did not update the setting on the client side. but tx for the help.
0
 
LVL 14

Expert Comment

by:setasoujiro
ID: 36528430
no problem , glad to help :)
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Find out what you should include to make the best professional email signature for your organization.
This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question