RFloyd30
asked on
Exchange 2010 Allow Relay
We have an exchange 2010 server. Users use GreatPlains software and have the ability to email from the applications directly. It appears that GP's does not use the mapi profile on the workstation (outlook 2010 and 2007) but sends the email directly. You control the email server via a config file on the PC.
Therefore, I need to allow the entire subnet, my internal subnet, to relay off the server to send emails to outside email addresses. If they send to an Exchange user, it works no problem. The issues is sending to other domains.
Receive connector:
[PS] C:\>get-receiveconnector -identity "greatplains" |FL
RunspaceId : b45592cf-4c66-406d-a2a6-be a9eeda9e6f
AuthMechanism : Tls, ExternalAuthoritative
Banner :
BinaryMimeEnabled : True
Bindings : {0.0.0.0:25}
ChunkingEnabled : True
DefaultDomain :
DeliveryStatusNotification Enabled : True
EightBitMimeEnabled : True
BareLinefeedRejectionEnabl ed : False
DomainSecureEnabled : False
EnhancedStatusCodesEnabled : True
LongAddressesEnabled : False
OrarEnabled : False
SuppressXAnonymousTls : False
AdvertiseClientSettings : False
Fqdn : server.domain.local
Comment :
Enabled : True
ConnectionTimeout : 00:10:00
ConnectionInactivityTimeou t : 00:05:00
MessageRateLimit : unlimited
MessageRateSource : IPAddress
MaxInboundConnection : 5000
MaxInboundConnectionPerSou rce : 20
MaxInboundConnectionPercen tagePerSou rce : 2
MaxHeaderSize : 64 KB (65,536 bytes)
MaxHopCount : 60
MaxLocalHopCount : 12
MaxLogonFailures : 3
MaxMessageSize : 10 MB (10,485,760 bytes)
MaxProtocolErrors : 5
MaxRecipientsPerMessage : 200
PermissionGroups : AnonymousUsers, ExchangeServers
PipeliningEnabled : True
ProtocolLoggingLevel : None
RemoteIPRanges : {192.168.102.0/24}
RequireEHLODomain : False
RequireTLS : False
EnableAuthGSSAPI : False
ExtendedProtectionPolicy : None
LiveCredentialEnabled : False
TlsDomainCapabilities : {}
Server : DIFS02
SizeEnabled : Enabled
TarpitInterval : 00:00:05
MaxAcknowledgementDelay : 00:00:30
AdminDisplayName :
ExchangeVersion : 0.1 (8.0.535.0)
Name : GreatPlains
DistinguishedName : CN=GreatPlains,CN=SMTP Receive Connectors,CN=Protocols,CN =DIFS
N=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Admin istr
=First Organization,CN=Microsoft Exchange,CN=Services,CN=Co nfi
anyind,DC=local
Identity : DIFS02\GreatPlains
Guid : 75bd38ce-6ce8-4465-ad35-35 20b7afb005
ObjectCategory : domain.local/Configuration /Schema/ms -Exch-Smtp -Receive-C onn
ObjectClass : {top, msExchSmtpReceiveConnector }
WhenChanged : 8/23/2012 11:35:22 PM
WhenCreated : 8/23/2012 11:35:08 PM
WhenChangedUTC : 8/24/2012 3:35:22 AM
WhenCreatedUTC : 8/24/2012 3:35:08 AM
OrganizationId :
OriginatingServer : server.domain.local
IsValid : True
Set permission with shell for connector:
Get-ReceiveConnector "greatplains" | Add-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON" -ExtendedRights "Ms-Exch-SMTP-Accept-Any-R ecipient"
Error from PC and Application:
"Order email failure.... 5.7.1 Unable to relay"
We did this in 2003 on the virtual smtp connector and it worked.
Please advise my mistakes?
Thanks
Therefore, I need to allow the entire subnet, my internal subnet, to relay off the server to send emails to outside email addresses. If they send to an Exchange user, it works no problem. The issues is sending to other domains.
Receive connector:
[PS] C:\>get-receiveconnector -identity "greatplains" |FL
RunspaceId : b45592cf-4c66-406d-a2a6-be
AuthMechanism : Tls, ExternalAuthoritative
Banner :
BinaryMimeEnabled : True
Bindings : {0.0.0.0:25}
ChunkingEnabled : True
DefaultDomain :
DeliveryStatusNotification
EightBitMimeEnabled : True
BareLinefeedRejectionEnabl
DomainSecureEnabled : False
EnhancedStatusCodesEnabled
LongAddressesEnabled : False
OrarEnabled : False
SuppressXAnonymousTls : False
AdvertiseClientSettings : False
Fqdn : server.domain.local
Comment :
Enabled : True
ConnectionTimeout : 00:10:00
ConnectionInactivityTimeou
MessageRateLimit : unlimited
MessageRateSource : IPAddress
MaxInboundConnection : 5000
MaxInboundConnectionPerSou
MaxInboundConnectionPercen
MaxHeaderSize : 64 KB (65,536 bytes)
MaxHopCount : 60
MaxLocalHopCount : 12
MaxLogonFailures : 3
MaxMessageSize : 10 MB (10,485,760 bytes)
MaxProtocolErrors : 5
MaxRecipientsPerMessage : 200
PermissionGroups : AnonymousUsers, ExchangeServers
PipeliningEnabled : True
ProtocolLoggingLevel : None
RemoteIPRanges : {192.168.102.0/24}
RequireEHLODomain : False
RequireTLS : False
EnableAuthGSSAPI : False
ExtendedProtectionPolicy : None
LiveCredentialEnabled : False
TlsDomainCapabilities : {}
Server : DIFS02
SizeEnabled : Enabled
TarpitInterval : 00:00:05
MaxAcknowledgementDelay : 00:00:30
AdminDisplayName :
ExchangeVersion : 0.1 (8.0.535.0)
Name : GreatPlains
DistinguishedName : CN=GreatPlains,CN=SMTP Receive Connectors,CN=Protocols,CN
N=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Admin
=First Organization,CN=Microsoft Exchange,CN=Services,CN=Co
anyind,DC=local
Identity : DIFS02\GreatPlains
Guid : 75bd38ce-6ce8-4465-ad35-35
ObjectCategory : domain.local/Configuration
ObjectClass : {top, msExchSmtpReceiveConnector
WhenChanged : 8/23/2012 11:35:22 PM
WhenCreated : 8/23/2012 11:35:08 PM
WhenChangedUTC : 8/24/2012 3:35:22 AM
WhenCreatedUTC : 8/24/2012 3:35:08 AM
OrganizationId :
OriginatingServer : server.domain.local
IsValid : True
Set permission with shell for connector:
Get-ReceiveConnector "greatplains" | Add-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON" -ExtendedRights "Ms-Exch-SMTP-Accept-Any-R
Error from PC and Application:
"Order email failure.... 5.7.1 Unable to relay"
We did this in 2003 on the virtual smtp connector and it worked.
Please advise my mistakes?
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for the replies.
I think it was working the entire time. It appears that the application has a method of sending a single item like an invoice or sending in "bulk" and i would assume many invoices. When yous end a single item, the email works.
So back to the application...
Solution: Follow the link given above - This is exactly the way i setup the receive connector in the beginning and also had the anonymous checked. Not sure if it will work without that checked and may get a chance to test that - if so I will update post.
Thanks for the time.
I think it was working the entire time. It appears that the application has a method of sending a single item like an invoice or sending in "bulk" and i would assume many invoices. When yous end a single item, the email works.
So back to the application...
Solution: Follow the link given above - This is exactly the way i setup the receive connector in the beginning and also had the anonymous checked. Not sure if it will work without that checked and may get a chance to test that - if so I will update post.
Thanks for the time.
http://technet.microsoft.com/en-us/library/bb232021.aspx
This will briefly allow you to Relay ... you need to provide relay on the Receive connector for the IP's :)
- Rancy