Solved

Open Relay error when sending email to new Email domain

Posted on 2013-12-13
8
434 Views
Last Modified: 2013-12-19
Hi,
Just added a new email domain to an Exchange server.

The old email domain works OK as does sending out an email from the new domain.

However when trying to send an email from yahoo to the new Company email domain I get a

Remote host said: 550 This is not an open relay, Goodbye

error.

Whats the fix?  Thanks!
0
Comment
Question by:jmsjms
  • 5
  • 3
8 Comments
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39717459
That is no an Exchange error.
Therefore that would suggest you have the MX records wrong and are pointing the traffic at the wrong server.

Simon.
0
 

Author Comment

by:jmsjms
ID: 39718067
The MX record for the new email domain points to a host mail.newdomain.com  that has the same IP address as the other email domains we use.  I've double checked and the host has the correct IP address.

I spoke to our ISP and they say
"The fully qualified domain name used for the HELO should equal the domain used in the A record. This is set on the sending server itself. "

Well the default receive connector does indeed use InternalMailServerHostName.InternalDomain.local as the FQDN this connection will provide in response to  HELO or ELHO.

But I'm puzzled as the old email domains still work, just not the new one.

Also I cant even change this setting as I get
"Error: If the AuthMechanism attribute on a receive connector contains the value ExchangeServer, you much set the FQDN parameter on the Receive connector to one of the following values: the FQN of the transport server "InternalMailServerHostname.internaldomain.local", the NetBIOS name of the transport server "MailServerInternalHostName" or $null.

Err??!
0
 

Author Comment

by:jmsjms
ID: 39718084
I tried a telnet test and got this (on a pc outside the local network):

220 LocalNameOfemailServer.localDomain.local Microsoft ESMTP MAIL Service ready at Fri, 13 Dec 2013
 23:56:30 +0000
ehlo newEmailDomain.com
250-LocalNameOfemailServer.localDomain.local Hello [The IP address of telnet client]
250-SIZE
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-STARTTLS
250-X-ANONYMOUSTLS
250-AUTH NTLM
250-X-EXPS GSSAPI NTLM
250-8BITMIME
250-BINARYMIME
250-CHUNKING
250-XEXCH50
250-XRDST
250 XSHADOW
mail from:Username@newEmailDomain.com
250 2.1.0 Sender OK
rcpt to:MyEmail@yahoo.co.uk
550 5.7.1 Unable to relay
0
 

Author Comment

by:jmsjms
ID: 39721117
Right I've changed the Recieve connector so it reports back as newDomain.com.  I did this by ticking off Exchange server option in the permissions tab.

This has made no difference...
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39721212
The ISP has given you incorrect information.

The FQDN for INBOUND email means nothing and changing the Receive Connector was a waste of time and can actually cause you problems. You should change it back to the default configuration, which is the FQDN of the server.
The only FQDN that is of concern is the outbound Send Connector FQDN.

The telnet test you have posted seems correct. You have attempted to send an email FROM the new domain to an external recipient. Exchange has rejected it, exactly as I would expect. Otherwise Exchange would be an open relay.

Are you still getting the same NDR? The original NDR as posted is not an Exchange NDR.
MX records shouldn't be pointing at IP addresses either, they should point at an A record.

Simon.
0
 

Author Comment

by:jmsjms
ID: 39721342
Hi SImon,  The MX record is pointing to a Mail.emailDomain.Com Host (A) record.  Each email host then points to an IP address.

I'll change the FQDN back then thanks.

I've just done another test and I get

 
Failure Notice


MAILER-DAEMON@yahoo.com

Today at 1:29 PM
 
To MyEmail@yahoo.co.uk



 
Sorry, we were unable to deliver your message to the following address.

<MyCompanyIDname@NewDomain.com>:
Remote host said: 550 This is not an open relay, Goodbye. [RCPT_TO]

--- Below this line is a copy of the message.

Received: from [77.238.189.50] by nm24.bullet.mail.ird.yahoo.com with NNFMP; 16 Dec 2013 13:29:38 -0000
Received: from [212.82.98.108] by tm3.bullet.mail.ird.yahoo.com with NNFMP; 16 Dec 2013 13:29:38 -0000
Received: from [127.0.0.1] by omp1045.mail.ir2.yahoo.com with NNFMP; 16 Dec 2013 13:29:38 -0000
X-Yahoo-Newman-Property: ymail-3
X-Yahoo-Newman-Id: 697287.41693.bm@omp1045.mail.ir2.yahoo.com
Received: (qmail 74020 invoked by uid 60001); 16 Dec 2013 13:29:38 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.co.uk; s=s1024; t=1387200578; bh=ASiWGiAYl8sCbMnQFafpyUBt99mMemm7XE9OIsTcjjc=; h=X-YMail-OSG:Received:X-Rocket-MIMEInfo:X-Mailer:Message-ID:Date:From:Reply-To:Subject:To:MIME-Version:Content-Type; b=GVGQy16/nIxCKphFPICRXe9O2hZqRMr9Bu8HnNMFdZt277pU32UvPjXz7GhWqykj88vfvSGv3O4GJARdhLh6ieJ28JqabkVhEQQbDdtmTkYJfzbBaCPNhXqxbH6IB2XkkZcP2TwsDppF8yikOCR2X0XxI6VEpLf0tbbK1fiXXyQ=
DomainKey-Signature:a=rsa-sha1; q=dns; c=nofws;
  s=s1024; d=yahoo.co.uk;
  h=X-YMail-OSG:Received:X-Rocket-MIMEInfo:X-Mailer:Message-ID:Date:From:Reply-To:Subject:To:MIME-Version:Content-Type;
  b=VB39+2WeIF+/A6vh14DEY6uFOQ0cdJBsRvoXqPKkk7ItApa/0PZOtTwZPkh+YbHBxvCNr3v1MrsltJbFEHw7bvLGCfxckEwy8ZSzVclAMG6ZrUDHf6qfeIVWtETg4ecVqZ8JMD4z2L+3NNkecd1hE3KHUaQRJWTvmJJTpVK4Fxw=;
X-YMail-OSG: h5B_5TEVM1kzpusoklBmbkPRjr9iAR5niJ6sXGwNiO.tSiZ
 fD4TNIZaRxBv3UOXNz9lXnS0noIomC3sL1NX9oZHOBwNTRSdiXP1Qy6oa17F
 Kl0NxRRENEcO2RmHs_6gyrc3FOckIoe3KVTIPfpSIP2MQpSWNI6DZb1TmZhE
 7Qhlm9AyYxEllGzXfqFyHRVWU5r5ysvLeMJZy9TEG1oZY6kzlbcuivwQhYg_
 GIOF7Gee4oeNWvs_IlXb3X1JVRQ98xLjN3fpMso8e1RzLAIKjbkXYGqKzQnt
 0FD2IKFQ5XIouoXdw5loBmmegLxCvKO.OZkYsa6bjHnQ1vF1UQUvDoKKk3XW
 vFU65GTm5jSVxkpj10HprsJvLpUTUAEiohzyRK2kFbIaBtm8d7MkZDVT4hVe
 EvuaQ12wIqc_ZLZ1OVdZKWiUvEwhSURZW.m3Fkt8XgQrB114x1HIXSG_tijt
 Soitxz.BmB9XhHl_zW.AARv6DliR4gGEfltzndCaGa7Z2enjZ7zgVQREsd5b
 JItt0HtuuMTchOnytopWGTXBCzfYgrTqxBPWmxX.hhABKYMhFsImtqxEckA-
 -
Received: from [88.96.224.46] by web172302.mail.ir2.yahoo.com via HTTP; Mon, 16 Dec 2013 13:29:38 GMT
X-Rocket-MIMEInfo: 002.001,dGVzdAoBMAEBAQE-
X-Mailer: YahooMailWebService/0.8.169.609
Message-ID: <1387200578.64329.YahooMailNeo@web172302.mail.ir2.yahoo.com>
Date: Mon, 16 Dec 2013 13:29:38 +0000 (GMT)
From: me <MyEmail@yahoo.co.uk>
Reply-To: me <MyEmail@yahoo.co.uk>
Subject: Test to New DOmain from Yahoo 13:29 16/12/2013
To: "MyCompanyIDname@NewDomain.com" <MyCompanyIDname@NewDomain.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="1453005445-700670671-1387200578=:64329"

--1453005445-700670671-1387200578=:64329
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

test=0A
--1453005445-700670671-1387200578=:64329
Content-Type: text/html; charset=utf-8
Content-Transfer-Encoding: quoted-printable

<html><body><div style=3D"color:#000; background-color:#fff; font-family:He=
lveticaNeue, Helvetica Neue, Helvetica, Arial, Lucida Grande, Sans-Serif;fo=
nt-size:10pt"><div>test</div></div></body></html>
--1453005445-700670671-1387200578=:64329--
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 500 total points
ID: 39721779
"550 This is not an open relay, Goodbye. [RCPT_TO]"

This is not an Exchange NDR. So for whatever reason the wrong host is being used for delivery. Have you used any other site to test? Such as mxtoolbox ?

Simon.
0
 

Author Comment

by:jmsjms
ID: 39728705
Just done the MS email diagnostic.

Our ISP provides email backup servers which normally have a higher priority (lower number of course) than the COmpany Mail server.

Looking at the MS diag it looks like the email is hitting the backup mail server first and being rejected by that. Hence it not being an exchange NDR.

Many thanks for your help it's given me confidence to make a complaint to the ISP and ask for someone there that can handle this sort of issue.  

I'll mark this question as Answered.  If I get another issue once this is passed I'll put in another question.

Simon you the man re email. :-) Cheers
0

Featured Post

How does your email signature look on mobiles?

Do your employees use mobile devices to reply to emails? With mobile becoming increasingly important to the business world, it is in your best interest to make sure that your email signature looks great across all types of devices.

Join & Write a Comment

Easy CSR creation in Exchange 2007,2010 and 2013
Marketers need statistics and metrics like everybody else needs oxygen. In this article we explain how to enable marketing campaign statistics for Microsoft Exchange mail.
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
how to add IIS SMTP to handle application/Scanner relays into office 365.

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now