Solved

SBS 2011 Internal Application Sending E-Mail To Internal Exchange Server

Posted on 2013-12-29
7
389 Views
Last Modified: 2013-12-30
I have looked and this has been discussed in a different light but not specifically this way and the answers have not worked for me. I have several internal applications that I would like to have to send email updates/failures on processes that occur in the background. Some of the applications have not issues and others repeatedly fail with "authentication" issues or unspecified reasons. I see not reason why this should occur and was wondering if anyone had experience in general with applications like this and what the problem is and is it something I can set or is it not designed to work this way from the vendor. For the most part I can use my smart host and send that way but it should work and doesn't and I would like to know why.
0
Comment
Question by:mohrk
  • 4
  • 2
7 Comments
 
LVL 10

Expert Comment

by:Korbus
ID: 39745003
Are these various applications configured seperately?  If so, it could be simply an error in the configuration (un/pw) of those apps with problems.

Are the email apps that fail AND succeed all running on the same machine?

Are they all tring to connect to the same email account?

To know weather or not your apps SHOULD be able to do what you want, we would need more details about them.
0
 

Author Comment

by:mohrk
ID: 39745047
Generally speaking they run on client, server and can also be devices. Both SBS connectors are listening on port 25 but that is the default I think.

Specifically. Symantec endpoint manager runs on same machine as exchange. No credentials, userid and password, domain/userid password. All on port 25. All unspecified error.

Next Acronis True Image 2014 premium. Is run from client, might as well repeat all of the above. Oh and add in TLS for this one SEPM only supports SSL for encryption.

Next Cradlepoint MBR1200B router. Encryption capable unclear as to what protocol it would use. Can use user id password. Various ports. All above tried with failures.

I am trying to think of successes bu the only thing that comes to mind is the internal reports that SBS sends out and internal email.

Thanks
0
 

Author Comment

by:mohrk
ID: 39745053
You had more questions about the account. Yes they are generally connecting to my non-admin account. And they are configured separately as you might be able to tell already.
0
6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

 
LVL 10

Accepted Solution

by:
Korbus earned 250 total points
ID: 39745056
Despite the fact that it DOEs work on some systems, I'm going to recommend that you check firewall and AV rules.   I can't tell you how many times I've found those blocking port 25.  

On each problem machine possible, I would try a telnet session to simulate email traffic and see exactly where during connection/authentication the problem occurs.  https://workaround.org/ispmail/lenny/test-mail-through-telnet
0
 

Author Comment

by:mohrk
ID: 39745197
OK, SEPM problem resolved. servername - no, FQDN no, localhost yes. No auth not even "real" from address. Hmmm. This is on the exchange server itself.

From a client, from bogus address or real address - 503 5.7.1 client was not authenticated. The overwhelming response from google is enable anonymous on the default receive connector. Do I really want to do that? If so why then why do these apps have the ability to have userid and password? If it is merely to allow access to an offsite server then why can't mine be configured this way? i.e. why can't I set up a client on my network to securely connect to my exchange server?
0
 
LVL 63

Assisted Solution

by:Simon Butler (Sembee)
Simon Butler (Sembee) earned 250 total points
ID: 39745896
SBS 2011 by default will block connections to the Receive Connectors from your internal network. You need to create a new Receive Connector.
http://semb.ee/apprelay

Don't adjust the default or SBS connectors, as that will cause you problems and if you ever use any of the tools to correct SBS the change will be undone. Instead create a new connector specifically for the task.

Simon.
0
 

Author Closing Comment

by:mohrk
ID: 39746500
Thanks guys! Both problems resolved and expeditiously. Everything requires a from address despite some apps suggesting it was "optional" or advanced but a bogus address worked so??

I have port 25 mapped and filtered to certain sub-nets and port is 53 locked down to specific public DNS addresses so the router required the IP address of the server and an allow rule on port 25. This combination worked anyway.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Resolve DNS query failed errors for Exchange
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
how to add IIS SMTP to handle application/Scanner relays into office 365.

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now