• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 414
  • Last Modified:

SBS 2011 Internal Application Sending E-Mail To Internal Exchange Server

I have looked and this has been discussed in a different light but not specifically this way and the answers have not worked for me. I have several internal applications that I would like to have to send email updates/failures on processes that occur in the background. Some of the applications have not issues and others repeatedly fail with "authentication" issues or unspecified reasons. I see not reason why this should occur and was wondering if anyone had experience in general with applications like this and what the problem is and is it something I can set or is it not designed to work this way from the vendor. For the most part I can use my smart host and send that way but it should work and doesn't and I would like to know why.
0
mohrk
Asked:
mohrk
  • 4
  • 2
2 Solutions
 
KorbusCommented:
Are these various applications configured seperately?  If so, it could be simply an error in the configuration (un/pw) of those apps with problems.

Are the email apps that fail AND succeed all running on the same machine?

Are they all tring to connect to the same email account?

To know weather or not your apps SHOULD be able to do what you want, we would need more details about them.
0
 
mohrkAuthor Commented:
Generally speaking they run on client, server and can also be devices. Both SBS connectors are listening on port 25 but that is the default I think.

Specifically. Symantec endpoint manager runs on same machine as exchange. No credentials, userid and password, domain/userid password. All on port 25. All unspecified error.

Next Acronis True Image 2014 premium. Is run from client, might as well repeat all of the above. Oh and add in TLS for this one SEPM only supports SSL for encryption.

Next Cradlepoint MBR1200B router. Encryption capable unclear as to what protocol it would use. Can use user id password. Various ports. All above tried with failures.

I am trying to think of successes bu the only thing that comes to mind is the internal reports that SBS sends out and internal email.

Thanks
0
 
mohrkAuthor Commented:
You had more questions about the account. Yes they are generally connecting to my non-admin account. And they are configured separately as you might be able to tell already.
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

 
KorbusCommented:
Despite the fact that it DOEs work on some systems, I'm going to recommend that you check firewall and AV rules.   I can't tell you how many times I've found those blocking port 25.  

On each problem machine possible, I would try a telnet session to simulate email traffic and see exactly where during connection/authentication the problem occurs.  https://workaround.org/ispmail/lenny/test-mail-through-telnet
0
 
mohrkAuthor Commented:
OK, SEPM problem resolved. servername - no, FQDN no, localhost yes. No auth not even "real" from address. Hmmm. This is on the exchange server itself.

From a client, from bogus address or real address - 503 5.7.1 client was not authenticated. The overwhelming response from google is enable anonymous on the default receive connector. Do I really want to do that? If so why then why do these apps have the ability to have userid and password? If it is merely to allow access to an offsite server then why can't mine be configured this way? i.e. why can't I set up a client on my network to securely connect to my exchange server?
0
 
Simon Butler (Sembee)ConsultantCommented:
SBS 2011 by default will block connections to the Receive Connectors from your internal network. You need to create a new Receive Connector.
http://semb.ee/apprelay

Don't adjust the default or SBS connectors, as that will cause you problems and if you ever use any of the tools to correct SBS the change will be undone. Instead create a new connector specifically for the task.

Simon.
0
 
mohrkAuthor Commented:
Thanks guys! Both problems resolved and expeditiously. Everything requires a from address despite some apps suggesting it was "optional" or advanced but a bogus address worked so??

I have port 25 mapped and filtered to certain sub-nets and port is 53 locked down to specific public DNS addresses so the router required the IP address of the server and an allow rule on port 25. This combination worked anyway.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now