Solved

550 5.7.1 Unable to relay Exchange 2003

Posted on 2014-02-07
4
585 Views
Last Modified: 2014-03-12
Exchange 2003 server (SBS) running normally without issue until today and suddenly everyone who tried to send an email got bounce with "550 5.7.1 Unable to relay".
Nothing in the system to my knowledge has changed.
Only thing I've been able to do meantime (which has worked) is to change the setting in Exchange System Manager : Default SMTP Virtual server >Properties > Access > Relay from 'Only the list below' to 'All except the list below' but I know this is NOT a recommended configuration!
(Box 'allow all computers which successfully authenticate to relay' remains ticked: did not change this).
0
Comment
Question by:laurencoull
  • 3
4 Comments
 
LVL 74

Accepted Solution

by:
Jeffrey Kane - TechSoEasy earned 500 total points
ID: 39843575
More than likely you have a self-signed certificate and it has expired.

Run the Configure Email and Internet Connection Wizard (CEICW) to create a new one and fix your problem.

Jeff
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 39843576
Or... did you have a smarthost configured?  Perhaps that is not valid anymore.  In any event, running the CEICW is where you change that.
0
 

Author Comment

by:laurencoull
ID: 39844277
Right: Well I'm fixed now but still want to explain what happened incase there's still something I need to fix.
Firstly ran the CEICW but on finish got "An Error occurred while configuring a component" with a red X at the Email config.
Then went into IIS and checked the self-signed cert which expires in 2017. Then went into System Manager / Default SMTP VS / Access / Secure Communications / Certificate. There it said there was no certificate so I chose option2: assign an existing certificate, where it found the one valid until 2017 and installed it.
I then went into Relay to change back to "'Only the list below" but found it had reverted to that setting on its own! Perhaps the certificate wizard had done this? Anyhow, email is working properly once again.
Only final comment to make is that I finally added some CALs as I noticed it was underlicensed. Just a thought but wonder if the shortage of CALs contributed to the relay issue. Ie where it says "allow all computers which successfully authenticate to relay", would a shortage of CALs cause workstations to fail to authenticate once the CAL limit has been reached? My understanding is no and that a SBS2003 server will in reality allow almost unlimited users to log in regardless of licensing, but just thought I'd throw it in as a mention.
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 39851844
If the CEICW failed at the Email config you need to find out why and fix it.  You should NOT configure the IIS certs manually because you will miss applying it to all the necessary places.

The CEICW will get it done right.

So, to find out what the error is, you need to look at the CEICW's log.

To view that, please enter the following in a RUN dialogue:

%sbsprogramdir%\Support\icwlog.txt

Jeff
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question