550 5.7.1 Unable to relay Exchange 2003

Exchange 2003 server (SBS) running normally without issue until today and suddenly everyone who tried to send an email got bounce with "550 5.7.1 Unable to relay".
Nothing in the system to my knowledge has changed.
Only thing I've been able to do meantime (which has worked) is to change the setting in Exchange System Manager : Default SMTP Virtual server >Properties > Access > Relay from 'Only the list below' to 'All except the list below' but I know this is NOT a recommended configuration!
(Box 'allow all computers which successfully authenticate to relay' remains ticked: did not change this).
laurencoullAsked:
Who is Participating?
 
Jeffrey Kane - TechSoEasyConnect With a Mentor Principal ConsultantCommented:
More than likely you have a self-signed certificate and it has expired.

Run the Configure Email and Internet Connection Wizard (CEICW) to create a new one and fix your problem.

Jeff
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Or... did you have a smarthost configured?  Perhaps that is not valid anymore.  In any event, running the CEICW is where you change that.
0
 
laurencoullAuthor Commented:
Right: Well I'm fixed now but still want to explain what happened incase there's still something I need to fix.
Firstly ran the CEICW but on finish got "An Error occurred while configuring a component" with a red X at the Email config.
Then went into IIS and checked the self-signed cert which expires in 2017. Then went into System Manager / Default SMTP VS / Access / Secure Communications / Certificate. There it said there was no certificate so I chose option2: assign an existing certificate, where it found the one valid until 2017 and installed it.
I then went into Relay to change back to "'Only the list below" but found it had reverted to that setting on its own! Perhaps the certificate wizard had done this? Anyhow, email is working properly once again.
Only final comment to make is that I finally added some CALs as I noticed it was underlicensed. Just a thought but wonder if the shortage of CALs contributed to the relay issue. Ie where it says "allow all computers which successfully authenticate to relay", would a shortage of CALs cause workstations to fail to authenticate once the CAL limit has been reached? My understanding is no and that a SBS2003 server will in reality allow almost unlimited users to log in regardless of licensing, but just thought I'd throw it in as a mention.
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
If the CEICW failed at the Email config you need to find out why and fix it.  You should NOT configure the IIS certs manually because you will miss applying it to all the necessary places.

The CEICW will get it done right.

So, to find out what the error is, you need to look at the CEICW's log.

To view that, please enter the following in a RUN dialogue:

%sbsprogramdir%\Support\icwlog.txt

Jeff
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.