Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

All Users except admins cannot send via smtp - MS Exchange 2010

Posted on 2014-03-10
20
Medium Priority
?
494 Views
Last Modified: 2014-03-18
I am using thunderbird for the smtp mail client. I have it running on the exchange server itself. When i use my admin account i can send mail. If i use any other account i get the error "the mail server responded: 5.7.1 client does not have permissions to send as this sender...."

My exchange connector is set up for anonymous users and exchange users.

Why is this? Thank you.
0
Comment
Question by:IT
20 Comments
 
LVL 3

Expert Comment

by:Winsoup
ID: 39917606
If you right click on the user in EMC and click "manage send as permissions" does
NT AUTHORITY\SELF have permissions in there?
If not, add it and try it again.
0
 

Author Comment

by:IT
ID: 39917678
It is there for all users.

Why would only admins be able to send and other users including a newly created one not be able to? And once i created a new user, unless i am mistaken, for about 10 minutes i could send as the new user "test" and then it would not allow me to any more.
0
 
LVL 3

Expert Comment

by:Winsoup
ID: 39917694
It has to be a rights issue somewhere.

Check this...

Exchange
If that doesn't work try unchecking "Exchange Users" on your connector and just leave it as "Anon Users" and try it again.

If that doesn't work can you post a screenshot of the rights you have set up on your connectors?
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:IT
ID: 39917791
I unchecked it and clicked apply, It didn't help so i put it back and clicked apply again,
If you uncheck exchange users and only allow anonymous users then when they try to authenticate with there username and password wont it reject that?
Clipboard02.jpg
0
 
LVL 3

Assisted Solution

by:Winsoup
Winsoup earned 1000 total points
ID: 39917843
Yeah sorry I was looking at my Internet Connector.

Can you post the authentication tab as well?

Do you have your relay set up and have the Exchange Server listed as the IP address to receive email?

If that's not the issue try running this command for a user and see if that person can send afterwards.

Get-ReceiveConnector "Name of Connector" | Add-ADPermission -user "DOMAIN\myLogin" -ExtendedRights "ms-Exch-SMTP-Submit ms-Exch-SMTP-Accept-Any-Recipient ms-Exch-SMTP-Accept-Any-Sender ms-Exch-SMTP-Accept-Authoritative-Domain-Sender"

Open in new window

0
 

Author Comment

by:IT
ID: 39917973
Yes the relay is set up and it does indeed work if i use my admin account, so i don't think network settings or encryption are to blame. I tried that command and it didn't work, I mean the command itself failed. What did i do wrong? And, thank you very much for your time so far by the way.
Clipboard03.jpg
Clipboard04.jpg
0
 
LVL 3

Expert Comment

by:Winsoup
ID: 39918008
Just to make sure were on the same page here. You have outlook set up for a user, with their own account, username and password and that's not working, right?

Or are you trying to send as a domain user from an account other than their own? In the from field is it showing up as the user that is sending the email?

Do you use OWA at all? Does it work from there?
0
 
LVL 3

Expert Comment

by:Winsoup
ID: 39918108
Also in AD, click view, advanced features.
Search for a user that it's not working for, click the security tab, under SELF make sure they have "Send As" and "Receive As" checked in there.

I know you said NT AUTHORITY\SELF was set up in exchange but if they don't have rights to it themselves it won't work.
0
 

Author Comment

by:IT
ID: 39918467
Outlook works fine for every user. Its when the user tries to send mail through smtp using mozilla thunderbird that it fails, see the screen shot. there is a program that takes care of there warehouse, called inxsql and it runs on the server and sends mail for users through exchange (through smtp) and thats whats not working. to diagnose that i installed mozilla thunderbird onto the server so i can send via smtp.
0
 
LVL 3

Expert Comment

by:Winsoup
ID: 39918489
Ahh ok. All of this is installed on the exchange server?
What does your send connector look like under Organization Management>Hub Transport>Network Space
0
 

Author Comment

by:IT
ID: 39918597
wouldn't it be my receive connector that handles the incoming requests and is denying my users?
Clipboard05.jpg
Clipboard06.jpg
0
 
LVL 3

Expert Comment

by:Winsoup
ID: 39918632
Yes but if your send connector isn't configured to send to all internet domains that could stop it from sending out.
That error is also seen when an application, printer, server, or computer isn't set up to relay. Do you have a receive connector set up that you use to allow devices to relay email?

That's about all I can think of right now, especially since you said outlook is working fine for everyone.
Double check your settings in thunderbird too and make sure that's all ok.
0
 

Author Comment

by:IT
ID: 39918797
It does send out (relay) no problem, but only when an admin is the sender in thunderbird, otherwise the server rejects the user. That's alright, I appreciate you trying.
0
 

Author Comment

by:IT
ID: 39918805
I think i missed one of your comments, where do i find those settings in post ID: 39917694 ?
0
 
LVL 3

Expert Comment

by:Winsoup
ID: 39918881
It's in ADSI Edit.

I just found this article that could be helpful for you. It also shows where to find this option.

http://help.globalscape.com/help/me3/configuring_authenticated_access_to_exchange.htm
0
 
LVL 11

Expert Comment

by:hecgomrec
ID: 39920291
Have you tried sending email with an Outlook client?

If you did, did it work?

If it did, your error or problem is not on exchange... but Thunderbird itself.

Make sure your settings on the Thunderbird match those on the mailbox (identities).

As a workaround, try giving permission on the user's mailbox to Send As to themselves.
0
 
LVL 12

Accepted Solution

by:
Gary Coltharp earned 1000 total points
ID: 39923238
It sounds like what you need is a new send connector. In my SBS implementations where internal devices need to be able to send mail to both internal and external recipients, I set up an Anonymous Relay connector to get around authentication and relay issues. It is locked down to only accepting from the internal subnet(s) but can send anywhere.

You simply need to bind a second IP to your NIC on your server and use it as the smtp host.
Create a new connector called something like AnonymousRelay. Keep it simple and avoid spaces so you don't have to use quotes in the exchange shell. Then select "Custom" from the drop-down menu. Configure the connector with "Anonymous Users" allowed, then in the "Network" section just add the local subnet. Make sure the top box references your newly bound IP.
Open Exchange Management Shell and enter the following command (note that no quotes are required for your connector name if you don't have spaces in the name):
Get-ReceiveConnector "connector name" | Add-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON" -ExtendedRights "ms-Exch-SMTP-Accept-Any-Recipient"

Bounce the transport service and it should work.

HTH

Gary
0
 

Assisted Solution

by:IT
IT earned 0 total points
ID: 39926606
http://sparesomeexchange.com/unable-to-relay-mail-to-external-recipient-in-exchange/

I ran three of the commands at the bottom, i think i only needed to run thius one CAS-SERVER-01\Anonymous Relay NT AUTHORITY\ANONYMOUS LOGON {ms-Exch-SMTP-Submit}

but running the other two i chose that seemed close couldnt hurt... and, it works! Thank you all for your help!
0
 

Author Comment

by:IT
ID: 39926615
Thank you!
0
 

Author Closing Comment

by:IT
ID: 39936359
It didn't like when i tried running the commands how you had them laid out all together for some reason, but when i ran them one at a time it worked.
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The problem of the system drive in SBS 2003 getting full continues to be an issue, even though SBS 2008 and SBS 2011 are both in the market place.  There are several solutions to this, including adding additional drive space or using third party uti…
Because virtualization becomes more and more common, and, with Microsoft Hyper-V included in Windows Server at no additional costs, and, most server hardware nowadays is more than capable of running a physical Small Business Server (SBS) 2008 or 201…
This Micro Tutorial will teach you how to add a cinematic look to any film or video out there. There are very few simple steps that you will follow to do so. This will be demonstrated using Adobe Premiere Pro CS6.
This lesson discusses how to use a Mainform + Subforms in Microsoft Access to find and enter data for payments on orders. The sample data comes from a custom shop that builds and sells movable storage structures that are delivered to your property. …
Suggested Courses

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question