Solved

email sent from domain a to a list in domain b unable to relay

Posted on 2014-03-14
6
431 Views
Last Modified: 2014-03-20
We are using exchange 2010 and recently implemented the policy where people can't relay through our exchange server without either authenticating or we allow their IP.  When we did this, when employees send to a distribution list on another organization's mail server but includes email addresses with our domain in them, the message doesn't get delivered and the 550 5.7.1 message comes up.  I'll try to show an example:

We are domain A and we have employees that sit in different organizations.  Two specific ones are showing problems right now, we'll call them domain B and domain C.

When Joe from domain A sends an email to the distribution list with the email address list@domainb.com (which includes email addresses from domain A) those people in Domain A do not get it.  Same happens to those who send to domainc.com.  This JUST started happening this week and it ONLY seems to be happening when users send to distribution lists.  If a user within the different organizations (domain B and domain C) send, it goes out just fine.  

How can I tweak it so our employees who use our email can send to these lists and have our other employees get them?  Thank you.
0
Comment
Question by:ecsitadmin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 25

Expert Comment

by:Mohammed Khawaja
ID: 39930263
By default distribution lists requires authenticated users to be able to relay.  You could disable authenticated user option for the distribution lists.
0
 

Author Comment

by:ecsitadmin
ID: 39930334
it's not our distribution lists.  The Distribution lists are housed on different organizations' mail servers.  It's not that option because it's at least two different organizations and i'd say it's a pretty big coincidence that those two all of a sudden require DL's to be authenticated now.
0
 
LVL 25

Expert Comment

by:Mohammed Khawaja
ID: 39930348
If the DLs are in different organization servers and if they try to relay through your server then it will be rejected.
0
Comparison of Amazon Drive, Google Drive, OneDrive

What is Best for Backup: Amazon Drive, Google Drive or MS OneDrive? In this free whitepaper we look at their performance, pricing, and platform availability to help you decide which cloud drive is right for your situation. Download and read the results of our testing for free!

 

Author Comment

by:ecsitadmin
ID: 39930355
they're not trying to relay.  At least  they shouldn't be.  They're just trying to send mail to the recipients.  So if you are on a distribution list on another organization, and I try to send to that email address, it just wants to deliver it to you.  They're not trying to relay.
0
 

Author Comment

by:ecsitadmin
ID: 39930417
This is the best way I can put it without giving away specifics.

I reside with org. a an email user1@domaina.com

I am trying to email a distribution list at a different organization (domainb.com), which has email addresses from domaina.com on it and domainb.com on it.  If I email from my email address user1@domain.com to list@domainb.com, it gets to those within the organization but once it tries to send back to domaina.com, it gets rejected.  Same with domainc.com.  the relaying has already occurred on domaina.com's exchange server.  All domainb.com's mail server should be doing is just sending the mail back through domainb.com.  But for some reason when sending to the DL on domainb.com (and domainc.com)'s mail servers, our exchange server acts like it's trying to relay.  It shouldn't be.  That is my problem.
0
 
LVL 27

Accepted Solution

by:
skullnobrains earned 500 total points
ID: 39931488
i'd assume the problem is not really about relaying incoming message. most likely exchange rejects the SENDER as being a member of your domain trying to send email from a foreign address. it probably considered the address was spoofed and rejects the mail regarding of the recipient

i don't know about your policies, but i'd assume you somehow apply this policy on senders from your domain
- allow mail from authenticated users
- allow mail from LAN addresses
- reject everything else

this is unrelated with the rules that allows delivery to your domain addresses from foreign domains

you can check your logs if you're unsure

in order to solve this issue, i don't see anything very smart :

- allowing their ips to send impersonating members of your domain is probably not really a good idea (but may be acceptable)
- allowing anything that is intended to members of your domain to go through regardless the sender is definitely NOT a good idea spam-wise
- allowing the combination of their ips, a sender from your domain and a recipient on your domain looks safe enough
0

Featured Post

Salesforce Has Never Been Easier

Improve and reinforce salesforce training & adoption using WalkMe's digital adoption platform. Start saving on costly employee training by creating fast intuitive Walk-Thrus for Salesforce. Claim your Free Account Now

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Multiple Calendars on iOS devices? 9 44
Additional Protection from Ransomware Attacks 18 110
Office 365 adding a domain 3 36
Linksys EA8500 3 21
There's a lot of hype surrounding blockchain technology. Here's how it works and some of the novel ways it' s now being used - including for data protection.
Many of you may be aware of the recent Google Docs scam emails that have been floating around coming from various people that you know. Here's a guide on identifying How To Identify the Scam Email You will see an email from someone you’ve had co…
This video discusses moving either the default database or any database to a new volume.
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question