Solved

cant send email from my cloud app using my exchange mail server

Posted on 2014-03-29
31
939 Views
Last Modified: 2014-04-23
im trying to send emails from my cloud app
i have configured the following settings in the cloud app under smtp settings
smtp server = my public ip for my server
username and password = a domain user account and password
use ssl yes
authentication = none
use port 25
im using an in house exchange 2007 server
every time i try to send an email from the cloud app i receive the following error
the smtp server requires a secure connection or the client was not authenticated
the server response was 5.7.1 the client was not authenticated

any ideas
0
Comment
Question by:dougdog
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 14
  • 7
  • 3
  • +3
31 Comments
 
LVL 10

Expert Comment

by:Schuyler Dorsey
ID: 39963881
You set authentication to none. A correct configuration of Exchange would require authentication from the public side before anything could relay email.

It would be a big security concern if your server was NOT configured to do this as it would open it up to open relay.

So two things you could do..

1. Configure an Exchange account the cloud app could authenticate as before sending email

or

2. Create an additional Exchange receive connector that matches on the IP where the cloud app traffic would come from. This may be hard to do as cloud apps are often rather dynamic.


Number 1 would be the preferred option.
0
 

Author Comment

by:dougdog
ID: 39963889
I have created an active directory account and used it for the username and password.
I have also tested this account by logging into webmail and sending a test email
0
 

Author Comment

by:dougdog
ID: 39963891
I have also tried changing the authentication tab to none basic and secure
0
When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

 
LVL 10

Expert Comment

by:Schuyler Dorsey
ID: 39963892
Did you configure the cloud app with the settings? Your above post says it isn't configure to do so.

use ssl yes
authentication = none
use port 25
0
 

Author Comment

by:dougdog
ID: 39964130
The cloud app has 3 settings none basic and secure
I tried them all
0
 
LVL 53

Expert Comment

by:Scott Fell, EE MVE
ID: 39981162
If you are using smtp w/ssl, try port 465.  Why can't you authenticate from your app?
0
 

Author Comment

by:dougdog
ID: 39982473
the app asks me for the following

mailserver
username
password
port
use ssl yes no
0
 

Author Comment

by:dougdog
ID: 39982475
i get the error

the remote certificate is invalid according to the validation procedure
0
 

Author Comment

by:dougdog
ID: 39987086
here are the settings that the cloud app ask for
mtp.JPG
0
 
LVL 53

Expert Comment

by:Scott Fell, EE MVE
ID: 39996921
Have you set Exchange to allow remote connections?
0
 
LVL 82

Expert Comment

by:David Johnson, CD, MVP
ID: 39997041
you would use the same settings as you would for the exchange server connecting from outside. use the complete username webservice@example.com
0
 

Author Comment

by:dougdog
ID: 39997184
Where do I set remote connections
I have allowed the cloud app ip  into receive mail from these ips
0
 
LVL 82

Expert Comment

by:David Johnson, CD, MVP
ID: 39997221
your cloud app doesn't need to receive anything!

you have to configure the cloud app as if you were setting up outlook to send email to the exchange server.
0
 
LVL 79

Expert Comment

by:arnold
ID: 39997248
Not sure why you are not using your cloud provider's mail servers to relay.

Set up another non-encrypted connector on your exchange to listen on port 587.
It might be that your cloud provider is blocking outgoing port 25 traffic that is not destined to their own server to avoid errand cloud apps that are compromised and made to function as zombie spammers.

Debug options in the app to log/record any errors when attempting to connect should shed light on what is going on if the above is not an option.  Does your exchange logs reflect an incoming connection from the cloud app?  The IP/Range from which the app would be connected, might vary.
0
 
LVL 26

Expert Comment

by:Leon Fester
ID: 39998584
SMTP code 5.7.1 means relayed denied

Does the email address that you're using for sending in your Cloud Application exist on the email domain that you are using on your Exchange server?

"Remote certificate invalid" response can also create errors if you're forcing SSL connections.

Try configuring Outlook Express with the same settings used in your Cloud Application and check if you get a more meaningful error.

See link from another forum
http://social.technet.microsoft.com/Forums/exchange/en-US/e6549492-086a-485f-9c5b-564cbfae1012/tls-in-telnet?forum=exchangesvrsecuremessaginglegacy
0
 

Author Comment

by:dougdog
ID: 39998594
im using my own exchange server because the emails need to come from ourselves
0
 
LVL 79

Expert Comment

by:arnold
ID: 39999126
You can still send through your cloud provider's mailserver with your emails as the sender.
Bcc to your self if you need a copy of what is being sent.

You need to log the smtp transaction to see what is happening and what errors if any.

Looking at your settings, the port 443 is likely the issue.
Check wether your exchange SSL port is on 465.
If not, disable SSL and use port 25


Try the following, connect locally to your exchange server after the greeting: ehlo your_systemaname, it should list the available option
Auth plain login digest
If basic does not work, try the next option while keeping track of the log to see what it reports.
0
 

Author Comment

by:dougdog
ID: 40001042
do i disable this in iis
0
 
LVL 82

Expert Comment

by:David Johnson, CD, MVP
ID: 40001051
no you don't disable anything in iis.
0
 

Author Comment

by:dougdog
ID: 40001191
so where do i diable ssl and use port 25
0
 
LVL 79

Expert Comment

by:arnold
ID: 40001911
The configuration section for you application is where you would change the SMTP .NET preferences handling.
You have
Public IP
Port 25
Authentication=plain login digest change one ay a time
use ssl, no.

Is you do want SSL
Specify the port 465 commonly, but you may have it set differently.  The difficulty in one of your prior posts, an indication that the certificate could not be verified.  Are you using a self-signed certificate?  The cloud app, can not verify the certificate and thus does not complete the negotiation process.  I believe there is a way within your app to include the remote cert as trusted to avoid this issue.
0
 

Author Comment

by:dougdog
ID: 40001932
can I set it to just ignore the cert
or must it use the cert
0
 
LVL 79

Expert Comment

by:arnold
ID: 40002198
If you do not use the use ssl: yes. there will be no need to use a cert nor a cert will be provided.
0
 

Author Comment

by:dougdog
ID: 40003839
i can get it to work if i untick ssl
it will not work with ssl


when ssl is selected i get a the error message
the remote certificate is invalid according to the validation procedure

if i untick ssl it works
0
 
LVL 79

Expert Comment

by:arnold
ID: 40003861
Look at including/adding the signer of the exchange certificate as trusted to the service account under whose creds your cloud app runs.

Look at your SSL establishment option such that you can discount/turnoff certificate validation.
0
 

Author Comment

by:dougdog
ID: 40003967
not sure I follow
0
 
LVL 79

Expert Comment

by:arnold
ID: 40004016
If you access your exchange from a computer outside your LAN. Do you get notice about the certificate?  Are you accessing the remote server using the name to which the certificate is issued!  Are you using a self-signed certificate or is it purchased?

You need to get the signing authority, and any chain certificate added to the cloud as trusted.  Your cloud application is running within and using some credentials on those systems. The inclusion of the certificate that signed needs to either be incorporated within the application, or added to the certificate store as trusted.

If the above do nit cover the, "not sure I follow," please provide what aspects you do not follow.
0
 

Author Comment

by:dougdog
ID: 40004078
I can access outside lan no problems
it is a purchased cert
0
 
LVL 79

Accepted Solution

by:
arnold earned 500 total points
ID: 40004400
The cloud systems does not have the signer CA's, or intermediate Chain as trusted or the hostname to which you are going is causing this error. i.e. the certificate is for mymail.mysite.com while your configuration has it going to mail.mysite.com.  While both point to the same IP, the certificate is only for one name.
In the future if you want a certificate multiple names, you need to create the CSR with multiple names (A SAN certificate) note that you have to make sure that the certificate has the appropriate functions selected if you cover multiple services. mail and web make sure it has the mail functionality as well as the web one. web is the lower of the two.

You need to determine which is the cause of your system.
0

Featured Post

Percona Live Europe 2017 | Sep 25 - 27, 2017

The Percona Live Open Source Database Conference Europe 2017 is the premier event for the diverse and active European open source database community, as well as businesses that develop and use open source database software.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A list of top three free exchange EDB viewers that helps the user to extract a mailbox from an unmounted .edb file and get a clear preview of all emails & other items with just a single click on mailboxes.
You deserve ‘straight talk’ from your cloud provider about your risk, your costs, security, uptime and the processes that are in place to protect your mission-critical applications.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…
Suggested Courses

615 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question