• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 981
  • Last Modified:

cant send email from my cloud app using my exchange mail server

im trying to send emails from my cloud app
i have configured the following settings in the cloud app under smtp settings
smtp server = my public ip for my server
username and password = a domain user account and password
use ssl yes
authentication = none
use port 25
im using an in house exchange 2007 server
every time i try to send an email from the cloud app i receive the following error
the smtp server requires a secure connection or the client was not authenticated
the server response was 5.7.1 the client was not authenticated

any ideas
0
dougdog
Asked:
dougdog
  • 14
  • 7
  • 3
  • +3
1 Solution
 
Schuyler DorseyCommented:
You set authentication to none. A correct configuration of Exchange would require authentication from the public side before anything could relay email.

It would be a big security concern if your server was NOT configured to do this as it would open it up to open relay.

So two things you could do..

1. Configure an Exchange account the cloud app could authenticate as before sending email

or

2. Create an additional Exchange receive connector that matches on the IP where the cloud app traffic would come from. This may be hard to do as cloud apps are often rather dynamic.


Number 1 would be the preferred option.
0
 
dougdogAuthor Commented:
I have created an active directory account and used it for the username and password.
I have also tested this account by logging into webmail and sending a test email
0
 
dougdogAuthor Commented:
I have also tried changing the authentication tab to none basic and secure
0
Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

 
Schuyler DorseyCommented:
Did you configure the cloud app with the settings? Your above post says it isn't configure to do so.

use ssl yes
authentication = none
use port 25
0
 
dougdogAuthor Commented:
The cloud app has 3 settings none basic and secure
I tried them all
0
 
Scott Fell, EE MVEDeveloper & EE ModeratorCommented:
If you are using smtp w/ssl, try port 465.  Why can't you authenticate from your app?
0
 
dougdogAuthor Commented:
the app asks me for the following

mailserver
username
password
port
use ssl yes no
0
 
dougdogAuthor Commented:
i get the error

the remote certificate is invalid according to the validation procedure
0
 
dougdogAuthor Commented:
here are the settings that the cloud app ask for
mtp.JPG
0
 
Scott Fell, EE MVEDeveloper & EE ModeratorCommented:
Have you set Exchange to allow remote connections?
0
 
David Johnson, CD, MVPOwnerCommented:
you would use the same settings as you would for the exchange server connecting from outside. use the complete username webservice@example.com
0
 
dougdogAuthor Commented:
Where do I set remote connections
I have allowed the cloud app ip  into receive mail from these ips
0
 
David Johnson, CD, MVPOwnerCommented:
your cloud app doesn't need to receive anything!

you have to configure the cloud app as if you were setting up outlook to send email to the exchange server.
0
 
arnoldCommented:
Not sure why you are not using your cloud provider's mail servers to relay.

Set up another non-encrypted connector on your exchange to listen on port 587.
It might be that your cloud provider is blocking outgoing port 25 traffic that is not destined to their own server to avoid errand cloud apps that are compromised and made to function as zombie spammers.

Debug options in the app to log/record any errors when attempting to connect should shed light on what is going on if the above is not an option.  Does your exchange logs reflect an incoming connection from the cloud app?  The IP/Range from which the app would be connected, might vary.
0
 
Leon FesterSenior Solutions ArchitectCommented:
SMTP code 5.7.1 means relayed denied

Does the email address that you're using for sending in your Cloud Application exist on the email domain that you are using on your Exchange server?

"Remote certificate invalid" response can also create errors if you're forcing SSL connections.

Try configuring Outlook Express with the same settings used in your Cloud Application and check if you get a more meaningful error.

See link from another forum
http://social.technet.microsoft.com/Forums/exchange/en-US/e6549492-086a-485f-9c5b-564cbfae1012/tls-in-telnet?forum=exchangesvrsecuremessaginglegacy
0
 
dougdogAuthor Commented:
im using my own exchange server because the emails need to come from ourselves
0
 
arnoldCommented:
You can still send through your cloud provider's mailserver with your emails as the sender.
Bcc to your self if you need a copy of what is being sent.

You need to log the smtp transaction to see what is happening and what errors if any.

Looking at your settings, the port 443 is likely the issue.
Check wether your exchange SSL port is on 465.
If not, disable SSL and use port 25


Try the following, connect locally to your exchange server after the greeting: ehlo your_systemaname, it should list the available option
Auth plain login digest
If basic does not work, try the next option while keeping track of the log to see what it reports.
0
 
dougdogAuthor Commented:
do i disable this in iis
0
 
David Johnson, CD, MVPOwnerCommented:
no you don't disable anything in iis.
0
 
dougdogAuthor Commented:
so where do i diable ssl and use port 25
0
 
arnoldCommented:
The configuration section for you application is where you would change the SMTP .NET preferences handling.
You have
Public IP
Port 25
Authentication=plain login digest change one ay a time
use ssl, no.

Is you do want SSL
Specify the port 465 commonly, but you may have it set differently.  The difficulty in one of your prior posts, an indication that the certificate could not be verified.  Are you using a self-signed certificate?  The cloud app, can not verify the certificate and thus does not complete the negotiation process.  I believe there is a way within your app to include the remote cert as trusted to avoid this issue.
0
 
dougdogAuthor Commented:
can I set it to just ignore the cert
or must it use the cert
0
 
arnoldCommented:
If you do not use the use ssl: yes. there will be no need to use a cert nor a cert will be provided.
0
 
dougdogAuthor Commented:
i can get it to work if i untick ssl
it will not work with ssl


when ssl is selected i get a the error message
the remote certificate is invalid according to the validation procedure

if i untick ssl it works
0
 
arnoldCommented:
Look at including/adding the signer of the exchange certificate as trusted to the service account under whose creds your cloud app runs.

Look at your SSL establishment option such that you can discount/turnoff certificate validation.
0
 
dougdogAuthor Commented:
not sure I follow
0
 
arnoldCommented:
If you access your exchange from a computer outside your LAN. Do you get notice about the certificate?  Are you accessing the remote server using the name to which the certificate is issued!  Are you using a self-signed certificate or is it purchased?

You need to get the signing authority, and any chain certificate added to the cloud as trusted.  Your cloud application is running within and using some credentials on those systems. The inclusion of the certificate that signed needs to either be incorporated within the application, or added to the certificate store as trusted.

If the above do nit cover the, "not sure I follow," please provide what aspects you do not follow.
0
 
dougdogAuthor Commented:
I can access outside lan no problems
it is a purchased cert
0
 
arnoldCommented:
The cloud systems does not have the signer CA's, or intermediate Chain as trusted or the hostname to which you are going is causing this error. i.e. the certificate is for mymail.mysite.com while your configuration has it going to mail.mysite.com.  While both point to the same IP, the certificate is only for one name.
In the future if you want a certificate multiple names, you need to create the CSR with multiple names (A SAN certificate) note that you have to make sure that the certificate has the appropriate functions selected if you cover multiple services. mail and web make sure it has the mail functionality as well as the web one. web is the lower of the two.

You need to determine which is the cause of your system.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

  • 14
  • 7
  • 3
  • +3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now