Solved

cant send email from my cloud app using my exchange mail server

Posted on 2014-03-29
31
899 Views
Last Modified: 2014-04-23
im trying to send emails from my cloud app
i have configured the following settings in the cloud app under smtp settings
smtp server = my public ip for my server
username and password = a domain user account and password
use ssl yes
authentication = none
use port 25
im using an in house exchange 2007 server
every time i try to send an email from the cloud app i receive the following error
the smtp server requires a secure connection or the client was not authenticated
the server response was 5.7.1 the client was not authenticated

any ideas
0
Comment
Question by:dougdog
  • 14
  • 7
  • 3
  • +3
31 Comments
 
LVL 10

Expert Comment

by:Schuyler Dorsey
ID: 39963881
You set authentication to none. A correct configuration of Exchange would require authentication from the public side before anything could relay email.

It would be a big security concern if your server was NOT configured to do this as it would open it up to open relay.

So two things you could do..

1. Configure an Exchange account the cloud app could authenticate as before sending email

or

2. Create an additional Exchange receive connector that matches on the IP where the cloud app traffic would come from. This may be hard to do as cloud apps are often rather dynamic.


Number 1 would be the preferred option.
0
 

Author Comment

by:dougdog
ID: 39963889
I have created an active directory account and used it for the username and password.
I have also tested this account by logging into webmail and sending a test email
0
 

Author Comment

by:dougdog
ID: 39963891
I have also tried changing the authentication tab to none basic and secure
0
 
LVL 10

Expert Comment

by:Schuyler Dorsey
ID: 39963892
Did you configure the cloud app with the settings? Your above post says it isn't configure to do so.

use ssl yes
authentication = none
use port 25
0
 

Author Comment

by:dougdog
ID: 39964130
The cloud app has 3 settings none basic and secure
I tried them all
0
 
LVL 52

Expert Comment

by:Scott Fell, EE MVE
ID: 39981162
If you are using smtp w/ssl, try port 465.  Why can't you authenticate from your app?
0
 

Author Comment

by:dougdog
ID: 39982473
the app asks me for the following

mailserver
username
password
port
use ssl yes no
0
 

Author Comment

by:dougdog
ID: 39982475
i get the error

the remote certificate is invalid according to the validation procedure
0
 

Author Comment

by:dougdog
ID: 39987086
here are the settings that the cloud app ask for
mtp.JPG
0
 
LVL 52

Expert Comment

by:Scott Fell, EE MVE
ID: 39996921
Have you set Exchange to allow remote connections?
0
 
LVL 78

Expert Comment

by:David Johnson, CD, MVP
ID: 39997041
you would use the same settings as you would for the exchange server connecting from outside. use the complete username webservice@example.com
0
 

Author Comment

by:dougdog
ID: 39997184
Where do I set remote connections
I have allowed the cloud app ip  into receive mail from these ips
0
 
LVL 78

Expert Comment

by:David Johnson, CD, MVP
ID: 39997221
your cloud app doesn't need to receive anything!

you have to configure the cloud app as if you were setting up outlook to send email to the exchange server.
0
 
LVL 76

Expert Comment

by:arnold
ID: 39997248
Not sure why you are not using your cloud provider's mail servers to relay.

Set up another non-encrypted connector on your exchange to listen on port 587.
It might be that your cloud provider is blocking outgoing port 25 traffic that is not destined to their own server to avoid errand cloud apps that are compromised and made to function as zombie spammers.

Debug options in the app to log/record any errors when attempting to connect should shed light on what is going on if the above is not an option.  Does your exchange logs reflect an incoming connection from the cloud app?  The IP/Range from which the app would be connected, might vary.
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 26

Expert Comment

by:Leon Fester
ID: 39998584
SMTP code 5.7.1 means relayed denied

Does the email address that you're using for sending in your Cloud Application exist on the email domain that you are using on your Exchange server?

"Remote certificate invalid" response can also create errors if you're forcing SSL connections.

Try configuring Outlook Express with the same settings used in your Cloud Application and check if you get a more meaningful error.

See link from another forum
http://social.technet.microsoft.com/Forums/exchange/en-US/e6549492-086a-485f-9c5b-564cbfae1012/tls-in-telnet?forum=exchangesvrsecuremessaginglegacy
0
 

Author Comment

by:dougdog
ID: 39998594
im using my own exchange server because the emails need to come from ourselves
0
 
LVL 76

Expert Comment

by:arnold
ID: 39999126
You can still send through your cloud provider's mailserver with your emails as the sender.
Bcc to your self if you need a copy of what is being sent.

You need to log the smtp transaction to see what is happening and what errors if any.

Looking at your settings, the port 443 is likely the issue.
Check wether your exchange SSL port is on 465.
If not, disable SSL and use port 25


Try the following, connect locally to your exchange server after the greeting: ehlo your_systemaname, it should list the available option
Auth plain login digest
If basic does not work, try the next option while keeping track of the log to see what it reports.
0
 

Author Comment

by:dougdog
ID: 40001042
do i disable this in iis
0
 
LVL 78

Expert Comment

by:David Johnson, CD, MVP
ID: 40001051
no you don't disable anything in iis.
0
 

Author Comment

by:dougdog
ID: 40001191
so where do i diable ssl and use port 25
0
 
LVL 76

Expert Comment

by:arnold
ID: 40001911
The configuration section for you application is where you would change the SMTP .NET preferences handling.
You have
Public IP
Port 25
Authentication=plain login digest change one ay a time
use ssl, no.

Is you do want SSL
Specify the port 465 commonly, but you may have it set differently.  The difficulty in one of your prior posts, an indication that the certificate could not be verified.  Are you using a self-signed certificate?  The cloud app, can not verify the certificate and thus does not complete the negotiation process.  I believe there is a way within your app to include the remote cert as trusted to avoid this issue.
0
 

Author Comment

by:dougdog
ID: 40001932
can I set it to just ignore the cert
or must it use the cert
0
 
LVL 76

Expert Comment

by:arnold
ID: 40002198
If you do not use the use ssl: yes. there will be no need to use a cert nor a cert will be provided.
0
 

Author Comment

by:dougdog
ID: 40003839
i can get it to work if i untick ssl
it will not work with ssl


when ssl is selected i get a the error message
the remote certificate is invalid according to the validation procedure

if i untick ssl it works
0
 
LVL 76

Expert Comment

by:arnold
ID: 40003861
Look at including/adding the signer of the exchange certificate as trusted to the service account under whose creds your cloud app runs.

Look at your SSL establishment option such that you can discount/turnoff certificate validation.
0
 

Author Comment

by:dougdog
ID: 40003967
not sure I follow
0
 
LVL 76

Expert Comment

by:arnold
ID: 40004016
If you access your exchange from a computer outside your LAN. Do you get notice about the certificate?  Are you accessing the remote server using the name to which the certificate is issued!  Are you using a self-signed certificate or is it purchased?

You need to get the signing authority, and any chain certificate added to the cloud as trusted.  Your cloud application is running within and using some credentials on those systems. The inclusion of the certificate that signed needs to either be incorporated within the application, or added to the certificate store as trusted.

If the above do nit cover the, "not sure I follow," please provide what aspects you do not follow.
0
 

Author Comment

by:dougdog
ID: 40004078
I can access outside lan no problems
it is a purchased cert
0
 
LVL 76

Accepted Solution

by:
arnold earned 500 total points
ID: 40004400
The cloud systems does not have the signer CA's, or intermediate Chain as trusted or the hostname to which you are going is causing this error. i.e. the certificate is for mymail.mysite.com while your configuration has it going to mail.mysite.com.  While both point to the same IP, the certificate is only for one name.
In the future if you want a certificate multiple names, you need to create the CSR with multiple names (A SAN certificate) note that you have to make sure that the certificate has the appropriate functions selected if you cover multiple services. mail and web make sure it has the mail functionality as well as the web one. web is the lower of the two.

You need to determine which is the cause of your system.
0

Featured Post

The curse of the end user strikes again      

You’ve updated all your end user’s email signatures. Hooray! But guess what? They’re playing around with the HTML, adding stupid taglines and ruining the imagery. Find out how you can save your signatures from end users today.

Join & Write a Comment

Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
The viewer will learn the basics of jQuery including how to code hide show and toggles. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now