Solved

550 REJ-RELAY-001: relay not permitted after network change.

Posted on 2014-04-18
3
823 Views
Last Modified: 2014-04-22
We recently moved all of our offices over to a Private Network which went well with all offices instantly having access to their emails and network shares.

We also successfully repointed all services to the new IP addresses with external email being delivered, webmail being presented etc

Also internal email is flowing fine.

The problem is whenever anyone tries to send an external email we get a bounceback:
"Your message:
   From:    XXX.XXX@XXXXX.co.uk
   Subject: Test external

Could not be delivered because of

550 REJ-RELAY-001: relay not permitted

The following recipients were affected:
    XXX@outlook.com




Additional Information
======================
Original Sender:    <XXX.XXX@XXXXX.co.uk>
Sender-MTA:         <SERVER2>
Reporting-MTA:      <SERVER1.XXXXX.co.uk>
MessageName:        <B5350d3be0000.000000000001.0001.mml>
Last-Attempt-Date:  <08:26:54 Fri, 18 April 2014>"

So SERVER1 is our main Exchange 2003 box that is in Head Office, SERVER2 is in a satellite office (we also have a SERVER3 in another office).

We also have Mailmarshal in place for our Anti-spam solution.

All offices have an internet connection, all servers are set up in System Manager to be allowed to relay.

I've made sure the new ISP has set up a PTR record which was the same as the previous fixed IP we used for Head Office.

So am at a bit of a loss now...
0
Comment
Question by:Martin Brooks
  • 2
3 Comments
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 40008358
I suspect that you need to change the relay settings somewhere else - probably on the Mail Marshall box. There is no need to allow relaying within ESM - I would actually encourage you to change that to not allow relaying. Exchange will allow messages to be passed through the servers if you have an SMTP Connector to route email to another server.

Simon.
0
 

Author Comment

by:Martin Brooks
ID: 40008362
Just checked on Mailmarshal and both those servers are set up to allow relay.

But I did notice Mailmarshal was set to use the SMTP servers of our old ISP (Mistral).

I'm guessing because we have moved over to a new ISP they could block access to their own SMTP servers which would stop email, but would it give this error message?

I've changed the SMTP server to our new ISP and am now getting the error message:
"Your message:
   From:    XXX.XXX@XXXXX.co.uk
   Subject:

Could not be delivered because of

554 5.7.1 <XXX.XXX@XXXXX.co.uk>: Sender address rejected: Access denied

The following recipients were affected:
    XXX@outlook.com




Additional Information
======================
Original Sender:    <XXX.XXX@XXXXX.co.uk>
Sender-MTA:         <SERVER2>
Reporting-MTA:      <SERVER1.XXXXX.co.uk>
MessageName:        <B5350de510000.000000000001.0001.mml>
Last-Attempt-Date:  <09:12:01 Fri, 18 April 2014>"
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 500 total points
ID: 40008467
If you are trying to use the SMTP servers of the old ISP, then that would give the error you are receiving, because most ISPs will only allow their own customers to relay. Therefore you either have to set it up to use the new ISP or direct delivery.

Simon.
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
Local Continuous Replication is a cost effective and quick way of backing up Exchange server data. The following article describes the steps required to configure Local Continuous Replication. Also, the article tells you how to restore from a backup…
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now