Solved

550 REJ-RELAY-001: relay not permitted after network change.

Posted on 2014-04-18
3
829 Views
Last Modified: 2014-04-22
We recently moved all of our offices over to a Private Network which went well with all offices instantly having access to their emails and network shares.

We also successfully repointed all services to the new IP addresses with external email being delivered, webmail being presented etc

Also internal email is flowing fine.

The problem is whenever anyone tries to send an external email we get a bounceback:
"Your message:
   From:    XXX.XXX@XXXXX.co.uk
   Subject: Test external

Could not be delivered because of

550 REJ-RELAY-001: relay not permitted

The following recipients were affected:
    XXX@outlook.com




Additional Information
======================
Original Sender:    <XXX.XXX@XXXXX.co.uk>
Sender-MTA:         <SERVER2>
Reporting-MTA:      <SERVER1.XXXXX.co.uk>
MessageName:        <B5350d3be0000.000000000001.0001.mml>
Last-Attempt-Date:  <08:26:54 Fri, 18 April 2014>"

So SERVER1 is our main Exchange 2003 box that is in Head Office, SERVER2 is in a satellite office (we also have a SERVER3 in another office).

We also have Mailmarshal in place for our Anti-spam solution.

All offices have an internet connection, all servers are set up in System Manager to be allowed to relay.

I've made sure the new ISP has set up a PTR record which was the same as the previous fixed IP we used for Head Office.

So am at a bit of a loss now...
0
Comment
Question by:Martin Brooks
  • 2
3 Comments
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 40008358
I suspect that you need to change the relay settings somewhere else - probably on the Mail Marshall box. There is no need to allow relaying within ESM - I would actually encourage you to change that to not allow relaying. Exchange will allow messages to be passed through the servers if you have an SMTP Connector to route email to another server.

Simon.
0
 

Author Comment

by:Martin Brooks
ID: 40008362
Just checked on Mailmarshal and both those servers are set up to allow relay.

But I did notice Mailmarshal was set to use the SMTP servers of our old ISP (Mistral).

I'm guessing because we have moved over to a new ISP they could block access to their own SMTP servers which would stop email, but would it give this error message?

I've changed the SMTP server to our new ISP and am now getting the error message:
"Your message:
   From:    XXX.XXX@XXXXX.co.uk
   Subject:

Could not be delivered because of

554 5.7.1 <XXX.XXX@XXXXX.co.uk>: Sender address rejected: Access denied

The following recipients were affected:
    XXX@outlook.com




Additional Information
======================
Original Sender:    <XXX.XXX@XXXXX.co.uk>
Sender-MTA:         <SERVER2>
Reporting-MTA:      <SERVER1.XXXXX.co.uk>
MessageName:        <B5350de510000.000000000001.0001.mml>
Last-Attempt-Date:  <09:12:01 Fri, 18 April 2014>"
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 500 total points
ID: 40008467
If you are trying to use the SMTP servers of the old ISP, then that would give the error you are receiving, because most ISPs will only allow their own customers to relay. Therefore you either have to set it up to use the new ISP or direct delivery.

Simon.
0

Featured Post

[Webinar] Disaster Recovery and Cloud Management

Learn from Unigma and CloudBerry industry veterans which providers are best for certain use cases and how to lower cloud costs, how to grow your Managed Services practice in IaaS clouds, and how to utilize public cloud for Disaster Recovery

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now