• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 76
  • Last Modified:

Authentication problem using Smarthost in Exchange 2010

I use smtp.nyc.rrr.com as my smarthouse in Exhange 2010.  This works fine with no authentication as long as I am connected to the Time Warner Roadrunner network (my ISP).  However, from time to time TWC goes down and I have a dual WAN router with Verizon DSL set up as a failover ISP.

When this happens, TWC RR smtp servers will not relay my outgoing mail.  I input my TWC RR email and password to authenticate but my outgoing mail is still rejected.  I get the following error message:

The following organization rejected your message: dnvrco-oedge03.
junk@rackson.com
dnvrco-oedge03 #554 From address must match authentication [R0107004] ##

I also have a yahoo bixzmail account (smtp.bizmail.yahoo.com) but I can;'t seem to get that to work on either the TWC ISP connection or the Verizon DSL connection.

Can anyone help me?

thanks.

UPDATE:  I think the problem may be that the "from" address on my mail leaving exchange is NOT the email address assigned to me by TWC RR..
0
Randy_R
Asked:
Randy_R
  • 15
  • 7
  • 6
2 Solutions
 
Simon Butler (Sembee)ConsultantCommented:
Correct.
Your ISP will only allow their own domains to relay through their servers from outside their network.
Inside their network it doesn't matter.

Otherwise spammers would just get a username and password and start spamming through their servers like crazy, which would be impossible to stop.

If you must use a smart host then you will need to use a carrier neutral smart host. This could be one of the SMTP relay/mail hop services or a spam filtering provider.

Simon.
0
 
Randy_RAuthor Commented:
Do you have any suggestions for me on who I could use?

The "from" address I am sending from is actually a Yahoo bizmail address, so that server should work but requires port 465, which for some reason TWC seems to be blocking?
0
 
Simon Butler (Sembee)ConsultantCommented:
I haven't used any dedicated service to be able to recommend one. I have my own server for doing that job. Most clients will be using the outbound server of their filtering provider.

Simon.
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
Randy_RAuthor Commented:
Can a backup smarthost be setup so that should roadrunner fail over to verizon, that smarthost will be used?  I would set verizons smtp serverto be the backup if that can be done.
0
 
Randy_RAuthor Commented:
Also do you know if twc blocks 465 have another reason why it would seem dead?
0
 
Randy_RAuthor Commented:
Ok, so I tried yahoo as my smart server (smtp.bizmail.yahoo.com) using the same port, credentials and sender that I use successfully on my phone with this smtp server, and the mail just sits in my exchange queue for that smarthost.

Any idea what is going on?
0
 
Gareth GudgerCommented:
Just curious? What is the business need for the smart host? Any reason you can't just send directly to the internet?

If you need a smart host you may also want to look at something that does double duty as an outbound message hygiene service like Exchange Online Protection. Can be used for inbound too.

Does all your spam and virus protection for $1 per user/month.

No more worries about smart hosts after that. It will always work.
0
 
Simon Butler (Sembee)ConsultantCommented:
I cannot comment on US based ISP behaviour as I am not in the USA, have only been there once and that was over ten years ago. Therefore I have no idea whether they block the port or not. You would have to call their support and ask.

There is also no concept of failover or backup smart host configuration in Exchange, hence the need to use a carrier neutral service. If you configure both smart hosts in Exchange then Exchange will attempt to use both.

Simon.
0
 
Randy_RAuthor Commented:
Got it Simon.  Thanks. I think I figured it out though. I had a bad dns server entry on the network card of the machine running exchange. I changed that and the yahoo server now works with both isps.I just don't understand how it worked before at all now!
0
 
Randy_RAuthor Commented:
Oooops!  I spoke too soon.   It does work for the specific user in the domain whose credentials match the authentication credentials entered for the smarthost.  But it does not work for other users in the domain (yahoo bounced those users outgoing email, even though they also have yahoo accounts).  Is there any way around this?

If not, I guess I will just have to update the smarthost manually when TWC goes down to be the Verizon smarthost?
0
 
Simon Butler (Sembee)ConsultantCommented:
ISPs smart hosts are not really designed to be used with servers, they are designed for use when end users have a POP3 account and are sending email as themselves. There are usually no work arounds because the ISP wants you on a business class connection.

Do you not have a static IP address?

Simon.
0
 
Randy_RAuthor Commented:
No.  TWC RR residential.  The ip is fixed for all intents and purposes as it only changes when the router mac interface changes (otherwise always give the same ip) but I don't have access to the ptr record to set up reverse dns.

I guess I'm stuck with manually updating the smarthost during downtime, which is not the biggest deal, but I was hoping to work around it?

Randy
0
 
Gareth GudgerCommented:
Any thoughts on my comment as an option?
0
 
Randy_RAuthor Commented:
You mean Exchange Online Protection?  I don't know anything about it?
0
 
Gareth GudgerCommented:
Its Microsoft's cloud based anti-spam product.
http://products.office.com/en-us/exchange/microsoft-exchange-online-protection-email-filter-and-anti-spam-protection-email-security-email-spam

You get the beauty of a message hygiene product for inbound and outbound mail. So you can direct your MX records to EOP. It scans them for spam and viruses and them forwards to your server. If your server or internet connection is down, it will store messages for up to 5 days.

On the flipside you can also use it for outbound virus scanning. That means you can use it for a smarthost. All email comes in through EOP and all mail goes out through EOP. The other beauty of this, is it is highly available. They have datacenters all over the world for EOP.
0
 
Randy_RAuthor Commented:
Definitely sounds interesting.  I'm not really worried about viruses as I filter all my mail through yahoo who hosts the domain, but a multi-isp smarthost server would be great.  I assume you can use it only for outbound Simon?
0
 
Simon Butler (Sembee)ConsultantCommented:
A carrier neutral smart host would be for outbound email only.
Something like Microsoft Online protection would be for inbound and outbound.

Simon.
0
 
Randy_RAuthor Commented:
I would have to use it for both Simon?  I couldn't just set up the outbound and not the inbound?

In terms of carrier neutral hosts, do you know of any?
0
 
Simon Butler (Sembee)ConsultantCommented:
You could use it for just outbound email, depends whether you are paying for just email delivery or something extra. If you went with the suggestions of a filtering service, then it doesn't make sense to pay for that and not use it.

As for service suggestions, I have none that I can recommend as I have my own server to do the job. There are quite a few of them around though - as I suggested above, google for mail hop or SMTP relay services.

Simon.
0
 
Randy_RAuthor Commented:
I looked into EOP, but there is a problem.  I was able to authenticate that I own my domain, but the inbound connector which accepts outbound mail from my server wants a fixed ip (or series of fixed ips).  The whole reason I need a smarthost to begin with is that my ip is dynamic, so it looks like this solution won't work for me.

I do have a mail certificate, but I think it is faulty.  There is an option to use that instead of an ip.  Do you think it would work?
0
 
Gareth GudgerCommented:
Ah ok. This all makes sense. You did mention residential ISP.

I believe EOP wants a fixed IP for outbound as well.

Is this for a home based business or is it for a lab? Just curious as to the business need.

If a home based business, you may be better served just moving to Exchange Online Plan 1. Which is $4 per user/month. Gives you 50GB mailboxes in the Cloud and all the benefits of Exchange Server. Actually Exchange Online gets new features before on premise does. The only disadvantage is you do give up some control. But then the positive is your mail environment is fully redundant across multiple datacenters.
0
 
Randy_RAuthor Commented:
It's a home business Gateth.  We run an exchange server as most of our mail is in house and I like having the control here and easy access to each others calendars.  I've found a mail relay service called EasySMTP, which claims to provide a free relay for the volume of outbound mail we send.  Do you know anything about it?

Again, this is only to provide automatic failover when TWC RR goes down, which is not all that frequent.
0
 
Simon Butler (Sembee)ConsultantCommented:
This is one thing I wouldn't want to use a free service for.
Free services get abused, which gets them blacklisted. I have never heard of that service myself.

Another option to consider is putting the server in a data centre. Then all you are doing is connecting to it over the internet - it doesn't matter how.

Simon.
0
 
Randy_RAuthor Commented:
Easy-DNS is run by ReachMail, which seems to have a good reputation, no?
0
 
Gareth GudgerCommented:
Haven't heard of those guys either.
0
 
Randy_RAuthor Commented:
I think my best route is just to switch my smarthost to my backup isp smtp server manually in the event of a failure.
0
 
Gareth GudgerCommented:
Seems like might be the only solution. I would definitely look at Office 365 though.
0
 
Randy_RAuthor Commented:
Thanks Gareth.
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

  • 15
  • 7
  • 6
Tackle projects and never again get stuck behind a technical roadblock.
Join Now