Relay through Excahnge 2010 using user account

I'm just coming to the end of an Exchange 2003 to 2010 migration and have one issue I cannot seem to solve before I can start turning the old kit off, we have a third party piece of software that sends emails from the client using a service account username/pass. if I point it at the old system all email goes through fine, point it at the new system and it fails with a really generic error (email could not be sent) if I log on to a desktop as the service account and open outlook I can send with no problems at all, nothing in the logs on Exchange to say why it's failing. if it was a single server I would just add the IP to the relay connector but I can't do that for every client pc on the network, any ideas, I'm guessing I need a way to send as "authenticated users" but can't find the option on 2010.....
Jon CarneyInfrastructure EngineerAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Guy LidbetterCommented:
Hi There,

Go to Server Configuration > Hub Transport > open the receive connector and have a look at the authentication tabs.


Jon CarneyInfrastructure EngineerAuthor Commented:
Basic auth and windows auth on Default and client connectors, external on relay connector
Simon Butler (Sembee)ConsultantCommented:
The Client Receive connector is setup for authenticated relaying, but uses TLS to protect the connection.
Therefore if your application can support TLS and use the specified port, just reconfigure it.

The Default receive connector is not configured for authenticated relaying and I would not advise you change that.
If you want to allow authenticated relaying from an internal resource on port 25, then setup a Connector specifically for that.

External Authentication turns the server in to an open relay. If you need an anonymous relay connector then you should configure one in the correct way.

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Jon CarneyInfrastructure EngineerAuthor Commented:
Thanks for the reply
Meant to say, the relay connector is locked down to specific server IP addresses which is why external authentication is being used so not an open relay, good point on the client connector didn't think about ports.
The issue I have is that the client is installed on about 90% of the PCs in the company, if  was to create a specific connector allowing authenticated relay would all email from the client subnet then start routing through this connector? including user email?
Guy LidbetterCommented:
Hi Jon,

Your users will send mail through the HUB mail queue and out via your send connector so will not be affected.

If you configure a specific send connector for internal systems to relay out, within the scoping "remote network settings"option you would configure the IP range of your internal subnet ranges the client computers are on, and the Adapter bindings to the IP's of the HUB servers on port 25.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Jon CarneyInfrastructure EngineerAuthor Commented:
Created a new receive connector and used basic/windows auth, works great! Thanks
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.