Ondřej Náplava
asked on
Exchange 2013 - smtp auth for external->internal relay
Hi,
I have a problem with my Exchange Server 2013. I need to find a solution for this situation, but i can not find that on technet or etc , Only similar problems.
Example:
OPEN mail.my_exch_server.cz 25
220 OPEN mail.my_exch_server.cz 25 Microsoft ESMTP MAIL Service ready
EHLO
250-mail.my_exch_server.c
250-SIZE 104857600
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-STARTTLS
250-AUTH
250-8BITMIME
250-BINARYMIME
250 CHUNKING
MAIL FROM: any@dont_exist_mail.com
250 2.1.0 Sender OK
RCPT TO: postmaster@our_accepted_do
250 2.1.5 Recipient OK
DATA
354 Start mail input; End with <CRLF>. <CRLF>
To: postmaster@our_accepted_do
From: CEO@our_accepted_domain.co
Subject: You're dismissed!
.
250 2.6.0 <826 @ mail..my_exch_server.cz> [InternalId = 963, Hostname = mail..my_exch_server.cz] Queued mail for delivery
With use telnet mail.my_exch_server.com 25 and trying send email out of the server
to external RCPT (example gmail.com), telnet said 550 5.7.1 Unable to relay, thats OK.
I need a fixed problem with sending email via my SMTP for accepted domains.
Simply MAIL FROM: any_email_address@my_exch_
Now you could send your email to your employee (Employee1@ourcompany.cz) but employee rcpt email from boss@ourcompany.cz. Its realy big securuity problem.
Probably is a problem with RECIVE Frontend Transport Service, but i dont know a solution.
Requested respone from mail.my_exch_server.cz: 25
OPEN mail.my_exch_server.cz 25
220 OPEN mail.my_exch_server.co.uk 25 Microsoft ESMTP MAIL Service ready
EHLO
250-mail.my_exch_server.c
250-SIZE 104857600
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-STARTTLS
250-AUTH
250-8BITMIME
250-BINARYMIME
250 CHUNKING
MAIL FROM: any@dont_exist_mail.com or boss@our_accpeted_domain.c
250 2.1.0 Sender OK
RCPT TO: postmaster@our_accepted_do
550 5.7.1 Unable to relay
Thanks for tips or hints to fix this problem.
Ondřej Náplava
I have a problem with my Exchange Server 2013. I need to find a solution for this situation, but i can not find that on technet or etc , Only similar problems.
Example:
OPEN mail.my_exch_server.cz 25
220 OPEN mail.my_exch_server.cz 25 Microsoft ESMTP MAIL Service ready
EHLO
250-mail.my_exch_server.c
250-SIZE 104857600
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-STARTTLS
250-AUTH
250-8BITMIME
250-BINARYMIME
250 CHUNKING
MAIL FROM: any@dont_exist_mail.com
250 2.1.0 Sender OK
RCPT TO: postmaster@our_accepted_do
250 2.1.5 Recipient OK
DATA
354 Start mail input; End with <CRLF>. <CRLF>
To: postmaster@our_accepted_do
From: CEO@our_accepted_domain.co
Subject: You're dismissed!
.
250 2.6.0 <826 @ mail..my_exch_server.cz> [InternalId = 963, Hostname = mail..my_exch_server.cz] Queued mail for delivery
With use telnet mail.my_exch_server.com 25 and trying send email out of the server
to external RCPT (example gmail.com), telnet said 550 5.7.1 Unable to relay, thats OK.
I need a fixed problem with sending email via my SMTP for accepted domains.
Simply MAIL FROM: any_email_address@my_exch_
Now you could send your email to your employee (Employee1@ourcompany.cz) but employee rcpt email from boss@ourcompany.cz. Its realy big securuity problem.
Probably is a problem with RECIVE Frontend Transport Service, but i dont know a solution.
Requested respone from mail.my_exch_server.cz: 25
OPEN mail.my_exch_server.cz 25
220 OPEN mail.my_exch_server.co.uk 25 Microsoft ESMTP MAIL Service ready
EHLO
250-mail.my_exch_server.c
250-SIZE 104857600
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-STARTTLS
250-AUTH
250-8BITMIME
250-BINARYMIME
250 CHUNKING
MAIL FROM: any@dont_exist_mail.com or boss@our_accpeted_domain.c
250 2.1.0 Sender OK
RCPT TO: postmaster@our_accepted_do
550 5.7.1 Unable to relay
Thanks for tips or hints to fix this problem.
Ondřej Náplava
ASKER
Thanks for respone MAS,
if exchange server IP is 192.168.1.2 (for example) and "new recive connector" will had set this ip, will be only IP 192.168.1.2 accepted for sending emails?
And in same network, device with ip 192.168.1.3 couldn't send email via telnet for example?
Right?
Thanks
Ondřej Náplava
if exchange server IP is 192.168.1.2 (for example) and "new recive connector" will had set this ip, will be only IP 192.168.1.2 accepted for sending emails?
And in same network, device with ip 192.168.1.3 couldn't send email via telnet for example?
Right?
Thanks
Ondřej Náplava
yes you are correct.
Cheers
MAS
Cheers
MAS
ASKER
Dear MAS,
could u give me more info about setting up new connector (like ROLE and etc. ?)
+ any changes for Default Fronted connector or send connector?
Default Fronted connector now listen all on ipv4 and ipv6 port 25
Thanks
Ondřej Náplava
could u give me more info about setting up new connector (like ROLE and etc. ?)
+ any changes for Default Fronted connector or send connector?
Default Fronted connector now listen all on ipv4 and ipv6 port 25
Thanks
Ondřej Náplava
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
It depends on the source IP. if you allow relay on the source IP it will allow relay.
You will have to configure a new receive connector to allow this particular IP.
Create a new receive connector and add the source server IP and run the below command.
Open in new window
Thanks
MAS