Announcement

Collapse
No announcement yet.

550 5.7.1 error for authenticated relay.

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • 550 5.7.1 error for authenticated relay.

    "550 5.7.1 Client does not have permission to send as this sender" This is the error when I try to send an email with domain2 in the from field on domain1 (My Exchange Server) SMTP.

    Exchange Server on a single Windows 2003 Server R2 x64. I don't have an Edge Transport Server so I added a send connector to send to *. I then also allowed annonymous connections on SMTP port 25 to the Exchange Server. I then used the PS script to install the SMAP filter. Sending and recieving Domain1, the Exchange domain works fine.

    Domain2, an hMailServer is on the same Server on a different IP. It is used for webmail and its SMTP software does not allow even local users to relay. Only localhost connections can relay. The webmail software connect this way. I do allow all users to connect to Domain2 by IMAP, but not SMTP. Me and select account were previously given Windows User accounts and passwords to use MS SMTP before I installed Exchange. That worked.

    Technet has more on this error at the bottom of this article: http://technet.microsoft.com/en-us/l.../aa997170.aspx. However, I don't have domain2 anywhere in the settings of Exchange, and especially not as an domain for which Exchange is authoritative.

  • #2
    Re: 550 5.7.1 error for authenticated relay.

    i y be a mile off but when I had Exchange 2003 and 2007 on the same organisation, a connector existed to allow mail routing between the servers and Exchange 2007 was used for all internet email. This was turned off on the Exchange 2003 box.

    Did you install SMTP on the Exchange 2007 server yourself. If so, that may be the issue. Exchange 2007 has its own built-in.

    Comment


    • #3
      Re: 550 5.7.1 error for authenticated relay.

      No, I had to move servers from 32bit to 64bit when I decided to go for exchange 2007. So everything was installed fresh, with actually exchange the first to go on the server before I slowly migrated websites and the old hMailServer (which runs completely inside one process, hMailServer.exe)

      I've tried relaying as other domains, I get the same error. So appearently Exchange thinks my users are not allowed to send as anyone else on the internet.

      I understand relaying is on by default for authenticated users. But of course I have a single server installation... idk if that is a problem...

      Comment


      • #4
        Re: 550 5.7.1 error for authenticated relay.

        Originally posted by LJKelley View Post
        No, I had to move servers from 32bit to 64bit when I decided to go for exchange 2007. So everything was installed fresh, with actually exchange the first to go on the server before I slowly migrated websites and the old hMailServer (which runs completely inside one process, hMailServer.exe)

        I've tried relaying as other domains, I get the same error. So appearently Exchange thinks my users are not allowed to send as anyone else on the internet.

        I understand relaying is on by default for authenticated users. But of course I have a single server installation... idk if that is a problem...
        I see. So you didn;t transition to it. I did with mine.

        So am I right in saying that you didn't install SMTP before installing Exchange 2007?

        I'll find my transition post. I sum up the steps taken at the end, so may be useful.

        Edit: Here it is.

        http://forums.petri.com/showthread.php?t=26648

        When I decided to allow all mail to flow through the new Exchange server, I allowed anonymous access to the receive connector and created a new SMTP connector with '*' and made sure the cost was lower that the Exchange 2003 send connector. I made the Exchange 2003 one a 2 and the new one a 1. When all that was working, I completed the appropriate remaining transition steps.
        Last edited by Virtual; 17th March 2009, 19:09.

        Comment


        • #5
          Re: 550 5.7.1 error for authenticated relay.

          Yep, no transition here. Nope I took a blank Server 2003 R2 x64 and installed ActiveDirectory and IIS. No SMTP installed. Then I installed Exchange 2007. I then enabled the Default Receive Connector to allow anonymous email. And then I installed a Send Connector to *.

          I also added domain1.co.uk in addition to domain1.net as an authorative domain.

          Everything is regards to domain1.net & domain1.co.uk including sending and receiving including using 3rd party software sending thru SMTP works.

          Attempting to send thru relay from any domain is blocked regardless of If i send as domain 2 or hotmail or gmail. It gives the same error. "550 5.7.1 Client does not have permission to send as this sender" I've been trying to thru the settings to see if I did something wrong... I can't find anything.
          Last edited by LJKelley; 17th March 2009, 22:05.

          Comment


          • #6
            Re: 550 5.7.1 error for authenticated relay.

            SOLVED!! Appearently Exchange does not allow Authenticated Users to send as 'any sender' by default.

            To change that enter this command in exchange shell:
            Code:
             
            Add-AdPermission -Identity "Default Receive Connector" -User "NT AUTHORITY\Authenticated Users" -ExtendedRights ms-Exch-SMTP-Accept-Any-Sender
            Remember to change Default Receive Connector to the name or your Receive Connector. This does not allow another user to spoof any internal user though according to my tests, but it does now allow my domain2 to relay thru domain1 provided the user is authenticated.

            More information below:
            http://technet.microsoft.com/en-us/l.../aa997170.aspx
            http://www.exchangeninjas.com/TUPMPermissions

            Comment

            Working...
            X