Exchange 2007 configuration for authenticated desktop app relay
-
Wednesday, January 16, 2013 4:21 PM
Granted there are numerous posts about the error "5.7.1 client does not have permissions to send as sender", my scenario is slightly different, and I can't find help for it. Here's the basic C# from a WPF app:
email.From = new MailAddress(loggedInUser); var client = new SmtpClient(exchangeServer); client.DeliveryMethod = SmtpDeliveryMethod.Network; client.UseDefaultCredentials = true; client.Send(email);If I set up an anonymous receive connector and remove the default credentials, it works, but we must authentiate the client. This code will not work unless network admin adds a send-as permission for self to my account, but the send-as permission is automatically removed shortly afterwards (by design, I understand, for elevated accounts). The good news is that the required send-as permission remains for normal users.
So my question is how to properly configure the Exchange 2007 server for Windows authentication from a desktop (WPF) app. And must we have this send-as self permission that gets automatically removed (I read one post where the developer scheduled a script to keep adding the permission back!).
- Edited by dwroberson Wednesday, January 16, 2013 4:44 PM
All Replies
-
Thursday, January 17, 2013 1:41 PMModerator
Hello,
For this question, I suggest you go to ask on development forum.
Exchange Previous Versions - Development
http://social.technet.microsoft.com/Forums/en-US/exchangesvrdevelopmentlegacy/threadsThanks,
Evan
Evan Liu
TechNet Community Support
-
Thursday, January 17, 2013 3:16 PM On Wed, 16 Jan 2013 16:21:29 +0000, dwroberson wrote:>>>Granted there are numerous posts about the error "5.7.1 client does not have permissions to send as sender", my scenario is slightly different, and I can't find help for it. Here's the basic C# from a WPF app: email.From = new MailAddress(loggedInUser);>> var client = new SmtpClient(exchangeServer);> client.DeliveryMethod = SmtpDeliveryMethod.Network;> client.UseDefaultCredentials = true;> client.Send(email);>>>If I set up an anonymous receive connector and remove the default credentials, it works, but we must authentiate the client. This code will not work unless network admin adds a send-as permission for self to my account, but the send-as permission is automatically removed shortly afterwards (by design, I understand, for elevated accounts). The good news is that the required send-as permission remains for normal users.>>So my question is how to properly configure the Exchange 2007 server for Windows authentication from a desktop (WPF) app. And must we have this send-as self permission that gets automatically removed (I read one post where the developer scheduled a script to keep adding the permission back!).If the credentials you use for authentication aren't those of theaddress in the MAIL FROM then the receive connector is going to regardthat situation as address spoofing.E.g. You authenticate as domain\user1 (and that user has a a SMTPaddress of user1@domain.com) but you send a message using "MAILFROM:<differentuser@domain.com>". That's a "spoofed" address. Itdoesn't belong to the account that was authenticated.You need to assign the "ms-Exch-SMTP-Accept-Any-Sender" extended rightto the domain\user1 user (using the example above) on the ReceiveConnector.---Rich MatheisenMCSE+I, Exchange MVP
--- Rich Matheisen MCSE+I, Exchange MVP- Proposed As Answer by _PSS_ Thursday, January 24, 2013 12:38 AM
- Marked As Answer by Evan LiuModerator Thursday, January 31, 2013 9:58 AM
-
Thursday, January 17, 2013 8:41 PM
Done. Thanks.
.png)
