none
redirecting email causes #5.7.1 smtp:550 5.7.1 Client does not have permission to send as this sender

    Question

  • Hi, I need advice on how to troubleshoot an "Undeliverable" issue with emails FROM our server to another exchange server, which is then redirected BACK to another user on our server.   Let me try and explain further:

     

    1) user me@myserver.com sends an email to user xyz@abcserver.com

    2) user xyz@abcserver.com has a rule that redirects ALL received emails to xyz@myserver.com

    Unfortunately, the email does not come to xyz@myserver.com and user me@myserver.com gets the following error:

     

     

    Diagnostic information for administrators:

     

    Generating server: abcserver.com

     

    xyz@myserver.com
    myserver.com #<myserver.com #5.7.1 smtp;550 5.7.1 Client does not have permissions to send as this sender> #SMTP#

     

    If I send an email from xyz@abcserver.com to me@myserver.com, it works perfectly. Is there a permission setting I need to look into? Also, I would prefer a solution to this problem that does not open relaying for anonymous users. Thanks! -sul

    Thursday, April 22, 2010 5:49 PM

Answers

  • Any help from:

    http://social.technet.microsoft.com/Forums/en-US/exchangesvrtransport/thread/97b5f6c4-a332-4b69-8580-4e66a605c35e

     


    Ok, i've gotten it to work...!  I created a custom receive connector to handle just the ip addresses that we want to allow for open relaying.  We can now receive redirected emails  (myserver -> abcserver -> myserver).  Unfortunately, the emails end up in Junk E-mail.  The SCL score is between 4 and 6.  To resolve this, I added the two ip addresses to the IP Allow List under the Anti-spam tab on the Server Hub Transport.  Doing this gives generates a -1 score for SCL, which, I think means that it is an internally trusted email.

    Thanks for everyone's help!

    -s.

    • Marked as answer by Elvis Wei Wednesday, April 28, 2010 9:01 AM
    Friday, April 23, 2010 5:26 PM

All replies

  • What Exchange version are you running?
    Thursday, April 22, 2010 6:00 PM
  • Hi, I'm running Exchange 2007.

    Thanks!

     

    Thursday, April 22, 2010 9:40 PM
  • If the objective is just to get the email to the target mailbox, why not just use a transport rule to redirect it on it's way out?

     

    Thursday, April 22, 2010 10:17 PM
  • I have already tried this solution.  After creating another connector, and setting the approprate permissions for Anonymous Logon, the emails no longer transmit nor do I receive an undeliverable result; the email just dissapears.     here are the extended rights permissions for anonymous logon for the new connector:

    User                                                        ExtendedRights
    ----                                                        --------------
    NT AUTHORITY\ANONYMOUS LOGON     {ms-Exch-SMTP-Submit}
    NT AUTHORITY\ANONYMOUS LOGON     {ms-Exch-SMTP-Accept-Any-Sender}
    NT AUTHORITY\ANONYMOUS LOGON     {ms-Exch-SMTP-Accept-Authoritative-Domain-Sender}
    NT AUTHORITY\ANONYMOUS LOGON     {ms-Exch-Accept-Headers-Routing}
    NT AUTHORITY\ANONYMOUS LOGON     {ms-Exch-SMTP-Accept-Any-Recipient}
    NT AUTHORITY\ANONYMOUS LOGON     {ms-Exch-Store-Create-Named-Properties}
    NT AUTHORITY\ANONYMOUS LOGON     {ms-Exch-Create-Public-Folder}

    Any suggestions how to troubleshoot what is happening?

    -s.

     

    Thursday, April 22, 2010 11:48 PM
  • I'm a newbie and i'm actually not sure what you mean by transport rule.  What are the steps? i.e.: via GUI or PowerShell commands?

    Thanks for your help!

    -s.

    Thursday, April 22, 2010 11:51 PM
  • Either one.  First, if you don't already have one, create a Mail Contact for xyz@abcserver.com.

    Then open up the Exchange Management Console, and go to Organization|Hub Transport and open up the Trasport Rules tab.  Over on the right, select New Transport Rule. 

    Create a rule with Conditions that say if an email is from me@myserver.com and to xyz@abcserver.com and an Action of redirect the message to xyz@myserver.com

     

    The email gets sent from me@myserver.com to xyz@abcserver.com.  The transport rule intercepts it, redirects it to xyz@myserver.com, and you just leave xyz@abcserver.com out of the loop.

    Friday, April 23, 2010 12:12 AM
  • Thanks!   I think this would work for a specific account, however, I forgot to mention that my example was arbitrary and that i'm looking for a general solution that would work for all accounts that might have this type of redirection issue.

    For now, I'm going to dabble a little bit more with creating a custom recipient connector, which I hope will resolve my issue.

    Thanks again for your help and insight,

    -s.

    Friday, April 23, 2010 2:59 AM
  • Ew.  I don't know how to do that without making it an anonymous relay.  That's basically what it is, since the server doesn't  have any way to know if it was really the result of a redirction rule on the original recipient's end or not.
    Friday, April 23, 2010 11:02 AM
  • Alot of that depends on whether the Exhcange Server is exposed directly to the internet or not.
    Friday, April 23, 2010 12:05 PM
  • Any help from:

    http://social.technet.microsoft.com/Forums/en-US/exchangesvrtransport/thread/97b5f6c4-a332-4b69-8580-4e66a605c35e

     


    Ok, i've gotten it to work...!  I created a custom receive connector to handle just the ip addresses that we want to allow for open relaying.  We can now receive redirected emails  (myserver -> abcserver -> myserver).  Unfortunately, the emails end up in Junk E-mail.  The SCL score is between 4 and 6.  To resolve this, I added the two ip addresses to the IP Allow List under the Anti-spam tab on the Server Hub Transport.  Doing this gives generates a -1 score for SCL, which, I think means that it is an internally trusted email.

    Thanks for everyone's help!

    -s.

    • Marked as answer by Elvis Wei Wednesday, April 28, 2010 9:01 AM
    Friday, April 23, 2010 5:26 PM