none
Configure authenticated SMTP relay in Exchange 2007/2010

    Question

  • I'm doing some testing on a newly setup Exchange 2010 RC machine that is configured with the default roles (Client Access, Hub Transport, Mailbox & UM).  I'm testing to figure out how to configure our production Exchange 2007 server to allow for users to use POP from their cell phones.  I've enabled the POP service on the server, and I am able to download messages just fine into Windows Live Mail, which is on the Exch2010 server.  I can't for the life of me figure out how to allow authenticated SMTP relay, though.  I really need someone to provide a step by step guide on what to do for this, as I've read many articles online, and none of them have solved the issue.

    On the Server Configuration -> Hub Transport -> Default (servername) Properties -> Authentication tab, TLS, Basic Auth (Offer Basic auth only after starting TLS), Exchange Server auth, and Integrated Windows auth are all selected.  On the Permission Groups tab, I've selected Anonymous Users, Exch Users and Exch Servers, Legacy Exch Servers.

    On the Client (servername) Properties -> Authentication tab, TLS, Basic Auth (Offer Basic auth only after TLS), and Integrated Windows auth are selected.  On the Permission Groups tab, Anonymous users and Exchange users are selected.

    In Windows Live Mail, I have my incoming and outgoing servers set to localhost.  For incoming, my username is drew (my domain username).  I typed my domain pw in the pw box.  Log on using clear text auth is selected.  So far, this has seemed to work for incoming mail.

    Outgoing is the problem, however.  I have selected "My server requires authentication", and under settings I've tried selecting "use same settings as incoming" and "Log on using" and tried typing the same username & pw as incoming, but also typed the full email address as well.  I've also tried this with selecting "Log on using Secure Password Authentication".

    Under the advanced tab, I have set POP for port 995 and required SSL.  For SMTP I've tried ports 25 and 587, both requiring and not requiring SSL.

    I'm now stumped.  Where do I go from here?

    Wednesday, September 09, 2009 2:52 PM

Answers

  • I hooked my Outlook client up to our production Exchange 2007 server and all seems to be working fine there.  Not so much on the Exchange 2010 server, but there are many factors there that could contribute to that.  The most important thing is that the production server is functioning as it should be.  Thanks for the help!
    Drew Green MCSA, Security+, Network+, A+
    • Marked as answer by Mike Shen Tuesday, September 15, 2009 1:12 AM
    Monday, September 14, 2009 4:41 PM

All replies

  • Hi,

     

    Please understand by default, the Exchange Server allows the authenticated user to relay email. It is because by default the Authenticated users group has ms-Exch-SMTP-Accept-Any-Recipient permission.

     

    At this time, please let me know:

     

    1. Whether the client connects to Exchange 2010 to submit message? If you configure the clients to connect to Exchange 2007, whether the issue persists? If the issue does not encountered, I suggest you create a thread on Exchange 2010 forum regarding the issue:

     

    http://social.technet.microsoft.com/Forums/en-US/exchange2010/threads

     

    2. If the issue persists, when client connects to Exchange 2007, I also suggest you configure Outlook client (POP3/SMTP) to check whether the issue can be solved. If the Outlook client does not encounter the problem, I think that it is a client side issue and we need to focus on Windows Live Mail client regarding the issue

     

    3. If the issue persists by using Outlook client, I suggest you perform following steps:

     

    a.      Configure the Client Receive Connector to disable Anonymous Users Group

    b.      Configure the Outlook to use Client Receive Connector (587) to submit message. You should configure Profile like below:

     

    Outgoing Server tab: My outgoing server (SMTP) requires authentication->Use same settings as my incoming mail server

    Advanced tab: Outgoing Server port: 587. Select “This server requires an encrypted connection (SSL)” option. If you have Outlook 2007, please select TLS

     

    Please check whether the issue persists. If the issue still persists, please let me know the error you received when attempting to send message. Please also enable logging on the Client Receive Connector (Protocol logging level: Verbose) and post related SMTP log here for further check.


    Mike Shen 

    TechNet Subscriber Support in forum

    If you have any feedback on our support, please contact tngfb@microsoft.com  

     

    Thursday, September 10, 2009 4:17 AM
  • Hi,

    Any updates regarding the issue?

    Thanks,
    Mike
    Monday, September 14, 2009 11:59 AM
  • Hi,

    Any updates regarding the issue?

    Thanks,
    Mike
    Mike,

    I appreciate your help so far.  I just got back into the office (and I didn't see that you had posted the original message until today).  I will try your suggestions and post my findings.

    Thanks,

    Drew

    Drew Green MCSA, Security+, Network+, A+
    Monday, September 14, 2009 12:56 PM
  • I hooked my Outlook client up to our production Exchange 2007 server and all seems to be working fine there.  Not so much on the Exchange 2010 server, but there are many factors there that could contribute to that.  The most important thing is that the production server is functioning as it should be.  Thanks for the help!
    Drew Green MCSA, Security+, Network+, A+
    • Marked as answer by Mike Shen Tuesday, September 15, 2009 1:12 AM
    Monday, September 14, 2009 4:41 PM
  • Under the advanced tab, I have set POP for port 995 and required SSL.  For SMTP I've tried ports 25 and 587, both requiring and not requiring SSL.


    You simply missed the TLS encryption for the connection.

    Simone Pace

    • Proposed as answer by SimoneP Wednesday, December 15, 2010 3:26 PM
    Wednesday, December 15, 2010 3:26 PM