locked
Unable to send mail outside domain with IMAP4 PDAs RRS feed

  • Question

  • Hi all!  I need some help in getting my company's PDAs to work fully out in the field.  Here's the current setup:

     

    Single-server installation, so Hub Role only (no Edge).

    Receive connector "from Internet" accepts mail from anyone.

    Send connector "to Internet" passes email out via smtp to anyone.

    IMAP4 Service is running.

    PDAs are set to use IMAP4, and authenticate, with SSL, for both incoming and outgoing mail use.

     

    Here's the current status:

     

    All incoming and outgoing mail functionality is perfect for users within the organization (Outlook clients and OWA).

    PDAs receive all incoming mail successfully.

    PDAs send outgoing mail successfully to anyone within the organization (i.e. our authoritative domain).

     

    --> But PDAs cannot send to any recipients outside our company. <--

     

    To try always results in this error message:

     

    ~~~~~~~~~~~~~~~~

    Your message '<subject line> was not sent and has been moved to the Drafts folder.

     

    The following recipients are invalid:

     

    <whoever>@<wherever>.com

    ~~~~~~~~~~~~~~~~


    My belief is that it's probably something to do with relaying, because the Exchange is doing everything except for saying, "Hey, I'd love to accept that message and then pass it on to someone I don't recognise." though I have read that "Exchange 2007 is configured to accept and relay email from hosts that authenticate by default."  Does this perhaps mean that my PDAs are not in fact authenticating?  They send mail to internal recipients without authentication -- I've tested that.

     

    Alternatively, I've read various articles about setting up open relays and restricting them by IP address and so on.  That seems to be a messy and unnecessarily insecure way of going about this to me, when I know that I just want all clients to authenticate, and then for Exchange to say, "Bing! Authentication's good, and I recognise that the person sending this message is in the Users group/is in AD/has a mailbox/something similar.  So I'll send it."

     

    If anyone has any bright ideas, I'd be most indebted!

     

    Thanks,

     

    Gavin

    Thursday, April 3, 2008 8:10 PM