none
Relay connector for external mail failing

    Question

  • I created a receive connector to relay for external mail.  I set it for anonymous users only and ran the command: Get-ReceiveConnector "Anonymous Relay" | Add-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON" -ExtendedRights "Ms-Exch-SMTP-Accept-Any-Recipient"

    I added my workstation IP address in the allow list to relay email.  However, when I telnet and enter the field for "rcpt to" as xyz@yahoo.com, telnet will error and say "500 5.7.1 Unable to Relay".  It works when use any internal domain recipient.  

    Any idea what I'm doing wrong with configuration of the connector?


    ms

    Thursday, July 21, 2016 5:03 AM

Answers

  • Also, be aware that if you're using a load balancer for SMTP connections, it'll probably change the source IP address to that of the load balancer, making the SourceIPRanges selection essentially useless.

    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
    Celebrating 20 years of providing Exchange peer support!

    Sunday, July 24, 2016 6:07 PM
    Moderator

All replies

  • What do you mean the "allow list"?  The IP address of the sending system must be in the RemoteIPRanges property of the receive connector.

    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
    Celebrating 20 years of providing Exchange peer support!


    Thursday, July 21, 2016 5:21 AM
    Moderator
  • Yes the RemoteIPRanges property.

    ms

    Thursday, July 21, 2016 6:06 AM
  • Enable protocol logging on that connector and other port 25 receive connectors, then look at the logs to verify that the correct connector is being used.

    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
    Celebrating 20 years of providing Exchange peer support!

    Thursday, July 21, 2016 7:21 AM
    Moderator
  • Hi,

    Seems like no problem with the configuration, please let us to confirm this by posting the result of the following command

    Get-ReceiveConnector <That connector> | fl

    Try to send message from your workstation instead of telnet.

    Best Regards.


    Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com

    Lynn-Li
    TechNet Community Support

    Friday, July 22, 2016 8:18 AM
    Moderator
  • Also, be aware that if you're using a load balancer for SMTP connections, it'll probably change the source IP address to that of the load balancer, making the SourceIPRanges selection essentially useless.

    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
    Celebrating 20 years of providing Exchange peer support!

    Sunday, July 24, 2016 6:07 PM
    Moderator