Single server configuration. 550 5.7.54 SMTP; Unable to relay recipient in non-accepted domain RRS feed

  • Question

  • Hi!

    Installed single server with all roles - Exchange 2016. When do receive checks from Internet found this message:

    550 5.7.54 SMTP; Unable to relay recipient in non-accepted domain 

    mmm... not open-relay, but everybody can use our server to send spam emails to recepients inside. How disable this option?

    Example: connect from external network, write:

    mail from: empl1@ourdomain.ru
    rcpt to: empl2@ourdomain.ru

    will be accepted without authorization. Its normal for ALLOWED internal network, but no for Internet IPs.

    • Edited by GOID1 Saturday, December 3, 2016 4:39 PM
    Saturday, December 3, 2016 10:20 AM

All replies

  • Hi,

    After installing Exchange Server 2016, the setup routine automatically creates a receive connector that is pre-configured to be used for receiving email messages from anonymous senders to internal recipients.

    According to the error,"550 5.7.54, Unable to relay recipient in non-accepted domain”,the receive connector will not allow an anonymous, unauthenticated sender to relay to external domain names.
    There are two ways you can resolve this and allow your devices and applications to send to external recipients: Using authentication for SMTP connections and configuring an anonymous SMTP relay connector
    Please refer to the following article to configure the receive connector:


    Please note: Since the website is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.

    Best Regards,
    David Wang
    TechNet Community Support

    Please remember to mark the replies as answers if they helped.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    • Proposed as answer by David Wang_ Monday, December 19, 2016 8:50 AM
    Monday, December 5, 2016 6:08 AM
  • Allow relay for anonymous users in setup of receive connector:

    get-receiveconnector *relay* | Add-ADPermission -User 'NT AUTHORITY\Anonymous Logon' -ExtendedRights MS-Exch-SMTP-Accept-Any-Recipient

    Please note: you might need to change the user name to the culture of your environment, e.g. for German you had to use:

    get-receiveconnector *relay* | Add-ADPermission -User 'NT-AUTORITÄT\ANONYMOUS-ANMELDUNG' -ExtendedRights MS-Exch-SMTP-Accept-Any-Recipient

    • Proposed as answer by Jochen Wezel Monday, February 20, 2017 10:33 AM
    • Unproposed as answer by Jochen Wezel Monday, February 20, 2017 10:34 AM
    • Proposed as answer by TG99 Tuesday, June 6, 2017 2:40 PM
    Monday, February 20, 2017 10:28 AM