locked
Relay error on CAS server RRS feed

  • Question

  • Hi

    We have installed Exchange 2010 into an existing 2003 organization.

    The web developers need to test whether they can send automated emails via the new 2010 servers from their applications.

    I have amended the default receive connector to allow anonymous access.

    If I telnet to one of the CAS servers on port 25 and do the usual tests of mail from/to the mail from: part works OK after allowing anonymous access.

    But the rcpt to: gives the error "550 5.7.1 Unable to relay"

    If I do the same on the Exchange 2003 server it works OK. Users on the 2010 server databases can send/receive emails OK.

    Not sure what I need to change and where.

    Any advice welcome.

    Thanks

     

    Wednesday, June 23, 2010 3:42 PM

Answers

  • I suggest creating a separate receive connector for anonymous connections.  You will need to run the following command on the connector to allow anonymous relay (not enabled by default).  I don't suggest running this on the default connectors.

    Get-ReceiveConnector "Anonymous Relay" | Add-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON" -ExtendedRights "Ms-Exch-SMTP-Accept-Any-Recipient"

     


    Tim Harrington - Catapult Systems - http://HowDoUC.blogspot.com
    • Proposed as answer by TWHarrington Wednesday, June 23, 2010 4:14 PM
    • Marked as answer by jarweb Wednesday, June 23, 2010 8:02 PM
    Wednesday, June 23, 2010 4:05 PM

All replies

  • I suggest creating a separate receive connector for anonymous connections.  You will need to run the following command on the connector to allow anonymous relay (not enabled by default).  I don't suggest running this on the default connectors.

    Get-ReceiveConnector "Anonymous Relay" | Add-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON" -ExtendedRights "Ms-Exch-SMTP-Accept-Any-Recipient"

     


    Tim Harrington - Catapult Systems - http://HowDoUC.blogspot.com
    • Proposed as answer by TWHarrington Wednesday, June 23, 2010 4:14 PM
    • Marked as answer by jarweb Wednesday, June 23, 2010 8:02 PM
    Wednesday, June 23, 2010 4:05 PM
  • Hi Jarweb,

    If you configure the receive connector the network tab should specify the IP addresses of the remote servers.  The anonymous user and you also may need to configure the Externally secured Tab. 

     

    Allow Anonymous Relay on a Receive Connector
    http://technet.microsoft.com/en-us/library/bb232021.aspx

    You can also take a look here:

    Allowing application servers to relay off Exchange Server 2007
    http://msexchangeteam.com/archive/2006/12/28/432013.aspx  - Same concept in 2010.


    SF - MCITP:EMA, MCTS: Exchange 2010, Exchange 2007, MOSS 2007, OCS 2007 -- http://www.scottfeltmann.com
    Wednesday, June 23, 2010 4:07 PM
  • Yes, Create new receive connector and select permission "Exchange server" also along with anonymous and then check mail flow.

    I assume that you are getting error "rcpt to: gives the error "550 5.7.1 Unable to relay" only when you are using recepient external domain.

    If you want to relay message to external domain also then you have to create seperate receive connector else allowing anonymous connection on default receive connector will work.

    Waiting your response !!!!


    Anil
    Wednesday, June 23, 2010 4:19 PM
  • Thanks guys. This has resolved the error message. Just need to get the web guys to check their scripts.

     

    Wednesday, June 23, 2010 8:01 PM
  • Happy to you have fixed it :)
    Anil
    Thursday, June 24, 2010 3:02 AM