locked
Relay Email Through Exchange 2007 RRS feed

  • Question

  • I have a few laptop users that I would like to setup relay through Exchange 2007 for emails outside of the server but am not sure how to accomplish this.

    User sends an email to dude@yahoo.com through my email server, my mail server forwards it on to dude@yahoo.com

    -Funk

    Thursday, August 5, 2010 8:56 PM

Answers

  • On Fri, 6 Aug 2010 17:47:51 +0000, thefunks67 wrote:
     
    >
    >
    >I set up a new receive connector for port 587, set the Permissions Group to Exchange Users and Authentication to Basic and I was able to send email. I also set the type of encryption to Auto in Outlook.
    >
    >When I enable TLS on the server, I get a certificate error in Outlook. My certificate is self signed.
     
    So it's not trusted by the client. That's not surprising.
     
    >For now I am going to use Basic Authentication and only allow authenticated Exchange users permission to send through this connector.
    >
    >I would like to know if there is a solution to the certificate error when using TLS though.
     
    Sure. Buy a certificate from a public CA and use it. Or you can use
    your own CA and put its root certificate into the "trusted root"
    certificate store on the clients.
    ---
    Rich Matheisen
    MCSE+I, Exchange MVP
     

    --- Rich Matheisen MCSE+I, Exchange MVP
    • Proposed as answer by Allen Song Monday, August 9, 2010 2:44 AM
    • Marked as answer by Allen Song Friday, August 13, 2010 9:28 AM
    Friday, August 6, 2010 11:51 PM

All replies

  • These are POP or IMAP clients, right? Have them use port 587; that's
    configured that way by default.
     
    --
    Ed Crowley MVP
    "There are seldom good technological solutions to behavioral
    problems."
    ..
     
     
    On Thu, 5 Aug 2010 20:56:50 +0000, thefunks67 wrote:
     
    >
    >
    >I have a few laptop users that I would like to setup relay through Exchange 2007 for emails outside of the server but am not sure how to accomplish this.
    >
    >User sends an email to dude@yahoo.com through my email server, my mail server forwards it on to dude@yahoo.com
    >
    >-Funk
     

    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
    Friday, August 6, 2010 2:16 AM
  • On Thu, 5 Aug 2010 20:56:50 +0000, thefunks67 wrote:
     
    >I have a few laptop users that I would like to setup relay through Exchange 2007 for emails outside of the server but am not sure how to accomplish this.
     
    Have them set up their e-mail client software to use port 587 instead
    of 25 for the SMTP server. Make sure port 587 can make it through your
    firewall to your Hub Transport Server. Configure the e-mail clients to
    authenticate with the SMTP server.
     
    But why not use Outlook Anywhere?
     
    >User sends an email to dude@yahoo.com through my email server, my mail server forwards it on to dude@yahoo.com
     
    Is this what you want to happen, or is this what's happening now?
    ---
    Rich Matheisen
    MCSE+I, Exchange MVP
     

    --- Rich Matheisen MCSE+I, Exchange MVP
    Friday, August 6, 2010 2:45 AM
  • They are POP'ing mail off the Exchange, no IMAP

     

    Rich, it's political.  That's what I need to have happen.  They can send email to internal recipients, but email sent to anyone outside the organization gets bounced with a relay error message.

     

    -Funk

    Friday, August 6, 2010 3:44 PM
  • Are they authenticating when sending mail? Is seems that they arent if u are getting a relay error message when they send messages to outside.
    • Proposed as answer by ZarkoC Friday, August 6, 2010 5:15 PM
    Friday, August 6, 2010 5:15 PM
  • I set Outlook up to Require Authentication on the SMTP server using the same credentials as my incoming server.  Under the Advanced tab I have configured Port 587 for the SMTP server and selected SSL as the type of encryption.  The firewall is forwarding port 587 TCP to the Exchange server IP.

    When I Test Account Settings in Outlook it fails when trying to send with a generic message "Outlook cannot connect to your outgoing (SMTP) e-mail server."

    -Funk

    Friday, August 6, 2010 5:23 PM
  • I set up a new receive connector for port 587, set the Permissions Group to Exchange Users and Authentication to Basic and I was able to send email.  I also set the type of encryption to Auto in Outlook.

    When I enable TLS on the server, I get a certificate error in Outlook.  My certificate is self signed.

    For now I am going to use Basic Authentication and only allow authenticated Exchange users permission to send through this connector. 

    I would like to know if there is a solution to the certificate error when using TLS though.

    -Funk

    Friday, August 6, 2010 5:47 PM
  • On Fri, 6 Aug 2010 15:44:52 +0000, thefunks67 wrote:
     
    >
    >
    >They are POP'ing mail off the Exchange, no IMAP
     
    Okay, but POP3/POPS is a way to READ mmessages, not send them.
     
    >Rich, it's political. That's what I need to have happen. They can send email to internal recipients, but email sent to anyone outside the organization gets bounced with a relay error message.
     
    Then reread what I wrote and have them use port 587 and authenticate
    with the server.
    ---
    Rich Matheisen
    MCSE+I, Exchange MVP
     

    --- Rich Matheisen MCSE+I, Exchange MVP
    Friday, August 6, 2010 11:44 PM
  • On Fri, 6 Aug 2010 17:23:38 +0000, thefunks67 wrote:
     
    >
    >
    >I set Outlook up to Require Authentication on the SMTP server using the same credentials as my incoming server. Under the Advanced tab I have configured Port 587 for the SMTP server and selected SSL as the type of encryption. The firewall is forwarding port 587 TCP to the Exchange server IP.
    >
    >When I Test Account Settings in Outlook it fails when trying to send with a generic message "Outlook cannot connect to your outgoing (SMTP) e-mail server."
     
    The fastest way to see what's hapening is to use a network monitor
    (WireShark is good). Do you even see an inbound connection on port 587
    from the IP address of the client? If you don't then the problem is
    either in the configuration of the e-mail client or the firewall.
    ---
    Rich Matheisen
    MCSE+I, Exchange MVP
     

    --- Rich Matheisen MCSE+I, Exchange MVP
    Friday, August 6, 2010 11:47 PM
  • On Fri, 6 Aug 2010 17:47:51 +0000, thefunks67 wrote:
     
    >
    >
    >I set up a new receive connector for port 587, set the Permissions Group to Exchange Users and Authentication to Basic and I was able to send email. I also set the type of encryption to Auto in Outlook.
    >
    >When I enable TLS on the server, I get a certificate error in Outlook. My certificate is self signed.
     
    So it's not trusted by the client. That's not surprising.
     
    >For now I am going to use Basic Authentication and only allow authenticated Exchange users permission to send through this connector.
    >
    >I would like to know if there is a solution to the certificate error when using TLS though.
     
    Sure. Buy a certificate from a public CA and use it. Or you can use
    your own CA and put its root certificate into the "trusted root"
    certificate store on the clients.
    ---
    Rich Matheisen
    MCSE+I, Exchange MVP
     

    --- Rich Matheisen MCSE+I, Exchange MVP
    • Proposed as answer by Allen Song Monday, August 9, 2010 2:44 AM
    • Marked as answer by Allen Song Friday, August 13, 2010 9:28 AM
    Friday, August 6, 2010 11:51 PM