none
Relay Agent not sending External E-Mail

    Question

  • Hi,

    We have configured a relay agent in exchange 2013 but we are not able to send external email through it. Only internal it working.

    Any Suggestions?

    Thanks.

    Tuesday, December 5, 2017 10:19 PM

Answers

  • Hi,

    Thanks for your information.

    Given the error message “unable to relay”, it should be you do not have the permission to relay messages to external addresses. We need to add the extended permission as below to the relay connector.

    Get-ReceiveConnector “Relay connector” | Add-ADPermission -User “NT AUTHORITY\ANONYMOUS LOGON” -ExtendedRights “ms-Exch-SMTP-Accept-Any-Recipient”

    Note: It’s highly recommended to create a relay receive connector separately and focus specific IP addresses can use it for relaying.

    Hope it helps.


    Regards,

    Jason Chao


    Please remember to mark the replies as answers if they helped.
    If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.

    • Marked as answer by create_share Monday, December 11, 2017 10:14 AM
    Thursday, December 7, 2017 2:04 AM
    Moderator

All replies

  • Hi,

    How did you configured the relay agent?

    Please check if any messages stuck in transport queues, we can check we command get-queue | fl

    Do you receive any NDR messages? If you have please post out in detail.

    We also need to check if any rules or any devices has blocked the messages.

    Thanks for your efforts and hope it helps.


    Regards,

    Jason Chao


    Please remember to mark the replies as answers if they helped.
    If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.

    Wednesday, December 6, 2017 1:28 PM
    Moderator
  • I used the below command to test relay but it only worked for internal users.

    telnet mail.domain.com 25

    helo

    mail from: myemail.domain.com

    sender ok

    rcpt to: myexternalemail.domain.com

    unable to relay

    After entering get-queue | fl I got the below results:

    RunspaceId                       : 48b4f11a-c68c-4db2-b6c7-d4ee1b7b9cef
    DeliveryType                     : Undefined
    NextHopDomain                    : Submission
    TlsDomain                        :
    NextHopConnector                 : 00000000-0000-0000-0000-000000000000
    Status                           : Ready
    MessageCount                     : 0
    LastError                        :
    RetryCount                       : 0
    LastRetryTime                    :
    NextRetryTime                    :
    FirstRetryTime                   :
    DeferredMessageCount             : 0
    LockedMessageCount               : 0
    MessageCountsPerPriority         :
    DeferredMessageCountsPerPriority :
    RiskLevel                        : Normal
    OutboundIPPool                   : 0
    NextHopCategory                  : Internal
    IncomingRate                     : 0
    OutgoingRate                     : 0
    Velocity                         : 0
    OverrideSource                   :
    QueueIdentity                    : server.mail01\Submission
    PriorityDescriptions             : {High, Normal, Low, None}
    Identity                         : server.mail01\Submission
    IsValid                          : True
    ObjectState                      : New

    RunspaceId                       : 48b4f11a-c68c-4db2-b6c7-d4ee1b7b9cef
    DeliveryType                     : ShadowRedundancy
    NextHopDomain                    : server-mail02.domain.com
    TlsDomain                        :
    NextHopConnector                 : 00000000-0000-0000-0000-000000000000
    Status                           : Ready
    MessageCount                     : 0
    LastError                        :
    RetryCount                       : 0
    LastRetryTime                    :
    NextRetryTime                    :
    FirstRetryTime                   :
    DeferredMessageCount             : 0
    LockedMessageCount               : 0
    MessageCountsPerPriority         :
    DeferredMessageCountsPerPriority :
    RiskLevel                        : Normal
    OutboundIPPool                   : 0
    NextHopCategory                  : Internal
    IncomingRate                     : 0
    OutgoingRate                     : 0
    Velocity                         : 0
    OverrideSource                   :
    QueueIdentity                    : server.mail01\Shadow\3
    PriorityDescriptions             : {High, Normal, Low, None}
    Identity                         : server.mail01\Shadow\3
    IsValid                          : True
    ObjectState                      : New

    Wednesday, December 6, 2017 8:54 PM
  • Hi,

    Thanks for your information.

    Given the error message “unable to relay”, it should be you do not have the permission to relay messages to external addresses. We need to add the extended permission as below to the relay connector.

    Get-ReceiveConnector “Relay connector” | Add-ADPermission -User “NT AUTHORITY\ANONYMOUS LOGON” -ExtendedRights “ms-Exch-SMTP-Accept-Any-Recipient”

    Note: It’s highly recommended to create a relay receive connector separately and focus specific IP addresses can use it for relaying.

    Hope it helps.


    Regards,

    Jason Chao


    Please remember to mark the replies as answers if they helped.
    If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.

    • Marked as answer by create_share Monday, December 11, 2017 10:14 AM
    Thursday, December 7, 2017 2:04 AM
    Moderator
  • what is your send connector?

    telnet sendconnector and send email using it. allow the sender on send connector


    Thanks & Regards Ramandeep Singh

    Thursday, December 7, 2017 9:11 AM
  • It was a permission problem. Working now.

    Thanks.

    Saturday, December 9, 2017 11:17 AM
  • Glad to hear that it's working now, please help to mark the reply as answer and it could be helpful for others.

    Thanks for your time.


    Regards,

    Jason Chao


    Please remember to mark the replies as answers if they helped.
    If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.

    Monday, December 11, 2017 9:52 AM
    Moderator