Configure authenticated SMTP relay in Exchange 2007/2010
I'm doing some testing on a newly setup Exchange 2010 RC machine that is configured with the default roles (Client Access, Hub Transport, Mailbox & UM). I'm testing to figure out how to configure our production Exchange 2007 server to allow for users to use POP from their cell phones. I've enabled the POP service on the server, and I am able to download messages just fine into Windows Live Mail, which is on the Exch2010 server. I can't for the life of me figure out how to allow authenticated SMTP relay, though. I really need someone to provide a step by step guide on what to do for this, as I've read many articles online, and none of them have solved the issue. On the Server Configuration -> Hub Transport -> Default (servername) Properties -> Authentication tab, TLS, Basic Auth (Offer Basic auth only after starting TLS), Exchange Server auth, and Integrated Windows auth are all selected. On the Permission Groups tab, I've selected Anonymous Users, Exch Users and Exch Servers, Legacy Exch Servers. On the Client (servername) Properties -> Authentication tab, TLS, Basic Auth (Offer Basic auth only after TLS), and Integrated Windows auth are selected. On the Permission Groups tab, Anonymous users and Exchange users are selected. In Windows Live Mail, I have my incoming and outgoing servers set to localhost. For incoming, my username is drew (my domain username). I typed my domain pw in the pw box. Log on using clear text auth is selected. So far, this has seemed to work for incoming mail. Outgoing is the problem, however. I have selected "My server requires authentication", and under settings I've tried selecting "use same settings as incoming" and "Log on using" and tried typing the same username & pw as incoming, but also typed the full email address as well. I've also tried this with selecting "Log on using Secure Password Authentication". Under the advanced tab, I have set POP for port 995 and required SSL. For SMTP I've tried ports 25 and 587, both requiring and not requiring SSL. I'm now stumped. Where do I go from here?
September 9th, 2009 5:52pm
Hi,
Please understand by default, the Exchange Server allows the authenticated user to relay email. It is because by default the Authenticated users group has ms-Exch-SMTP-Accept-Any-Recipient permission.
At this time, please let me know:
1. Whether the client connects to Exchange 2010 to submit message? If you configure the clients to connect to Exchange 2007, whether the issue persists? If the issue does not encountered, I suggest you create a thread on Exchange 2010 forum regarding the issue:
http://social.technet.microsoft.com/Forums/en-US/exchange2010/threads
2. If the issue persists, when client connects to Exchange 2007, I also suggest you configure Outlook client (POP3/SMTP) to check whether the issue can be solved. If the Outlook client does not encounter the problem, I think that it is a client side issue and we need to focus on Windows Live Mail client regarding the issue
3. If the issue persists by using Outlook client, I suggest you perform following steps:
a. Configure the Client Receive Connector to disable Anonymous Users Group
b. Configure the Outlook to use Client Receive Connector (587) to submit message. You should configure Profile like below:
Outgoing Server tab: My outgoing server (SMTP) requires authentication->Use same settings as my incoming mail server
Advanced tab: Outgoing Server port: 587. Select This server requires an encrypted connection (SSL) option. If you have Outlook 2007, please select TLS
Please check whether the issue persists. If the issue still persists, please let me know the error you received when attempting to send message. Please also enable logging on the Client Receive Connector (Protocol logging level: Verbose) and post related SMTP log here for further check.
Mike Shen
TechNet Subscriber Support in forum
If you have any feedback on our support, please contact tngfb@microsoft.com
Free Windows Admin Tool Kit Click here and download it now
September 10th, 2009 7:17am
Hi, Any updates regarding the issue?Thanks,Mike
September 14th, 2009 2:59pm
Hi, Any updates regarding the issue? Thanks, Mike
Mike, I appreciate your help so far. I just got back into the office (and I didn't see that you had posted the original message until today). I will try your suggestions and post my findings. Thanks, DrewDrew Green
MCSA, Security+, Network+, A+
Free Windows Admin Tool Kit Click here and download it now
September 14th, 2009 3:56pm
I hooked my Outlook client up to our production Exchange 2007 server and all seems to be working fine there. Not so much on the Exchange 2010 server, but there are many factors there that could contribute to that. The most important thing is that the production server is functioning as it should be. Thanks for the help!Drew Green
MCSA, Security+, Network+, A+
September 14th, 2009 7:41pm
Under the advanced tab, I have set POP for port 995 and required SSL. For SMTP I've tried ports 25 and 587, both requiring and not requiring SSL.
You simply missed the TLS encryption for the connection.
Simone Pace
Free Windows Admin Tool Kit Click here and download it now
December 15th, 2010 10:31am