Exchange 2007 send-as self
I am having an issue with some code that I'm trying to use to send a message using authenticated SMTP.
The code is authenticating using the currently logged on user (testuser1) and the protocol log shows that this user is successfully being authenticated as (domain\testuser1). The code is using this accounts default SMTP address as the from address (and same thing for the to address while testing).
When I execute the code I get a message in the SMTPReceiver protocol log saying "550 5.7.1 Client does not have permissions to send as this sender". If I run the following command then the code works fine:
add-adpermission testuser1 -user self -extendedrights send-as
Is it by design that a user can not send an email as themselves through an authenticated SMTP connection? I don't really want to run a command to add self with send-as permission on all accounts so if someone knows a way around this in Exchange 2007 I would appreciate it.
July 7th, 2008 11:52pm
Which SMTP Receive Connector are you using? The Client or the Default? Maybe this is a Permissions Groups issue. I have not tried this myself, but it seems logical that it would work the way you are asking. However, the Send As right is actually an Active Directory right for the user.
Free Windows Admin Tool Kit Click here and download it now
July 7th, 2008 11:59pm
Thank you for the quick reply.
I have tried using both the client and default and they both produce the same results. Currently I am using the default as I can't get the client to log to the smtpreceive log. Some of my accounts do have self listed with send-as permissions so maybe those that don't were account migrated from previous versions.
The AD send as right confused me for a while because you can add sendas through add-mailboxpermissions but that does not appear to do anything.
July 8th, 2008 12:15am
Hi,
From your latest description, it seems that only part of the users which migrated from previous version have this issue. Based on the current situation, I suggest we confirm whether this issue exists on part of the users or all the user.
If only previous users have this issue, I suggest we try ADSI Edit tool to check whether they have the Send As right.
Expand Domain, expand DC=XX,DC=com, expand Users, find the user and right click it, select Properties, in the Security tab, locate SELF, check whether the Send As right has been checked.
After confirm the result, I will provide the detailed steps for granting the permission based on your outcome.
Regarding the Add-mailboxpermission, I would like to explain that an Exchange mailbox consists of an Active Directory directory service user and the mailbox data that is stored in the Exchange mailbox database. You can set permissions on both the Active Directory user object and the mailbox object that resides in the Exchange mailbox database. These are known as Active Directory permissions and mailbox permissions respectively. There are different methods to configure each set of permissions. For example, in the Exchange Management Shell, you use the Add-ADPermission cmdlet to assign Active Directory permissions and the Add-MailboxPermission cmdlet to assign mailbox permissions. Thus, that is different and could not be used each other.
Thanks
Allen
Free Windows Admin Tool Kit Click here and download it now
July 9th, 2008 1:04pm