Service account can't send internet mail
How carefully did you read that document? For application relay, you want the Permission group to be Exchange servers, and Authentication to be Externally Secured.[string](0..33|%{[char][int](46+("686552495351636652556262185355647068516270555358646562655775 0645570").substring(($_*2),2))})-replace " "
March 14th, 2012 8:33pm

We have an internal helpdesk system which notifies the ticket contact when the ticket is closed. The sending e-mail address is associated with an AD account. Delivery is working to our accepted domains, but is not working for an external domain for which we've recently began servicing. The message tracking logs show that it is working internally, but the message is not showing up at all in the logs when the contact e-mail address is not in our accepted domains. If I telnet to one of the hub servers on port 25 and attempt to send mail from any valid internal address to an external address, it returns "550 5.7.1 Unable to relay". If I use Outlook with the same addresses, the message delivers fine. How can I isolate and/or resolve this? Jim
Free Windows Admin Tool Kit Click here and download it now
April 28th, 2012 11:49am

Is the sending address in one of your accepted domains? If not the hub transport server will see that email as an attempt to use it as an open relay.[string](0..33|%{[char][int](46+("686552495351636652556262185355647068516270555358646562655775 0645570").substring(($_*2),2))})-replace " "
April 28th, 2012 12:07pm

Yes, the sending address is one of our accepted domains.
Free Windows Admin Tool Kit Click here and download it now
April 28th, 2012 12:08pm

Create a new Receive Connector, configured for anonymous relay. I'd restrict it to just accepting email from the application server by IP in the Network sesttings. http://technet.microsoft.com/en-us/library/aa996395.aspx[string](0..33|%{[char][int](46+("686552495351636652556262185355647068516270555358646562655775 0645570").substring(($_*2),2))})-replace " "
April 28th, 2012 12:15pm

I created a new receive connector on one of the HT servers. The helpdesk application can only specify a single DNS name and port; it is configured to send to a DNS alias for our hub transport farm on port 25. So I changed the connector port from 587 to 25., all available IPv4. I set the 'receive mail from remote servers' to be x.x.x.x-x.x.x.x, where x.x.x.x is the IP address of the helpdesk server. I cleared all the options on the Authentication tab. On the Permission Groups tab, only Anonymous is checked. When I RDP to the helpdesk server and telnet to the same HT server on port 25, it still tells me Unable to relay. Edit: The application has fields for Username and Password on it's e-mail configuration window. It states "If you have a protected SMTP gateway, enter an authorized user name and password.)". I'll have the application admin populate those fields and test as well.
Free Windows Admin Tool Kit Click here and download it now
April 28th, 2012 12:39pm

How carefully did you read that document? For application relay, you want the Permission group to be Exchange servers, and Authentication to be Externally Secured.[string](0..33|%{[char][int](46+("686552495351636652556262185355647068516270555358646562655775 0645570").substring(($_*2),2))})-replace " "
April 28th, 2012 1:36pm

Hi Do you have any update on your issue ? mjolinor's advice seems to be helpful. TechNet subscriber Support in forum If you have any feedback on our support, please contact tngfb@microsoft.comTerence Yu TechNet Community Support
Free Windows Admin Tool Kit Click here and download it now
April 28th, 2012 9:42pm

Hi Do you have any update on your issue ?Terence Yu TechNet Community Support
April 29th, 2012 4:22am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics