Exchange Server Forums
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Open Relay Test Failed
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
 Limited time MSExchange.org offer! -- 1.Sep.2008 1:00:00 PM
|
|
TechGenix and SolarWinds have partnered to provide free copies of SolarWinds Exchange Monitor to all visitors who join the MSExchange.org Forums. SolarWinds Exchange Monitor is a handy desktop dashboard that continuously monitors Microsoft Exchange to deliver real-time insight into Exchange services, mail queue sizes, and host server health. Learn more about Exchange Monitor and the free offer!
|
Open Relay Test Failed - 16.Oct.2007 1:10:53 PM
|
|
|
defiantclass1
Posts: 183
Joined: 17.Jul.2006
Status: offline
|
Hello,
The Exchange Best Practice Analyzer says my Ex 2003 server is failing the Open Relay Test. I have followed the instructions provided by the link it provided to set Relay back to it's default state and it still fails.
To confirm, the "Only the List below" check box is selected and the "Allow computers regardless" checkbox is selected. I have also tried NOT selecting the "Allow computers regardless" checkbox and I have gone in to Users and selected only the actual users on my network.
In all cases, I still fail the test.
Any ideas? Thank you!
|
|
|
|
|
RE: Open Relay Test Failed - 16.Oct.2007 1:16:18 PM
|
|
|
Yorgy
Posts: 89
Joined: 20.Sep.2006
Status: offline
|
Hi there--
Just thought I would toss this idea to see if it helps...
Have you tried restarting the information store after making the changes and then testing the BPA again?
HIH
Yorgy
_____________________________
Life is a zoo in a jungle!
|
|
|
|
|
RE: Open Relay Test Failed - 16.Oct.2007 1:50:21 PM
|
|
|
defiantclass1
Posts: 183
Joined: 17.Jul.2006
Status: offline
|
Yorgy,
I have not. Did however restart the SMTP service. I will try the info store. Thank you for the idea. I'll try that.
|
|
|
|
|
RE: Open Relay Test Failed - 16.Oct.2007 2:24:25 PM
|
|
|
a.grogan
Posts: 1887
Joined: 12.Apr.2005
From: London
Status: offline
|
Hiya chap, in order to pass the BPA test with your Exchange server you will need to the following settings as a minimum:
In the ESM on the properties for you SMTP Virtual Server:
1. On the "Access" Tab -> "Connection" - Only the list below
2. On the "Access" Tab -> "Relay" - All except the list below
Allow about 15 minutes for the DS2MB service to update then run the BPA again.
Cheers
A
_____________________________
Andy Grogan
MSExchange.org Forums Moderator
For my general ramblings about Exchange please visit my blog:
W: http://telnetport25.wordpress.com/
M: manifoldmaster@gmail.com
|
|
|
|
|
RE: Open Relay Test Failed - 16.Oct.2007 2:37:26 PM
|
|
|
defiantclass1
Posts: 183
Joined: 17.Jul.2006
Status: offline
|
Thank you both. The settings I have are consistent with what a.grogan has recommend and it has been this way for at least an hour. I also restarted the info store. However I still fail the test. The exact message I get in BPA is:
SMTP instance 'Default SMTP Virtual Server' on server XXXXXXXX failed the open relay test. Restrictions are in place, but the workstation or user running this tool is capable of using the open relay. Verb return: Respond = 250 2.1.5 [email=ExBPA-OpenRelayTest@Fabrikam.com]ExBPA-OpenRelayTest@Fabrikam.com[/email] ,.
Could this mean something other than what I am thinking? ("restrictions ARE in place.....")
|
|
|
|
|
RE: Open Relay Test Failed - 16.Oct.2007 2:40:35 PM
|
|
|
a.grogan
Posts: 1887
Joined: 12.Apr.2005
From: London
Status: offline
|
Thats interesting what version of the BPA are you running?
I am using Application Version 2.8.7926.0 and config file version 2.11.17.0 - also just so I am sure I ran the "Health Check" scan.
Let me know if we are the same,
Cheers
A
_____________________________
Andy Grogan
MSExchange.org Forums Moderator
For my general ramblings about Exchange please visit my blog:
W: http://telnetport25.wordpress.com/
M: manifoldmaster@gmail.com
|
|
|
|
|
RE: Open Relay Test Failed - 17.Oct.2007 8:11:05 AM
|
|
|
defiantclass1
Posts: 183
Joined: 17.Jul.2006
Status: offline
|
I'm running the same version as you, App and Config. It is in the Health Check scan that I am getting this message. The short Health Scan, that is, not the long 2 hour one. Maybe I'll run that now and see what it has to say......
|
|
|
|
|
RE: Open Relay Test Failed - 17.Oct.2007 1:05:34 PM
|
|
|
a.grogan
Posts: 1887
Joined: 12.Apr.2005
From: London
Status: offline
|
OK, let me know
Cheers
A
_____________________________
Andy Grogan
MSExchange.org Forums Moderator
For my general ramblings about Exchange please visit my blog:
W: http://telnetport25.wordpress.com/
M: manifoldmaster@gmail.com
|
|
|
|
|
RE: Open Relay Test Failed - 17.Oct.2007 1:22:13 PM
|
|
|
defiantclass1
Posts: 183
Joined: 17.Jul.2006
Status: offline
|
Okay, well, the full scan didn't report any more issues than the short one did, and included this one as well.
I don't know... I went to www.mob.net and used the relay tester and sure enough it is open. I'm concerned cause i don't want to end up on some rbl list.
Thanks!!
|
|
|
|
|
RE: Open Relay Test Failed - 17.Oct.2007 1:27:34 PM
|
|
|
a.grogan
Posts: 1887
Joined: 12.Apr.2005
From: London
Status: offline
|
Hiya mate, ok, when you say the "short scan" which option is that - I am going to have a quick look in my lab.
Cheers
A
_____________________________
Andy Grogan
MSExchange.org Forums Moderator
For my general ramblings about Exchange please visit my blog:
W: http://telnetport25.wordpress.com/
M: manifoldmaster@gmail.com
|
|
|
|
|
RE: Open Relay Test Failed - 17.Oct.2007 1:32:05 PM
|
|
|
defiantclass1
Posts: 183
Joined: 17.Jul.2006
Status: offline
|
Well, when I say "short scan" I am referring to the regular Health Check scan. When you select that scan, there is an option for that scan to the right, to perform what I guess is a deeper full Health Scan which takes 2 hours 4 mins. I have done both in any case. I got the same issues reported from both of the scans so it really didn't make any difference I guess.
Thanks a lot
|
|
|
|
|
RE: Open Relay Test Failed - 17.Oct.2007 1:35:21 PM
|
|
|
a.grogan
Posts: 1887
Joined: 12.Apr.2005
From: London
Status: offline
|
Hiya mate, just out of curiosity - do you have the IMF filter enabled on the SMTP virtual Server?
Cheers
A
_____________________________
Andy Grogan
MSExchange.org Forums Moderator
For my general ramblings about Exchange please visit my blog:
W: http://telnetport25.wordpress.com/
M: manifoldmaster@gmail.com
|
|
|
|
|
RE: Open Relay Test Failed - 17.Oct.2007 1:47:05 PM
|
|
|
defiantclass1
Posts: 183
Joined: 17.Jul.2006
Status: offline
|
Yes, I just doubled checked to be sure, but I do.
|
|
|
|
|
RE: Open Relay Test Failed - 17.Oct.2007 1:56:51 PM
|
|
|
a.grogan
Posts: 1887
Joined: 12.Apr.2005
From: London
Status: offline
|
HIya mate, whilst I am waiting what are the settings on the authentication and relay pages?
Cheers
A
_____________________________
Andy Grogan
MSExchange.org Forums Moderator
For my general ramblings about Exchange please visit my blog:
W: http://telnetport25.wordpress.com/
M: manifoldmaster@gmail.com
|
|
|
|
|
RE: Open Relay Test Failed - 17.Oct.2007 2:15:21 PM
|
|
|
defiantclass1
Posts: 183
Joined: 17.Jul.2006
Status: offline
|
Well, I have all of the Relay settings selected: Sender, Recipient, Connection, Sender ID, IMF filters.
As for Authentication: Anonymous Access and Integrated Windows Authentication boxes selected. NOT the Resolve Anonymous email or Basic Authentication.
|
|
|
|
|
RE: Open Relay Test Failed - 17.Oct.2007 2:20:32 PM
|
|
|
a.grogan
Posts: 1887
Joined: 12.Apr.2005
From: London
Status: offline
|
Sorry chap, I meant on the Virtual SMTP server, on the access tab - when you click on the "Relay" button what are the settings configured (all of them)?
Cheers
A
_____________________________
Andy Grogan
MSExchange.org Forums Moderator
For my general ramblings about Exchange please visit my blog:
W: http://telnetport25.wordpress.com/
M: manifoldmaster@gmail.com
|
|
|
|
|
RE: Open Relay Test Failed - 17.Oct.2007 2:26:57 PM
|
|
|
defiantclass1
Posts: 183
Joined: 17.Jul.2006
Status: offline
|
Under the Relay button I have the "Only the list below" and "Allow all computers which successfully authenticate...." selectins checked. In the middle windows I have my internal IP addresses granted.
I have tried removing the " Allow all computers " selections and only specifing specific users (under the Users button) just to see, but I got the same results and set it back to how it previously was. Which I read as being the default selections...... I think.
|
|
|
|
|
RE: Open Relay Test Failed - 17.Oct.2007 2:30:03 PM
|
|
|
defiantclass1
Posts: 183
Joined: 17.Jul.2006
Status: offline
|
I did notice that on the General tab, the IP Address field is set to All Unassigned rather than my Ex server ip address. Don't know if that matters. It's the only IP on that machine anyways.
|
|
|
|
|
RE: Open Relay Test Failed - 17.Oct.2007 2:37:11 PM
|
|
|
a.grogan
Posts: 1887
Joined: 12.Apr.2005
From: London
Status: offline
|
HIya mate, that would seem to be the only difference at this stage, try changing that to the IP address of your server.
Cheers
A
_____________________________
Andy Grogan
MSExchange.org Forums Moderator
For my general ramblings about Exchange please visit my blog:
W: http://telnetport25.wordpress.com/
M: manifoldmaster@gmail.com
|
|
|
|
|
RE: Open Relay Test Failed - 17.Oct.2007 2:40:50 PM
|
|
|
defiantclass1
Posts: 183
Joined: 17.Jul.2006
Status: offline
|
What about under the Access tab and Connection button? I have "All expect the list below" and I have no list below.
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
