Exchange Server Forums
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Exchange 2000 Relay
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
Exchange 2000 Relay - 17.Nov.2006 5:01:18 PM
|
|
|
PCBrandon
Posts: 20
Joined: 22.Jul.2006
Status: offline
|
Hi all, one of my servers is trying to send out email using my Exchange 2000 server. For some reason it's receiving the error "550 Relay attempt blocked for email@domain.com". I've included the internal IP address of this server in the "Allow relay" list on the Exchange SMTP virtual servers to no go. Any ideas?
Thanks!
|
|
|
|
|
RE: Exchange 2000 Relay - 17.Nov.2006 7:29:29 PM
|
|
|
jchong
Posts: 2516
Joined: 1.Dec.2005
From: Centreville, Virginia
Status: offline
|
Where are you getting this error from a non deliverable message?
_____________________________
James Chong
MCSE | M+, S+, MCTS, Security+
msexchangetips.blogspot.com
|
|
|
|
|
RE: Exchange 2000 Relay - 17.Nov.2006 9:36:23 PM
|
|
|
PCBrandon
Posts: 20
Joined: 22.Jul.2006
Status: offline
|
Thanks for the reply jchong.
I'm receiving the error in the application that sends it. It's a feature of our grade server, where it emails parents if their student receives a grade below a threshold. It works when it sends an email to a local account, but not external.
Thanks again!
|
|
|
|
|
RE: Exchange 2000 Relay - 17.Nov.2006 10:06:22 PM
|
|
|
jchong
Posts: 2516
Joined: 1.Dec.2005
From: Centreville, Virginia
Status: offline
|
Ah ok. You're on the right track to have added that IP in the allowed relay list. If its still not working, are you sure that this application's IP is not natted to a public IP, thus requiring you to use the public ip rather than the internal ip?
_____________________________
James Chong
MCSE | M+, S+, MCTS, Security+
msexchangetips.blogspot.com
|
|
|
|
|
RE: Exchange 2000 Relay - 17.Nov.2006 11:05:09 PM
|
|
|
PCBrandon
Posts: 20
Joined: 22.Jul.2006
Status: offline
|
Hi James,
No, I'm pretty sure it doesn't. You can set settings for your SMTP server (including credentials) in the program. I'm sure these are correct credentials as I've tried them and different ones several times.
Here's a little bit more information about my mail setup:
I have my spam filter (a free perl script called Anti-Spam SMTP Proxy Server) listening on port 25. Here, I'll copy a map of emails I documented a while back:
Internet (incoming on TCP port 25)
|
ASSP (listening on TCP port 25)
|
Forwarded to TCP port 225
|
Exchange Default SMTP Virtual Server (listening on TCP port 225)
|
To Recipient's Mailbox
Outgoing email is a bit more complicated:
From Sender's Mailbox
|
Exchange Default SMTP Virtual Server (SmartHost on TCP port 125)
|
ASSP (relay TCP port 125, relay host TCP port 325)
|
Exchange Server ASSP Relay Virtual Server (listening on TCP port 325)
|
Exchange Server ASSP Relay SMTP Connector (email sent out using DNS)
I've added 10.0.0.4 (the IP of the server trying to send the email) to both the lists on the Default SMTP Virtual Server and the ASSP Relay Virtual Server. Both are set to allow all computers which successfully authenticate to relay.
I really appreciate your help!
< Message edited by PCBrandon -- 17.Nov.2006 11:09:13 PM >
|
|
|
|
|
RE: Exchange 2000 Relay - 17.Nov.2006 11:10:46 PM
|
|
|
jchong
Posts: 2516
Joined: 1.Dec.2005
From: Centreville, Virginia
Status: offline
|
Not a problem. So this application is inside the LAN? From the application server, open a command prompt and telnet to your exchange server on the specified port and try to send mail to an external account. See if it goes through. Then we can identify if it's a relay issuing on the ex server or a misconfigured setting on the application.
_____________________________
James Chong
MCSE | M+, S+, MCTS, Security+
msexchangetips.blogspot.com
|
|
|
|
|
RE: Exchange 2000 Relay - 17.Nov.2006 11:17:59 PM
|
|
|
PCBrandon
Posts: 20
Joined: 22.Jul.2006
Status: offline
|
Here we go:
I opened a telnet connection to port 25. I used the following commands:
HELO
MAIL FROM:localaccount@localdomain.com
RCPT TO:externalaccount@externaldomain.com
I received the response: "530 Relaying Not Allowed" after submitting the RCPT TO command.
Thanks.
|
|
|
|
|
RE: Exchange 2000 Relay - 17.Nov.2006 11:26:05 PM
|
|
|
jchong
Posts: 2516
Joined: 1.Dec.2005
From: Centreville, Virginia
Status: offline
|
Thanks, ok can you do this.
1. Enable smtp logging make sure you do extended logging options and select everything. Now in your application try sending an email. Then post what shows in the smtp log, verify that you have the correct ip in the relay list thats showing in the smtp logs
2. Please let me know what you have configured in your smtp virtual server properties in the access tab, for authentication, connection and relay.
3. Run best practice analyzer so it can review any misconfigured settings with your smtp virtual servers(s)
_____________________________
James Chong
MCSE | M+, S+, MCTS, Security+
msexchangetips.blogspot.com
|
|
|
|
|
RE: Exchange 2000 Relay - 17.Nov.2006 11:29:31 PM
|
|
|
PCBrandon
Posts: 20
Joined: 22.Jul.2006
Status: offline
|
James,
I was able to telnet to the SmartHost (port 125) and send an email using Telnet from that. Does that tell you anything, or should I go ahead and complete those steps you listed in your previous post?
|
|
|
|
|
RE: Exchange 2000 Relay - 17.Nov.2006 11:34:10 PM
|
|
|
jchong
Posts: 2516
Joined: 1.Dec.2005
From: Centreville, Virginia
Status: offline
|
Who were you telnetting to before?
_____________________________
James Chong
MCSE | M+, S+, MCTS, Security+
msexchangetips.blogspot.com
|
|
|
|
|
RE: Exchange 2000 Relay - 17.Nov.2006 11:35:36 PM
|
|
|
PCBrandon
Posts: 20
Joined: 22.Jul.2006
Status: offline
|
I used telnet to connect to the mail server on port 25 (it failed then). I then used it to connect to port 125 on the mail server and it sent the email.
|
|
|
|
|
RE: Exchange 2000 Relay - 17.Nov.2006 11:36:23 PM
|
|
|
jchong
Posts: 2516
Joined: 1.Dec.2005
From: Centreville, Virginia
Status: offline
|
Configure your application to send on port 125.
_____________________________
James Chong
MCSE | M+, S+, MCTS, Security+
msexchangetips.blogspot.com
|
|
|
|
|
RE: Exchange 2000 Relay - 17.Nov.2006 11:41:04 PM
|
|
|
PCBrandon
Posts: 20
Joined: 22.Jul.2006
Status: offline
|
Unforunately, I don't see a place to do that in the SMTP settings for the application.
Here is the log:
[ Log Removed ]
< Message edited by PCBrandon -- 18.Nov.2006 2:03:29 AM >
|
|
|
|
|
RE: Exchange 2000 Relay - 17.Nov.2006 11:45:22 PM
|
|
|
jchong
Posts: 2516
Joined: 1.Dec.2005
From: Centreville, Virginia
Status: offline
|
This log looks like its accepting the message. So you got an ndr back after sending through the app? What server is sending back the ndr? This is an option, its unfortunate that this app won't let you configure the port. What you can do is create another smtp virtual server and set it to use port 25. Then your app should be able to send to it. On this new smtp virtual server enter the ip of this app to relay.
_____________________________
James Chong
MCSE | M+, S+, MCTS, Security+
msexchangetips.blogspot.com
|
|
|
|
|
RE: Exchange 2000 Relay - 17.Nov.2006 11:46:42 PM
|
|
|
PCBrandon
Posts: 20
Joined: 22.Jul.2006
Status: offline
|
The spam filter is already listening on port 25, so I couldn't do that, could I?
|
|
|
|
|
RE: Exchange 2000 Relay - 17.Nov.2006 11:49:24 PM
|
|
|
jchong
Posts: 2516
Joined: 1.Dec.2005
From: Centreville, Virginia
Status: offline
|
Is your spam filtering installed on top of your Exchange server?
_____________________________
James Chong
MCSE | M+, S+, MCTS, Security+
msexchangetips.blogspot.com
|
|
|
|
|
RE: Exchange 2000 Relay - 17.Nov.2006 11:51:01 PM
|
|
|
PCBrandon
Posts: 20
Joined: 22.Jul.2006
Status: offline
|
Yes, it is.
I receive the error in the application that's trying to send the email. I know the email doesn't reach the recipient.
|
|
|
|
|
RE: Exchange 2000 Relay - 17.Nov.2006 11:53:49 PM
|
|
|
jchong
Posts: 2516
Joined: 1.Dec.2005
From: Centreville, Virginia
Status: offline
|
The spam filter is what looks like is causing your server not to relay. There should be a setting in your spam application to allow this host to relay since it's acting as an smtp proxy. Is there a setting?
_____________________________
James Chong
MCSE | M+, S+, MCTS, Security+
msexchangetips.blogspot.com
|
|
|
|
|
RE: Exchange 2000 Relay - 17.Nov.2006 11:57:44 PM
|
|
|
PCBrandon
Posts: 20
Joined: 22.Jul.2006
Status: offline
|
Yes, and I've added the IP address of the application server to the setting. It seems its clear that it's not an Exchange issue now, so I really appreciate your help!
Have a good night.
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
