Archive for the ‘SMTP’ Category

Controlling local SMTP mail relaying with Exchange 2003

September 17, 2008 Leave a comment

The organization needed to enable a specific database server to send out e-mail confirmations to remote users after specific events have occurred. Simple, I thought, as I had previously configured just these options back when we first installed our Exchange 2003 Standard server over a year ago. I was wrong though, as the confirmations were not being sent, seeming to just disappear out into the void.

  1. First step was to run some simple tests using Bmail (which is a free command-line SMTP mailer, available here. Initial tests were run from my local workstation, and lucky for me, led me to the solution right off the bat.
  2. The Bmail tests from my workstation immediately produced SMTP 550 5.7.1 “Unable to relay” error messages. What? My workstation should be authorized to use SMTP…
  3. I then ran the exact same test from the server in question with the problem. Same result as my local workstation, SMTP 550 5.7.1 errors.
  4. Time for a Google search on the issue. This lead me to the Default SMTP Virtual Server Properties dialog box (Exchange System Manager -> Organization -> Administrative Groups -> First Administrative Group -> Servers -> Server01 -> Protocols -> SMTP -> Default SMTP Virtual Server). From the dialog box, I went to Access, then the Relay restrictions Relay button.
  5. As I previously indicated, I had not changed these options since I first set up our Exchange 2003 server. The list of server IP addresses under “Only the list below” was incorrect, and it contained IPs that were no longer in use, and was missing the address of the server with the mail relaying problem. It was simple to correct the list.

Additional Notes:
You have all kinds of options with the Relay Restrictions window. I strongly suggest sticking with the principle of least access, and only granting open relay access to those systems which really need it. Adding a domain name or a group of IPs to the list seems a very bad idea to me, since as indicated, this is not an area that is visited often. Also, assuming you are using Outlook clients with your Exchange 2003 server, make sure you leave the “Allow all computers which successfully authenticate to relay, regardless of the list above” option checked, or your Outlook clients will not be able to send outbound SMTP (Internet) mail. My local workstation system was unable to relay with Bmail because its IP address was not on the list, and I was attempting to send mail directly from the command line, outside of an authenticated Outlook session.

Categories: Exchange 2003, mail relay, SMTP