Sharepoint and Exchange Distrubution Lists requiring authentication
Hello, We have a Sharepoint 2007 environment and Exchange 2003. We use SharePoint to send email to different distribution lists within Exchange. When we send email from Sharepoint to a distribution list that does NOT have the "From authenticated users only" option checked in the Exchange General Tab of the group, email is received without a problem. However, when email is send from Sharepoint with the "From authenticated users only" checked, email never comes through. I assume this is because Sharepoint is not authenticating before it sends email via SMTP. I gave the IP address of the Sharepoint server the ability to relay through our Exchange server, but that did not solve the problem. Do I need to specify authentication settings elsewhere on the SharePoint server? I did not see anywhere within the Sharepoint Central admin to do so. Do I need to adjust the settings on the SMTP server section within IIS?
October 12th, 2010 5:56pm
According to http://support.microsoft.com/kb/827616 , If you enable the Resolve anonymous e-mail setting on your front-end SMTP servers, anonymous senders can bypass the From authenticated users only setting. For more information, click the following article number to view the article in the Microsoft Knowledge Base: 828770 (http://support.microsoft.com/kb/828770/ ) Resolve anonymous senders functionality in Microsoft Exchange 2003 Gu Yuming TechNet Subscriber Support in forum If you have any feedback on our support, please contact email@example.com
October 14th, 2010 1:58pm
Gu Yuming, Thank you for your reply. I read the Microsoft KB article 828770. I am concerned about enabling "Resolve anonymous email" setting on the exchange server. The note under "Resolution" states: Note Microsoft does not recommend that you turn on the Resolve anonymous E-mail option on any Exchange computers that receive mail from the Internet. If you turn on the Resolve anonymous senders option, any user can send anonymous mail through the SMTP server, and the mail message appears to the recipient as authenticated mail. Our Exchange Server does in fact process email from the internet (after it goes through our spam filter). Perhaps I am misunderstanding this article, but if I enable "Resolve anonymous email" setting, doesn't that post a security risk since anyone can now email anonymously?
October 14th, 2010 6:18pm
I want to update this post and to say that using the "Resolve anonymous email" setting is not a viable solution. By doing so, anybody from the internet can email our internal only distribution list. While this option may work if you have an additional exchange server set up not to receive inbount SMTP email from the internet, this does not work in our case.
October 14th, 2010 10:19pm
Sorry for the long delay. Since SharePoint always send out email anonymously, if you enforce Exchange to receive authenticated email only, you can set SharePoint to send outgoing email to some local SMTP server (included in IIS as an optional pack), restrict the IP addresses from which anonymous email can be received (to avoid spam), and relay the received email to Exchange with user account. Gu Yuming TechNet Subscriber Support in forum If you have any feedback on our support, please contact firstname.lastname@example.org
October 25th, 2010 5:09am