Send Connector Issues - Getting 550 Relay Denied Error?
I have a mixed Exchange Environment running Exch 2003(SP2)/2007(SP1). Currently my SMTP Gateway sites on my Exchange 2003 server with a "*" address space. I have setup a Send Connector on my Exchange 2007 Hub server (also a mailbox server) and have set it up with a single external domain address space for testing. I am pointing the Send COnnector to a foreign external gateway (Ironmail) and NOT an edge server. I have read all the docs on setting this up with an external smtp gateway and am continuously getting odd "550 relay denied" error messages. I have verified my ironmail appliance is fully setup with the correct relaying acceptions for my send connector servers IP address. My exchange 2007 send connector server has multiple IP's and I have even setup the source IP on the send connector to make sure it was coming from the right source. 550 specifies no relay for a non existant mailbox? There are many addresses on this domain all of which I have tried and get the same error? All of the domains I have testing sending "FROM" are all in my "Accepted Domains" list as "Authoritative" domains. In addition, I have setup a successful Receive Connector on the same server and it can get inbound mail from my Ironmail server without error. I have used a port verifiying and successfully connected to my Ironmail box over port 25 fine, so my firewall rules are all setup correctly. Looking into Send Connector AD permissions, it looks as if I only need to set permissions based on what "headers" I want to allow outside mail servers and recipients to see. Is this required? I have "Externally Secured" set as the connector authentication method. Any ideas as to why my Exch2007 Send Connector would error with a "550 relay denied" whne my next hope gateway is allowing relay and the addresses I am supplying are valid mailboxes at the destnation?ThanksNTNEWS
May 13th, 2008 7:32am

If you are using external authentication, a trusted network connection must exist between the Hub Transport server and the SMTP gateway server. This connection can be an IPsec association or virtual private network (VPN). Alternatively, the servers may reside in a trusted physically controlled network. Instead of External Authenticationuse Basic Authentication or Basic Authentication over TLS and the user name and password that will be used to authenticate the connection.
Free Windows Admin Tool Kit Click here and download it now
May 13th, 2008 8:40am

Thanks Amit. Yes I realize this and it is a trusted network segment I am dealing. Plans are to move to tls once I get the certificates in place but I should be able to make this work without it. The oddity is I am getting a "non-existant" mailbox error when the smart host is setup correctly to allow relay from the sender? Although the error states "relay" I do not believe it is a relay issue.ThanksNTNEWS
May 13th, 2008 11:41pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics