Re: SMTP 550 5.7.1 unable to relay for user@company.com

From: Evan Mann (ask_at_for.it)
Date: 03/21/04 

Date: Sun, 21 Mar 2004 13:22:44 GMT

This should be an easy one, you need to get into your PIX and into enable
mode:

no fixup prot smtp 25

The Fixup Protocol for SMTP in the PIX only always the originaly 8 or so
SMTP commands specified by RFC. I'm assuming your users are trying to
authenticate via POP3 or SMTP and send to external recipients. Well in
order to do that, they need to be able to relay. To relay you need to use
an AUTH command which is NOT part of the original SMTP commands, so Fixup on
the PIX blocks it. Disabling fixup is theonly way to fix your problem, if
your problem falls into this situations.

"Psycho" <anonymous@discussions.microsoft.com> wrote in message
news:c25901c40ef4$5fbd3120$a001280a@phx.gbl...
> Yes actually, it is a Cisco PIX firewall.
>
> Psycho
> >-----Original Message-----
> >you using a cisco pix firewall by any chance?
> >
> >--
> >David Sengupta M.T.S., B.Sc., MVP, MCSE, MCSE 2000, CCA
> Ottawa, Canada
> >Exchange Reporting & Analysis:
> http://www.quest.com/messagestats/
> >Exchange FAQ - http://www.swinc.com/resource/exch_faq.htm
> >
> >
> >"Psycho" <Psycho@Psychotic.net> wrote in message
> >news:%23bay5VhDEHA.3016@TK2MSFTNGP11.phx.gbl...
> >> Hello,
> >>
> >> We are using Exchange 2003 and our users are having
> trouble sending to a
> >> certain recipient outside of our orginization.
> >>
> >> Basically we have a mailbox created for this user and
> we forward all his
> >> e-mail from the mail box to the custom contact we
> created in AD. This
> >> has been working for quite some time.
> >>
> >> However, we are now getting NDR's with the following
> message
> >>
> >> "you do not have permission to send to this recipient.
> user@company.com
> >> For assistance, contact your system administrator.
> >> <exchange.namco.com #5.7.1 smtp;550 5.7.1
> Unable to relay
> >> for user@company.com>"
> >>
> >> I checked the event viewer and the ID for the event is
> 7004 and
> >> Microsofts webs site has NO INFORMATION regarding this
> event ID.
> >>
> >> Any suggestions on what to do would be greatly
> appreciated, Thank you in
> >> advance.
> >>
> >> Psycho
> >
> >
> >.
> >
>

Relevant Pages

  • Re: Cisco PIX fixup protocol command
    ... The PIX is a stateful firewall and maintains state on ... The reason why a security evaluation might result in a recommendation to ... is no need to have the SMTP fixup enabled. ...
    (Security-Basics)
  • RE: how setup exchange
    ... smtp emails. ... Install a ISA server with two network cards, one on the dmz zone and the ... Configure route in to my router and configure Pix to allow smtp traffic. ...
    (microsoft.public.exchange.setup)
  • RE: Cisco PIX fixup protocol command
    ... FWIW, I have experienced problems with fixup SMTP, using a Postfix relay behind a PIX 515e. ... There was a bug, reported fixed over a year ago by Cisco, relating to interoperability with Postfix, but I was still unable to make it play with a large set of inbound mail. ... > and wat are the security implications for this? ...
    (Security-Basics)
  • RE: [fw-wiz] PIX 501 outgoing SMTP problem - (reset-o)
    ... Even with Mailguard off I had ... Google the terms esmtp pix ... Further examination of the Exchange Server smtp logs shows that the smtp ...
    (Firewall-Wizards)
  • RE: [Full-Disclosure] Sidewinder G2
    ... If a remote client sends ESMTP it converts it to a NOOP command and sends it ... or send a NOOP to the server. ... The PIX will respond with xxxx's in the SMTP version if you do a telnet... ...
    (Full-Disclosure)