Re: How to allow emails to relay through Exchange 2007
- From: "Bharat Suneja [MVP]" <bharat@xxxxxxxxxx>
- Date: Tue, 21 Aug 2007 19:18:04 -0700
If you've setup a Connector for unauthenticated relaying, and allowed the IP address of the sending host to connect, the host should be able to relay.
Is the non-Exchange host sending to the IP address of the second/new relay Receive Connector?
--
Bharat Suneja
MVP - Exchange
www.zenprise.com
NEW blog location:
exchangepedia.com/blog
----------------------------------------------
"JD @magma.ca>" <jsjd<remove> wrote in message news:36e11$46cb91f4$4a6896c6$21671@xxxxxxxxxxxx
That's ok Bharat, no need to apologize :) That is what I assumed... When I plugged the entire thing into the run line, I was getting an error and that was one of the things that I questioned only because I was trying to figure out what was going wrong. Turned out it was because I didn't enter in 'fqdn'... oops!
Anyway, I was able to successfully create the connector once I entered in the 'fqdn' part, however... I still can't get the emails that are generated from the other server to get through... I get an HTTP 500 Internal Server error. In the event log, I'm still getting this error:
'Inbound authentication failed with error LogonDenied for Receive connector Default EXCHANGE. The authentication mechanism is Gssapi. The source IP address of the client who tried to authenticate to Microsoft Exchange is [192.168.1.120]'
The domain that it is sending from has been entered into the 'Accepted Domain' as an 'Internal Relay'. Is this the correct way for it to be setup? Any other ideas as to what could be keeping it authenticating properly?
What's really go me going here is the fact that it actually worked when I first had it setup on the client and the default EXCHANGE connectors, then for some unknown reason it stopped working...
Any ideas would be GREATLY appreciated!
Thanks,
James
"Bharat Suneja [MVP]" <bharat@xxxxxxxxxx> wrote in message news:OTBDKMA5HHA.3400@xxxxxxxxxxxxxxxxxxxxxxxYes, MYEXCHANGESERVER is meant to be replaced with your server name.... sorry, that should be more specific but it's quite common to indicate your server name needs to go in there. :)
--
Bharat Suneja
MVP - Exchange
www.zenprise.com
NEW blog location:
exchangepedia.com/blog
----------------------------------------------
"JD @magma.ca>" <jsjd<remove> wrote in message news:ac2ae$46cacb34$4a6896c6$8240@xxxxxxxxxxxxThanks Bharat,
I hadn't come across this procedure yet and gave it a try. I assigned an additional IP address of 192.168.1.9 (regular Exchange IP is 192.168.1.8) on the same adapter and entered in the following:
New-ReceiveConnector -Name RelayConnector -usage Custom -Bindings '192.168.1.9:25' -exchange.mycompany.com -RemoteIPRanges 172.16.1.99 -server MYEXCHANGESERVER -permissiongroups ExchangeServers -AuthMechanism 'TLS, ExternalAuthoritative'
It keeps giving me an error at this line '-fqdn server.domain.com' indicating that it doesn't like 'exchange' (which is the name of the exchange server) - it can't find the parameter name. I'm sure it's just me mis-interpreting what needs to be entered here?
When I see entries like '-server MYEXCHANGESERVER' do I replace those entries with the names of my servers (I haven't been).
James
"Bharat Suneja [MVP]" <bharat@xxxxxxxxxx> wrote in message news:%23jRyJ464HHA.5980@xxxxxxxxxxxxxxxxxxxxxxxExchange Server 2007: How To Allow Relaying
http://exchangepedia.com/blog/2007/01/exchange-server-2007-how-to-allow.html
--
Bharat Suneja
MVP - Exchange
www.zenprise.com
NEW blog location:
exchangepedia.com/blog
----------------------------------------------
"JD @magma.ca>" <jsjd<remove> wrote in message news:5d00c$46ca168a$4a6896c6$3957@xxxxxxxxxxxxHi everyone,
We have a registration service that runs on a server that is separate (same domain) from the Exchange server. When someone registers something, an email is sent to a defined email address. At first, it worked after I put the IP address of the server in the receive connectors for both the Client and the Default Exchange connectors, under 'Receive email from remote servers that have these IP addresses'. I also changed the Permissions groups to allow 'anonymous'.
But now when I run a test script that simulates the process, it doesn't work and I get the following in the Application event log:
Inbound authentication failed with error LogonDenied for Receive connector Default EXCHANGE. The authentication mechanism is Gssapi. The source IP address of the client who tried to authenticate to Microsoft Exchange is [192.168.1.120]
Obviously, it not authenticating... is there a place that I haven't looked where I have to allow it to authenticate?
Under the authentication tab, I have selected the following:
- Transport Layer Security [TLS]
- Basic Authentication
- Offer Basic authentication only after starting TLS
- Exchange Server authentication
- Integrated Windows authentication
Any help would be great appreciated!
Thanks,
James
.
- Follow-Ups:
- References:
- How to allow emails to relay through Exchange 2007
- From: JD
- Re: How to allow emails to relay through Exchange 2007
- From: Bharat Suneja [MVP]
- Re: How to allow emails to relay through Exchange 2007
- From: JD
- Re: How to allow emails to relay through Exchange 2007
- From: Bharat Suneja [MVP]
- Re: How to allow emails to relay through Exchange 2007
- From: JD
- How to allow emails to relay through Exchange 2007
- Prev by Date: Re: How to allow emails to relay through Exchange 2007
- Next by Date: Re: How to allow emails to relay through Exchange 2007
- Previous by thread: Re: How to allow emails to relay through Exchange 2007
- Next by thread: Re: How to allow emails to relay through Exchange 2007
- Index(es):
Relevant Pages
|
