Re: Exchange 2007SP1 Hub Transport Receive Connector Problem
- From: MarkC <MarkC@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Sat, 26 Jan 2008 05:45:12 -0800
Yes Outlook Express has been configured to use the same credentials to send
as to receive (either when setup for POP or IMAP).
I'm not using Secure Password Authentication.
--
Thanks for helping
"Leif Pedersen [ MVP]" wrote:
Hi,.
Did you configure the client to authenticate?
Leif
"MarkC" <MarkC@xxxxxxxxxxxxxxxxxxxxxxxxx> skrev i meddelelsen
news:90112BBF-E386-4ABF-82AA-F3E5C112C2A9@xxxxxxxxxxxxxxxx
I am hoping that somebody can help me with this problem which I am facing.
Firstly a bit of information about the problem.
I am trying to get Outlook Express v6 or (any email client for that
matter)
to send email on port 25 (My Server Requires Authentication option ticked)
to
a Hub Transport server. The error which I get is:
The message could not be sent because the server rejected the sender's
e-mail address.
The sender's e-mail address was 'test@xxxxxxxxxxxxxx'.
Subject ‘Subject information, Account: 'Test Hub', Server: 'x.x.x.x',
Protocol: SMTP, Server Response: '530 5.7.1 Client was not authenticated',
Port: 25, Secure(SSL): No, Server Error: 530, Error Number: 0x800CCC78
Here’s a bit of info about the environment and its settings:
I’m using Exchange 2007 SP1.
The Hub Transport Server sits in a different domain, but in the same
forest
as the user accounts.
The Hub Transport Server has had the default receive connector modified so
that only a specific range of IP addresses can send to it (let’s say
10.1.1.1
to 10.1.1.255).
I have then created another Receive Connector called TestClient which is
listening on port 25 for the IP address ranges which are not part of the
above range (i.e 0.0.0.0 to 10.0.0.255 and 10.1.2.1 to 255.255.255.255).
In the authentications tab I have TLS, Basic, Exchange Server
Authentication
and Integrated Windows Authentication all ticked.
Finally in the Permissions group I have Exchange Users ticked.
Things I have tried.
This works perfectly on port 587 – using the same receive connector.
However I have several thousand Outlook Express clients to reconfigure if
I
can’t get this working and the users are not technically savvy!
I have also tried adding the get-receiveconnector TestClient | add
-adpermission -user AU extendedrights
ms-Exch-SMTP-Accept-Authoritative-Domain-Sender command to grant
Authoritative domain senders the rights to send. But this doesn’t work –
same
error code.
I have tried an account which is in the same domain as to which the Hub
Transport server is in (in case of a domain permissions problem).
When I tick the Anonymous Users option in the Permissions tab everything
works fine! But I’m not going to allow that so that’s not an option – I
would
rather manually reconfigure all of the clients!
Some Logging Info
Here is a failed attempt extract from the SMTP Log files on the Hub
Transport server (all information about the domain/server name etc has
been
replaced), no authentication attempt is being made (I also checked the DCs
and there is nothing there either) and the EHLO command is replaced with
XXXX:
2008-01-24T11:44:44.505Z,HUBSERVER\TestClient,08CA2C957CC45A3F,0,SERVERIP:25,CLIENTIP:1921,+,,
2008-01-24T11:44:44.505Z,HUBSERVER\TestClient,08CA2C957CC45A3F,1,SERVERIP:25,CLIENTIP:1921,*,None,Set
Session Permissions
2008-01-24T11:44:44.505Z,HUBSERVER\TestClient,08CA2C957CC45A3F,2,SERVERIP:25,CLIENTIP:1921,>,"220
HUBSERVER.domain.local Microsoft ESMTP MAIL Service ready at Thu, 24 Jan
2008
11:44:44 +0000",
2008-01-24T11:44:44.520Z,HUBSERVER\TestClient,08CA2C957CC45A3F,3,SERVERIP:25,CLIENTIP:1921,<,XXXX
clientname,
2008-01-24T11:44:49.536Z,HUBSERVER\TestClient,08CA2C957CC45A3F,4,SERVERIP:25,CLIENTIP:1921,>,500
5.3.3 Unrecognized command,
2008-01-24T11:44:49.552Z,HUBSERVER\TestClient,08CA2C957CC45A3F,5,SERVERIP:25,CLIENTIP:1921,<,HELO
clientname,
2008-01-24T11:44:49.552Z,HUBSERVER\TestClient,08CA2C957CC45A3F,6,SERVERIP:25,CLIENTIP:1921,>,250
HUBSERVER.domain.local Hello [CLIENTIP],
2008-01-24T11:44:49.567Z,HUBSERVER\TestClient,08CA2C957CC45A3F,7,SERVERIP:25,CLIENTIP:1921,<,MAIL
FROM: <test@xxxxxxxxxxxxxx>,
2008-01-24T11:44:54.583Z,HUBSERVER\TestClient,08CA2C957CC45A3F,8,SERVERIP:25,CLIENTIP:1921,>,530
5.7.1 Client was not authenticated,
2008-01-24T11:44:54.583Z,HUBSERVER\TestClient,08CA2C957CC45A3F,9,SERVERIP:25,CLIENTIP:1921,-,,Local
Here is a successful attempt extract from the SMTP Log files on the Hub
Transport server though using 587 as the port, you can see that EHLO is
being
made and the account being authenticated:
2008-01-24T11:58:01.260Z,HUBSERVER\TestClient,08CA2C977295CA87,0,SERVERIP:587,CLIENTIP:1938,+,,
2008-01-24T11:58:01.338Z,HUBSERVER\TestClient,08CA2C977295CA87,1,SERVERIP:587,CLIENTIP:1938,*,None,Set
Session Permissions
2008-01-24T11:58:01.338Z,HUBSERVER\TestClient,08CA2C977295CA87,2,SERVERIP:587,CLIENTIP:1938,>,"220
HUBSERVER.domain.local Microsoft ESMTP MAIL Service ready at Thu, 24 Jan
2008
11:58:00 +0000",
2008-01-24T11:58:01.354Z,HUBSERVER\TestClient,08CA2C977295CA87,3,SERVERIP:587,CLIENTIP:1938,<,EHLO
clientname,
2008-01-24T11:58:01.354Z,HUBSERVER\TestClient,08CA2C977295CA87,4,SERVERIP:587,CLIENTIP:1938,>,250-HUBSERVER.domain.local
Hello [CLIENTIP],
2008-01-24T11:58:01.354Z,HUBSERVER\TestClient,08CA2C977295CA87,5,SERVERIP:587,CLIENTIP:1938,>,250-SIZE
10485760,
2008-01-24T11:58:01.354Z,HUBSERVER\TestClient,08CA2C977295CA87,6,SERVERIP:587,CLIENTIP:1938,>,250-PIPELINING,
2008-01-24T11:58:01.354Z,HUBSERVER\TestClient,08CA2C977295CA87,7,SERVERIP:587,CLIENTIP:1938,>,250-DSN,
2008-01-24T11:58:01.354Z,HUBSERVER\TestClient,08CA2C977295CA87,8,SERVERIP:587,CLIENTIP:1938,>,250-ENHANCEDSTATUSCODES,
2008-01-24T11:58:01.354Z,HUBSERVER\TestClient,08CA2C977295CA87,9,SERVERIP:587,CLIENTIP:1938,>,250-STARTTLS,
2008-01-24T11:58:01.354Z,HUBSERVER\TestClient,08CA2C977295CA87,10,SERVERIP:587,CLIENTIP:1938,>,250-X-ANONYMOUSTLS,
2008-01-24T11:58:01.354Z,HUBSERVER\TestClient,08CA2C977295CA87,11,SERVERIP:587,CLIENTIP:1938,>,250-AUTH
NTLM LOGIN,
2008-01-24T11:58:01.354Z,HUBSERVER\TestClient,08CA2C977295CA87,12,SERVERIP:587,CLIENTIP:1938,>,250-X-EXPS
GSSAPI NTLM,
2008-01-24T11:58:01.354Z,HUBSERVER\TestClient,08CA2C977295CA87,13,SERVERIP:587,CLIENTIP:1938,>,250-8BITMIME,
2008-01-24T11:58:01.354Z,HUBSERVER\TestClient,08CA2C977295CA87,14,SERVERIP:587,CLIENTIP:1938,>,250-BINARYMIME,
2008-01-24T11:58:01.354Z,HUBSERVER\TestClient,08CA2C977295CA87,15,SERVERIP:587,CLIENTIP:1938,>,250-CHUNKING,
2008-01-24T11:58:01.354Z,HUBSERVER\TestClient,08CA2C977295CA87,16,SERVERIP:587,CLIENTIP:1938,>,250-XEXCH50,
2008-01-24T11:58:01.354Z,HUBSERVER\TestClient,08CA2C977295CA87,17,SERVERIP:587,CLIENTIP:1938,>,250
XRDST,
2008-01-24T11:58:01.370Z,HUBSERVER\TestClient,08CA2C977295CA87,18,SERVERIP:587,CLIENTIP:1938,<,AUTH
LOGIN,
2008-01-24T11:58:01.370Z,HUBSERVER\TestClient,08CA2C977295CA87,19,SERVERIP:587,CLIENTIP:1938,>,334
<authentication response>,
2008-01-24T11:58:01.385Z,HUBSERVER\TestClient,08CA2C977295CA87,20,SERVERIP:587,CLIENTIP:1938,>,334
<authentication response>,
2008-01-24T11:58:01.448Z,HUBSERVER\TestClient,08CA2C977295CA87,21,SERVERIP:587,CLIENTIP:1938,*,SMTPSubmit
SMTPAcceptAnyRecipient SMTPAcceptAuthoritativeDomainSender BypassAntiSpam
AcceptRoutingHeaders,Set Session Permissions
2008-01-24T11:58:01.448Z,HUBSERVER\TestClient,08CA2C977295CA87,22,SERVERIP:587,CLIENTIP:1938,*,domain\test,authenticated
2008-01-24T11:58:01.448Z,HUBSERVER\TestClient,08CA2C977295CA87,23,SERVERIP:587,CLIENTIP:1938,>,235
2.7.0 Authentication successful,
2008-01-24T11:58:01.463Z,HUBSERVER\TestClient,08CA2C977295CA87,24,SERVERIP:587,CLIENTIP:1938,<,MAIL
FROM: <test@xxxxxxxxxxxxxx>,
2008-01-24T11:58:01.479Z,HUBSERVER\TestClient,08CA2C977295CA87,25,SERVERIP:587,CLIENTIP:1938,*,08CA2C977295CA87;2008-01-24T11:58:01.260Z;1,receiving
message
2008-01-24T11:58:01.479Z,HUBSERVER\TestClient,08CA2C977295CA87,26,SERVERIP:587,CLIENTIP:1938,>,250
2.1.0 Sender OK,
2008-01-24T11:58:01.495Z,HUBSERVER\TestClient,08CA2C977295CA87,27,SERVERIP:587,CLIENTIP:1938,<,RCPT
TO: <test2@xxxxxxxxxxxx>,
2008-01-24T11:58:01.495Z,HUBSERVER\TestClient,08CA2C977295CA87,28,SERVERIP:587,CLIENTIP:1938,>,250
2.1.5 Recipient OK,
2008-01-24T11:58:01.510Z,HUBSERVER\TestClient,08CA2C977295CA87,29,SERVERIP:587,CLIENTIP:1938,<,DATA,
2008-01-24T11:58:01.666Z,HUBSERVER\TestClient,08CA2C977295CA87,30,SERVERIP:587,CLIENTIP:1938,>,354
Start mail input; end with <CRLF>.<CRLF>,
2008-01-24T11:58:02.073Z,HUBSERVER\TestClient,08CA2C977295CA87,31,SERVERIP:587,CLIENTIP:1938,>,250
2.6.0 <randomnumber@xxxxxxxxx> Queued mail for delivery,
2008-01-24T11:58:02.088Z,HUBSERVER\TestClient,08CA2C977295CA87,32,SERVERIP:587,CLIENTIP:1938,<,QUIT,
2008-01-24T11:58:02.088Z,HUBSERVER\TestClient,08CA2C977295CA87,33,SERVERIP:587,CLIENTIP:1938,>,221
2.0.0 Service closing transmission channel,
2008-01-24T11:58:02.088Z,HUBSERVER\TestClient,08CA2C977295CA87,34,SERVERIP:587,CLIENTIP:1938,-,,Local
Is what I trying to do no allowed on a Hub Transport Server for reasons of
security Iie supported only on an Edge Server) or is Port 25 not allowed
to
be used by authenticated clients “by design”. Or have I got a permissions
problem somewhere along the line.
Thanks for taking the time to read this long post! Any help or
explanations
gratefully received.
Many thanks
Mark
--
Thanks for helping
- Follow-Ups:
- Re: Exchange 2007SP1 Hub Transport Receive Connector Problem
- From: Leif Pedersen [ MVP]
- Re: Exchange 2007SP1 Hub Transport Receive Connector Problem
- References:
- Exchange 2007SP1 Hub Transport Receive Connector Problem
- From: MarkC
- Re: Exchange 2007SP1 Hub Transport Receive Connector Problem
- From: Leif Pedersen [ MVP]
- Exchange 2007SP1 Hub Transport Receive Connector Problem
- Prev by Date: Re: NDR
- Next by Date: Re: Exch2007 IIS: /Exchange Virtual Directory
- Previous by thread: Re: Exchange 2007SP1 Hub Transport Receive Connector Problem
- Next by thread: Re: Exchange 2007SP1 Hub Transport Receive Connector Problem
- Index(es):
Relevant Pages
|
Loading
