Allow SMTP relaying..

Similar Messages

• Secure way for SMTP relay for DMZ server

  Hi,
  I would like to know if there is a secure way to allow SMTP relay from server in DMZ.  This is our Exchange server configuration.
  All Exchange server roles installed on a single server.
  No Edge server.
  Thanks in advance.

  Hello
  if haven't got relay connector, need create one receive connector add only one dmz ip and if application can authentication use that authentication method, if cant use any auth method  enable anoynous relay.
  sorry my english

• How can solve the problem in email " SMTP Relay "Message rejected" ", how can solve the problem in email " SMTP Relay "Message rejected" "

  Dear sirs,
  how to solve the mail problem which occurs while I am abroad; bearing in mind that I use HOTSPOT and sometime it's sending emails sometime getting the below messages " SMTP Relay "Message rejected"

  The outgoing mail server is rejecting mail from your network address. Typically that happens when your mail service provider is also your ISP, and you connect to it from another network. The SMTP server will allow connections without a password from anywhere, but it will only relay mail from within the ISP's network. It could also be that your account on the server has expired or been suspended.
  If you need to send mail from outside your ISP's network, use an independent mail service provider. I don't have a specific recommendation.

• Internal SMTP Relay

  How to configure my server GroupWise 8.2, OES2.3, not to allow sending internal e-mail without authentication? Today, any user can use the email domain to send an email with different names and without authentication.

  Originally Posted by Rogerio Lopes Alves
  How to configure my server GroupWise 8.2, OES2.3, not to allow sending internal e-mail without authentication? Today, any user can use the email domain to send an email with different names and without authentication.
  Hi,
  Do you mean they can do this by using the GroupWise Client? Or is the GWIA itself permitting relay for all servers?
  If the last is the case here, you can disable relaying (which should be disabled by default) within the GWIA settings in ConsoleOne > TAB Access Control > SMTP Relay Settings
  There you can also specify any exceptions that are needed.
  -Willem

• GWIA SMTP relay restriction doesn't work

  I am running GWIA on SLES 10 SP2 GW703HP4.
  I have the GWIA SMTP Relay Defaults=Prevent message relaying. Exceptions with allow from 192.168.10.3 to * as the 192.168.10.3 is the alert mail server. When I tried to test the SMTP port to GWIA, I got restrict relay error. If I change Relay Default to "Allow message relaying", that is the only time that I can connect from 192.168.10.3 to send SMTP mail via GWIA.
  I have tried to restarted GWIA everytime I make the change but can't get the exception to work?
  Any suggestion?
  Cheer
  Andy

  I deleted the IP address and added the same entry back, then GWIA relay fine.
  Might be I have bad eyes?? Thanks all for the inputs.
  Andy
  Originally Posted by buckesfeld
  * andyj2009 wrote, On 05/20/2010 11:06 PM:
  > Exceptions with allow from 192.168.10.3 to * as the 192.168.10.3 is the
  > alert mail server.
  Note there are two situations where you don't have to tinker with relaying exceptions at all:
  - the alert mail server sends to internal addresses only
  - the alert mail server can do SMTP authentication.
  Uwe
  Novell Knowledge Partner (NKP)
  Please don't send me support related e-mail unless I ask you to do so.

• How to check Exchange smtp relay logs successed/failed

  We have a quite a few servers in the company that allow to relay smtp through our current Exchange environment. Often time, the recipients did not get those messages that was send out from our SQLservers. We would like to get these logs from Exchange to see
  why those messages were sent from SQLservers that did not go through. Is there a way to track those messages?

  Hi ThaiFL,
  Any updates?
  Frank Wang
  TechNet Community Support

• 10.3.9 - Mobile Users Authenticating for SMTP Relay.

  I hope I get my thoughts together and this question comes out right.
  I have a small shop, where most of my users are in-house. They're using Entourage clients, and my couple of PC folks are using Outlook 2003. From in-house, everyone works just fine. Relay filters are setup to allow people inside the network to send fine. I have 127.0.0.1/32 and 192.168.1.1/32 in the Mail/Settings/Filters/SMTP Relay settings.
  However, I have a couple of mobile users, the Director being one of them, who want/need to send email when outside of the office, or from a mobile device, like their Treo.
  What I'm running into is that my mobile users are having authentication issues when trying to send email while outside the office. Even when they indicate they need to authenticate SMTP from their client, I get different issues with different users.
  The Director's Treo, using Versamail, recieves email normally via IMAP. However, when sending, even though she's set to ESMTP Authentication, I get a 502 error. Without ESMTP Authentication turned on, I get a relay error.
  Mail/Settings/Advanced has LOGIN and Plain checked for SMTP Authentication, and IMAP has LOGIN, Plain and Clear checked, while POP has APOP and Clear slected.
  I'm at a loss for how to proceed with correcting this issue to allow mobile users to authenticate reliably from where ever they are. Can someone provide me some straightforward guidence on how this should be correctly configured?
  Thanks.
  PowerBook G4 17   Mac OS X (10.4.9)   1.5G RAM

  Thanks for the response.
  I've seen the posts about adding alternate ports, but it doesn't seem to matter what the ISP source is, they get Relay denied messages and our mailer shows the denial traffic.
  There are additional relay exceptions in this, but here is the postconf file you requested:
  always_bcc =
  command_directory = /usr/sbin
  config_directory = /etc/postfix
  daemon_directory = /usr/libexec/postfix
  debugpeerlevel = 2
  enableserveroptions = yes
  inet_interfaces = all
  luser_relay =
  mail_owner = postfix
  mailbox_transport = cyrus
  mailq_path = /usr/bin/mailq
  manpage_directory = /usr/share/man
  mapsrbldomains = sbl-xbl.spamhaus.org,bl.spamcop.net
  messagesizelimit = 15728640
  mydestination = $myhostname,localhost.$mydomain,kemperart.org
  mydomain_fallback = localhost
  myhostname = mail.kemperart.org
  mynetworks = 127.0.0.1/32,192.168.200.99/32,192.168.200.1/32,rr.com,68.25.136.123/32
  mynetworks_style = host
  newaliases_path = /usr/bin/newaliases
  queue_directory = /private/var/spool/postfix
  readme_directory = /usr/share/doc/postfix
  relayhost =
  sample_directory = /usr/share/doc/postfix/examples
  sendmail_path = /usr/sbin/sendmail
  setgid_group = postdrop
  smtpdclientrestrictions = rejectmapsrbl
  smtpdenforcetls = no
  smtpdpw_server_securityoptions = plain,login,cram-md5
  smtpdrecipientrestrictions = permitsasl_authenticated,permit_mynetworks,reject_unauthdestination,permit
  smtpdsasl_authenable = yes
  smtpdtls_certfile = /etc/postfix/server.pem
  smtpdtlsloglevel = 0
  smtpduse_pwserver = yes
  smtpdusetls = no
  unknownlocal_recipient_rejectcode = 450
  Remember, be gentle, while I'm able to get around the Terminal Window, I am, by no means, an expert.
  Thanks again!
  PowerBook G4 17   Mac OS X (10.4.9)   1.5G RAM

• Ironport C170 Blocks Emails Being Sent From SMTP Relay

  I have an issue with emails being sent out through our virtual SMTP Relay from a server on the DMZ. Any emails being sent to internal email accounts on our domain works fine. However the ones sent to external accounts are being rejected by the RAT. Here is a shot of the rejection message we are getting:
  29 Oct 2013 10:09:58 (GMT -05:00)
  Protocol SMTP interface Data 2 (IP xxx.xxx.xxx.xxx) on incoming connection (ICID xxxxxxx) from sender IP xxx.xxx.xxx.xxx. Reverse DNS host internal.domain.org verified yes.
  29 Oct 2013 10:09:58 (GMT -05:00)
  (ICID xxxxxxx) ACCEPT sender group UNKNOWNLIST match sbrs[-1.0:10.0] SBRS 0.4
  29 Oct 2013 10:09:58 (GMT -05:00)
  Start message xxxxxx on incoming connection (ICID xxxxxxx).
  29 Oct 2013 10:09:58 (GMT -05:00)
  Message xxxxxx enqueued on incoming connection (ICID xxxxxxx) from [email protected]
  29 Oct 2013 10:09:58 (GMT -05:00)
  Message xxxxxx on incoming connection (ICID xxxxxxx) to [email protected] was rejected by Recipient Access Table (RAT).
  29 Oct 2013 10:09:58 (GMT -05:00)
  Message xxxxxx aborted: Receiving aborted by sender
  I am new to the Ironport world so I am having a hard time figuring out how to allow for my SMTP relay to send emails to external email accounts. Thanks for any advice in advance! 

  It looks like the message should be arriving via SENDERGROUP RELAYLIST instead of
  ACCEPT sender group UNKNOWNLIST .
  Navigate to GUI --> Mail Policies --> HAT Overview
  Then click the RELAYLIST sendergroup
  Add the IP address of your sending MTA to this group, submit and commit changes.

• SMTP Relay to a Hub server with the Mailbox servers down... Anonymous email?

  I'm trying to send anonymous email to an outside email address from inside, with the Mailbox servers down. We are using cmdlets to relay to the Hub Transport server, but the error "Mailbox Unavailable" keeps coming back. I've tried multiple methods
  of powershell SMTP email delivery, and the errors are virtually identical.
  Does anyone have any methods to deliver anonymous email to a relay server while the Mailbox servers are down?
  PS D:\#E2010-Management> #####Script1 - Set Password
  $s = New-Object System.Security.SecureString
  $credential = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList "NT AUTHORITY\ANONYMOUS LOGON", $s
  #####Script2 - Send Email
  $From = "[email protected]"
  $To = "[email protected]"
  $SMTPServer = "SMTPSERVER.company.com"
  $SMTPPort = "25"
  $subject = "test"
  $body = "n"
  $smtp = New-Object System.Net.Mail.SmtpClient($SMTPServer, $SMTPPort);
  $smtp.EnableSSL = $false
  $smtp.Credentials = New-Object System.Net.NetworkCredential($credential.GetNetworkCredential().Username, $credential.GetNetworkCredential().Password)
  $smtp.Send($From, $To, $subject, $body);
  Exception calling "Send" with "4" argument(s): "Mailbox unavailable. The server response was: 5.7.1 Unable to relay"
  At line:15 char:11
  + $smtp.Send <<<< ($From, $To, $subject, $body);
  + CategoryInfo : NotSpecified: (:) [], MethodInvocationException
  + FullyQualifiedErrorId : DotNetMethodExceptionPS D:\#E2010-Management> $s = New-Object System.Security.SecureString
  $creds = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList "NT AUTHORITY\ANONYMOUS LOGON", $s
  $creds.GetNetworkCredential()
  $smtp.EnableSsl = $false
  Send-MailMessage -to "[email protected]" -from "[email protected]" -subject "test" -SmtpServer "SMTPRELAY.company.com" -credential $creds
  UserName Password Domain
  ANONYMOUS LOGON NT AUTHORITY
  Send-MailMessage : Mailbox unavailable. The server response was: 5.7.1 Unable to relay
  At line:5 char:17
  + Send-MailMessage <<<< -to "[email protected]" -from "[email protected]" -subject "test" -SmtpServer "SMTPRELAY.company.com"
  -credential $creds
  + CategoryInfo : InvalidOperation: (System.Net.Mail.SmtpClient:SmtpClient) [Send-MailMessage], SmtpFailedRecipientException
  + FullyQualifiedErrorId : SmtpException,Microsoft.PowerShell.Commands.SendMailMessage

  Hi Mr.Cross,
  If you want to allow anonymous relay, you need to create a new Receive connector on the Hub Transport server and use the Shell to grant the relay permission to anonymous connections.
  Here’s an article for your reference:
  Allow Anonymous Relay on a Receive Connector
  http://technet.microsoft.com/en-us/library/bb232021(v=exchg.141).aspx
  Notes:
  Allowing anonymous relay on a Receive connector is a security risk, especially on Internet-facing servers.
  If you have any further questions, please do not hesitate to post back.
  Best regards,
  Eric

• Revert my allowing smtp sasl for external site

  Our version is 6.3
  Previously we've set the smtp relaying from outside if they could authenticate
  the tcp_auth channel was set as follows:
  tcp_auth smtp mx single_sys mustsaslserver missingrecipientpolicy 4
  and the tcp_local like this:
  tcp_local smtp mx single_sys remotehost inner switchchannel identnonenumeric sub
  dirs 20 maxjobs 7 pool SMTP_POOL maytlsserver maysaslserver saslswitchchannel
  tcp_auth missingrecipientpolicy 0 loopcheck
  Now we want to disable smtp connection from outside (to prevent mail relaying cos someone might
  guess the password of some users) even with authentication
  I tried to change the tcp_auth
  to look like this
  tcp_auth smtp mx single_sys nosasl nosaslserver missingrecipientpolicy 4
  But this didn't work for me ( I tried from outside site to send mail using smtp authentication
  and still I was allowed)
  Could someone enlighten me on how to take off smtp auth altogether
  (I could even take off for internal site as well)
  Thanks in advance

  You don't really want to "disable smtp connection from outside", do you? That would mean not receiving any mail from outside.
  If you just want to disable SMTP authentication from the outside, then remove "maysaslserver" and "saslswitchchannel tcp_auth" from the tcp_local channel. Those are how SMTP connections coming from outside are allowed to authenticate and then switched to be coming from the tcp_auth channel instead of tcp_local.
  You probably have the same issue with the tcp_submit channel, which would normally be messages coming in on port 587. But removing those from the tcp_submit channel would also mean your local users cannot authenticate. Alternatively, you could use your firewall to block connections to port 587 from outside or accomplish similar with the PORT_ACCESS mapping table.
  But I really question the wisdom of this whole line of thought. SMTP authentication is a good thing. It improves your overall security. Of course if users have easily guessable passwords, that is a password policy issue.

• Cannot get db mail to work via SMTP Relay for Office 365 in SQL Server 2014 on Windows Server 2012 R2

  Our company recently moved to Office 365 which mean our on premise exchange server went away as well with the move.  I am trying to configure my new sql server (OS-Windows Server 2012 R2, DBMS- SQL 2014 Std Edtion).  After some searching I found
  this article (http://blogs.technet.com/b/meamcs/archive/2013/02/25/how-to-configure-sql-database-mail-so-send-emails-using-office-365-exchange-online-a-walkthrough.aspx) and have followed these steps exactly, but to no avail.  I did some further research
  on the SMTP relay I setup and found a way to test it (listed here http://technet.microsoft.com/en-us/library/dn592151(v=exchg.150).aspx at the bottom of the article).  If I drop the email.txt file in the pickup folder, it gets sent out no problem.
   I have configured my db email exactly as describe here(http://blogs.technet.com/b/meamcs/archive/2013/02/25/how-to-configure-sql-database-mail-so-send-emails-using-office-365-exchange-online-a-walkthrough.aspx).  But keep getting an unable to connect
  to SMTP server error.  I have even tried completely shutting down firewall to see if that is the issue and multiple restarts.  Any ideas how to get this to work on Office 365?
  DB Mail error log:
  Date 6/10/2014 10:28:41 PM
  Log Database Mail (Database Mail Log)
  Log ID 46
  Process ID 2196
  Mail Item ID 19
  Last Modified 6/10/2014 10:28:41 PM
  Last Modified By xx
  Message
  The mail could not be sent to the recipients because of the mail server failure. (Sending Mail using Account 2 (2014-06-10T22:28:41). Exception Message: Cannot send mails to mail server. (Failure sending mail.).

  Hi,
  I followed this blog and got the below error message in the Database Mail Log.
  “The mail could not be sent to the recipients because of the mail server failure. (Sending Mail using Account 2 (2014-06-11T19:34:00). Exception Message: Cannot send mails to mail server. (Mailbox unavailable. The server response was: 5.7.1 Unable to relay
  for [email protected]).”
  If you are getting the same error message, you can try the below steps to resolve the issue.
  1. Open the IIS 6.0 management console. Right click on the SMTP server and open the properties window.
  2. Click on the Access tab, click Relay button under Relay restrictions. loopback IP address (i.e 127.0.0.1).
  Then the email should be sent out from Database Mail without problem.
  Thanks.
  Tracy Cai
  TechNet Community Support

• How to use multiple mail sending address in SMTP relay for exchange online

  We have one SMTP relay configured with [email protected] credentials. one oracle application automatically shoots mail to users using this [email protected] to users. So if recipient reply on auto-generated mail it goes to mailbox of [email protected] (so that application
  team see and reply to any query raised by recipient). 
  Now my requirement is, I want to notify users about their password expiry before 10  days (something like that) I have made the script and tested it in lab. But the main requirement is I want to use [email protected] mail ID for sending mail. And if any recipient
  reply on the auto-generated mail it goes to [email protected] mailbox (which is managed by different team).  
  So the query How can I use two different mailbox enabled IDs for sending mails on a single SMTP Relay server
  Thanks
  Pankaj Sharma

  Thanks Ed and Mavis for the reply and suggestion, but here scenario is different. 
  We have one SMTP relay configured with [email protected] credentials. one oracle application automatically shoots mail to users using this [email protected] to users. So if recipient reply on auto-generated mail it goes to mailbox of [email protected] (so that
  application team see and reply to any query raised by recipient). 
  Now my requirement is, I want to notify users about their password expiry before 10  days (something like that) I have made the script and tested it in lab. But the main requirement is I want to use [email protected] mail ID for sending mail. And if any recipient
  reply on the auto-generated mail it goes to [email protected] mailbox (which is managed by different team).  
  So the query is can I use two different mailbox enabled IDs on a single SMTP Relay, If yes then how..
  Thanks
  Pankaj

• How do I set up an account to receive email from my SMTP relay Server. Have I made a SMTP Server config error?

  Hi,
  How do I set up an account to receive email from my SMTP Relay Server?
  I've setup the SMTP feature and set my Server to use anonymous authentication.
  Things appear to look ok.
  But I can't connect make a test connection to it when I am trying to add an email account in Outlook.
  I could be doing something wrong here.
  This is my process.
  1. I have setup my SMTP Server.
  2. Created a user account in AD and given it an email address.
  3. Opened Outlook and tried to manually add a POP3 account by specifying the incoming and outgoing Server details.
  But when I go to test the connection on the email setup it keeps failing.
  Please help.
  Thanks

  Hi Midi25,
  As Florent suggested, please use Telnet to test SMTP Communication. For more details, please refer to following articles.
  How to Use Telnet to Test SMTP Communication
  XFOR: Telnet to Port 25 to Test SMTP Communication
  In addition, please also refer to following article and check if can help you.
  How to Configure a Windows Server 2003 Server as a Relay Server or Smart Host
  Best regards,
  Justin Gu
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• Have to add 0.0.0.0/0 to "Accept SMTP relays only from these"?

  To reach the server via vpn I had to add a virtual IP (192.168.1.1) to the ethernet port. Since then mail acts a bit strange: I have to add 0.0.0.0/0 to "Accept SMTP relays only from these" in SA. Otherwise i get a "[/var/imap/socket/lmtp]: Connection refused" in the smtp log and the server does not accept any delivery of mails from the internets.
  I'm not quite sure if it's a good idea. Can anyone please tell if this is still a security risk (while having access restrictions on the mail service)?

  After a few telnet tests I can answer my own question: It makes an open relay server to spammers! But to solve the former issue with the connection refuse, I had to switch to virtual hosting in the advanced tab of the mail service and add my own domains.

• Using CUE as SMTP relay

  Hello world...
  I hope someone has an answer to this - i have gone through the CUE CLI documentation looking to config it up as an SMTP relay, and this idea does not seem like it will work.
  System is UC540 on 8.6.5
  I have a PRI with a DID block for the client - they want individual fax numbers for each person.  That part is easy enough.  They do NOT want to store it in their vociemail box.  They just want it sent to their email inbox.  They do not want to use the "listen" mode where fax and voice comes in on the same DID because the delay for the customer calling in is too great in their opinion.  This is fine.  I get it.
  However I am having a dickens of a time using the CUE to send the emails based upon the DID to the user mailbox.  I am talking about configuring a separate ephone-dn and an account on the CUE for the fax email user.  when i go this route, The sending fax machine just hangs and never successfully transmits.
  IF, however, I set the "mta send server" to my test-bench smtp relay by IP address, it all works.  Fax as email attachment comes through like greased lightning.
  I try to do it via the extension and have CUE submit it out, things just hang.
  IS THERE A WAY to configure the CUE to act as a simple SMTP relay for all things internal?
  This is the config that works for me:
  mta send server 192.168.110.25 port 25 <IP addess of my bench smtp server>
  mta send server 10.10.10.1 port 25
  mta send with-subject both
  mta send mail-from hostname LAB-UC540.lab.org
  mta send mail-from username $s$
  mta receive aliases 10.10.10.2
  mta receive maximum-recipients 7
  For the MMOIP, I have:
  dial-peer voice 3020 pots
  translation-profile incoming Lab_Fax_T37_Called_26
  service onramp
  incoming called-number 4627
  direct-inward-dial
  port 0/2/0:23
  dial-peer voice 1801 mmoip
  service fax_on_vfc_onramp_app out-bound
  destination-pattern 4627
  information-type fax
  session target mailto:[email protected]
  The above works remarkably well
  This (generic CCA config) is broken:
  dial-peer voice 3020 pots
  translation-profile incoming Lab_Fax_T37_Called_26
  service onramp
  incoming called-number 4627
  direct-inward-dial
  port 0/2/0:23
  dial-peer voice 1800 mmoip
  description ** fax onramp for outbound faxmail to CUE **
  service fax_on_vfc_onramp_app out-bound
  destination-pattern ^....$
  information-type fax
  session target mailto:[email protected]
  fax receive called-subscriber $d$
  fax interface-type fax-mail
  mta send server 10.10.10.1 port 25
  mta send with-subject both
  mta send mail-from hostname 10.10.10.2
  mta send mail-from username $s$
  mta receive aliases 10.10.10.2
  mta receive maximum-recipients 7
  Any suggestions?  Or do I build a small internal LAN smtp relay server?

  Hello,
  The CUE is used with the script for t37 - there are two approaches with fax to email.
  One is using the CUE and the other is not using CUE just to add the right information.
  For more information:
  http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/unity_exp/rel3_1/administration/guide/voicemail/fxgatewy.html
  https://supportforums.cisco.com/docs/DOC-9718
  HTH,
  Alex