Thursday, April 16, 2009

530 5.7.1 Client was not authenticated Exchange 2010

Problem:

After new installation you are able to sent mail out but not able to receive emails.The sending host is receiving fallowing command on SMTP handshake from your mail server “530 5.7.1 Client was not authenticated”

Solution:

I had one of my previous post same issue with Exchange 2007, please do remember, the product exchange is being delivered to you totally secure, and even anonymous access has not been turned off, you as an Exchange administrator must turn it on .

To understand and see the your mail server response , you will need to open telnet session to your mail server and use standard SMTP commands to see the mail server response and what is going on so you can remedy the problems.

  • lets start installing
  • Telnet client first

Open DOS or PowerShell and type below

servermanagercmd -install telnet-client

image

Now on the same screen type

helo ( hit enter)
220 mail2.smtp25.org Microsoft ESMTP MAIL Service
250 mail2.smtp25.org Hello [10.10.10.10]
mail from:Telnet25@Gmail.com ( Use yours) hit enter
530 5.7.1 Client was not authenticated

As you see the server response is “530 5.7.1 Client was not authenticated

image

Now lets take care of that, open EMC , go under your Server configuration, hub transport server default receive connector, properties, click on last tab “permission Groups” place check mark into “Anonymous users” click apply and ok.

image

Now go back to DOS window we opened earlier,

telnet to your mail server on port 25 one more time,

this time you will get

Telnet mail3 25
220 mail3.smtp25.org
Helo
250 mail3.smtp25.org Hello
mail from:telnet25@Gmail.com
250 2.1.0 Sender OK

image
Now your mail server is ready to accept mails from outsidesmile_wink

Previous article

Oz Casey Dedeal

MVP (Exchange)
MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +

http://smtp25.blogspot.com/ (Blog)

https://telnet25.spaces.live.com/ (Blog)

https://telnet25.worldpress.com/ (Blog)

34 comments:

Anonymous said...

Thank You ;) Alaah ybareek fek wy3teek el 3afya,,, Nabaweka@yahoo.com

Nabaweka@hotmail.com

Anonymous said...

thank you for your help. It's perfect

Jean-Yves

Steve Martin said...

You rock!

Anonymous said...

Thanks.

Anonymous said...

thanks!!!

marco said...

Thank You!! you fixed my problem

Jose said...

Thanks a lot from Panama Country
Cheers!

Sim said...

nice, thx

Nostradamus said...

THX THX THX !!!

Ken Christensen said...

Sweet! Thanks for the answer! :)

Devang said...

I'm having the same problem not receiving the Email from Internet.I can send,receive Email Internally & can send email to outside as well.As per the documentation on Internet it is mentioned that Defaul Receive connector is for other hub transport servers & for edge transport server communication used.I receive Email from internet on Clint connector. ,should i change the setting you show on client connector or Default connecor.....

Anonymous said...

Hello! I have the same problem as Devang. I can send outside, and internally, and both hub connectors (server and edge transport) are checked to allow anonymous. I still get the 5.7.1. client not authenticated error. I tried telnet also, and got the same message.

Any ideas? Thanks!

Adienis said...

Great post, thank you.
In fact, I am wondering, why there is no simple description of default settings or typical configuration of send/receive connectors. I haven't found it in MS Technet, nothing useful in MCTS training kit either.
That would be nice if there were all connectors with default settings already set up after installation, including relaying from local subnet, sending to * address space, etc.

Jay said...

Great writeup, thanks!

Anonymous said...

While playing with the configuration trying to set up an external user, I obviously not knowing what I was doing, took the anonymous out of the default connector... it took me days to find your post... check anonymous back and... voila... thank you.

Joshua said...

Thanks for the quick tip! Great instructions.

Anonymous said...

Lovin' it. Just got me out of a MAJOR hole.

Thanks dude!

Anonymous said...

I would suggest creating a new Receive Connector and specifying the IP addresses, or range of IP addresses that should be able to send, then enable anonymous.
If you enable anonymous on the Default Receive connector, then you may turn your server into an open proxy, as the default networks are every IP address.

Stuart Godin said...

Great , Thanks a heap. YOU THE MAN!
Stuart - Perth WA

Anonymous said...

thanks.

Tarun said...

How to stop open relay in case of anonymous access.

applicatoing team using exchange server for testing and for some applicatoins. I want to stop them how can I simply block internal server applicatoions for using exchange server as relay and how I can I enable internet users.

In case if I configured to recieve only from internet with list of IP address and remove internal IP addressess what about external open relay.
I am confused.

Anonymous said...

Thank you, it saved me a looooot of trouble!

Anonymous said...

Excellent thank you, I could not find that darned setting!

Anonymous said...

BAM!! it worked!!

Anonymous said...

THANK YOU.

You just stopped me from having multiple heart attacks.

You are a star!

Ken

Anonymous said...

Thanks - your tip saved me a restless night.
You deserve a knighthood -
Lord Black

Reza said...

Thanks alot, i'm very excited.. :D

veera said...

man ur the greatest tech support ever....dell senior tech cant solve my problem......u did solved my issue....good job thank you very much....

kane said...

It works, but from what I can tell, this causes it to become an open relay?

Anonymous said...

I actually prefer to leave the default connector as-is and create a separate Internet Connector, which accepts any IP address on port 25, auth is TLS only and permission groups is Anonymous Users. This way it will segregate all your external mail traffic from the exchange server internal traffic.

Anonymous said...

Thanks..... Worked Great

Anonymous said...

Thanks ..good solution for use with Mac mail

crystalintexas said...

You're awesome - thanks for the quick fix! Saved my change window! :)

Olya Olegovna said...

Good information here. I will post these information to my facebook page. It is really very informative for others. FSD solutions