Thursday, April 16, 2009

530 5.7.1 Client was not authenticated Exchange 2010

Problem:

After new installation you are able to sent mail out but not able to receive emails.The sending host is receiving fallowing command on SMTP handshake from your mail server “530 5.7.1 Client was not authenticated”

Solution:

I had one of my previous post same issue with Exchange 2007, please do remember, the product exchange is being delivered to you totally secure, and even anonymous access has not been turned off, you as an Exchange administrator must turn it on .

To understand and see the your mail server response , you will need to open telnet session to your mail server and use standard SMTP commands to see the mail server response and what is going on so you can remedy the problems.

  • lets start installing
  • Telnet client first

Open DOS or PowerShell and type below

servermanagercmd -install telnet-client

image

Now on the same screen type

helo ( hit enter)
220 mail2.smtp25.org Microsoft ESMTP MAIL Service
250 mail2.smtp25.org Hello [10.10.10.10]
mail from:Telnet25@Gmail.com ( Use yours) hit enter
530 5.7.1 Client was not authenticated

As you see the server response is “530 5.7.1 Client was not authenticated

image

Now lets take care of that, open EMC , go under your Server configuration, hub transport server default receive connector, properties, click on last tab “permission Groups” place check mark into “Anonymous users” click apply and ok.

image

Now go back to DOS window we opened earlier,

telnet to your mail server on port 25 one more time,

this time you will get

Telnet mail3 25
220 mail3.smtp25.org
Helo
250 mail3.smtp25.org Hello
mail from:telnet25@Gmail.com
250 2.1.0 Sender OK

image
Now your mail server is ready to accept mails from outsidesmile_wink

Previous article

Oz Casey Dedeal

MVP (Exchange)
MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +

http://smtp25.blogspot.com/ (Blog)

https://telnet25.spaces.live.com/ (Blog)

https://telnet25.worldpress.com/ (Blog)

40 comments:

Anonymous said...

Thank You ;) Alaah ybareek fek wy3teek el 3afya,,, Nabaweka@yahoo.com

Nabaweka@hotmail.com

Anonymous said...

thank you for your help. It's perfect

Jean-Yves

Steve Martin said...

You rock!

Anonymous said...

Thanks.

Anonymous said...

thanks!!!

marco said...

Thank You!! you fixed my problem

Unknown said...

Thanks a lot from Panama Country
Cheers!

SISE said...

nice, thx

Unknown said...

THX THX THX !!!

Ken Christensen said...

Sweet! Thanks for the answer! :)

Devang Patel said...

I'm having the same problem not receiving the Email from Internet.I can send,receive Email Internally & can send email to outside as well.As per the documentation on Internet it is mentioned that Defaul Receive connector is for other hub transport servers & for edge transport server communication used.I receive Email from internet on Clint connector. ,should i change the setting you show on client connector or Default connecor.....

Anonymous said...

Hello! I have the same problem as Devang. I can send outside, and internally, and both hub connectors (server and edge transport) are checked to allow anonymous. I still get the 5.7.1. client not authenticated error. I tried telnet also, and got the same message.

Any ideas? Thanks!

par mani said...

Great post, thank you.
In fact, I am wondering, why there is no simple description of default settings or typical configuration of send/receive connectors. I haven't found it in MS Technet, nothing useful in MCTS training kit either.
That would be nice if there were all connectors with default settings already set up after installation, including relaying from local subnet, sending to * address space, etc.

Unknown said...

Great writeup, thanks!

Anonymous said...

While playing with the configuration trying to set up an external user, I obviously not knowing what I was doing, took the anonymous out of the default connector... it took me days to find your post... check anonymous back and... voila... thank you.

Joshua said...

Thanks for the quick tip! Great instructions.

Anonymous said...

Lovin' it. Just got me out of a MAJOR hole.

Thanks dude!

Anonymous said...

I would suggest creating a new Receive Connector and specifying the IP addresses, or range of IP addresses that should be able to send, then enable anonymous.
If you enable anonymous on the Default Receive connector, then you may turn your server into an open proxy, as the default networks are every IP address.

Stuart Godin said...

Great , Thanks a heap. YOU THE MAN!
Stuart - Perth WA

Tarun said...

How to stop open relay in case of anonymous access.

applicatoing team using exchange server for testing and for some applicatoins. I want to stop them how can I simply block internal server applicatoions for using exchange server as relay and how I can I enable internet users.

In case if I configured to recieve only from internet with list of IP address and remove internal IP addressess what about external open relay.
I am confused.

Anonymous said...

Thank you, it saved me a looooot of trouble!

Anonymous said...

Excellent thank you, I could not find that darned setting!

Anonymous said...

BAM!! it worked!!

Anonymous said...

THANK YOU.

You just stopped me from having multiple heart attacks.

You are a star!

Ken

Anonymous said...

Thanks - your tip saved me a restless night.
You deserve a knighthood -
Lord Black

Reza said...

Thanks alot, i'm very excited.. :D

Veerareddy Vaka. said...

man ur the greatest tech support ever....dell senior tech cant solve my problem......u did solved my issue....good job thank you very much....

kane said...

It works, but from what I can tell, this causes it to become an open relay?

Anonymous said...

I actually prefer to leave the default connector as-is and create a separate Internet Connector, which accepts any IP address on port 25, auth is TLS only and permission groups is Anonymous Users. This way it will segregate all your external mail traffic from the exchange server internal traffic.

Anonymous said...

Thanks..... Worked Great

Anonymous said...

Thanks ..good solution for use with Mac mail

Anonymous said...

You're awesome - thanks for the quick fix! Saved my change window! :)

Anonymous said...

Hello,
I’m a French speaker called kevin, trying to converse in English, please excuse or correct my langage’s mistakes.
First of all, thank you a lot for your tutorial, it have been really helpfull for me. Therefore, I get some problems and I asked everyone around me, nobody knows. I tried a smtp connection with yahoo (using smtp.mail.yahoo.com 25) , when I want to mention the Sender’s name(MAIL FROM : ) the CMD is asking me to use STARTTLS mode; by the time I’m writing STARTTLS, I can’t go far more. I read somewhere that I had to change my port into 465 which transform my connection into a SSL one, my CMD become empty, I don’t know what to write. I also wanted to ask you if you knwew some way of creating a batch file which can launch a telnet command without using an external program (out of WINDOWS like “blat” and his brothers). Please help me
Thanks to you,
Ralph Kevin

Unknown said...

Actually this solution will make it open relay , and some users can use it in a bad way , for example I can telnet my hub transport server on port 25 and send an e-mail from any of my friends in the company without any issues,

I am not sure if I created new external connector and select tls only from the authentication and anonymous from the permissions will work or not ??

Any answer for this

Anonymous said...

THANKS! Quickly helped my team fix a late Friday problem created by our crack team pushing GPO's to exchange.

Unknown said...

Thank you very much...
It helped!!!!

Unknown said...

Thanks for sharing these.
It’s always useful to get pointers to the good blogs out there.
You might also be interested to know more about our company -
Parana Impact, which is one of the leading database marketing,
data intelligence and digital marketing service provider.
Atlassian Users Email List Suitable to small scale to large scale companies which will focus on driving more revenue and increase profitability.

Hill said...

So great work for informing us of the possibilities and following a certain path.

I really appreciate your hard work an giving us some information and inspiring others to follow.

Thanks so much.

digitalbrief digital marketing workshops

IICE-Indore said...

I would like to say that this blog really convinced me, you give me best information! Thanks, very good post.
Digital Marketing Service provider in indore
Keep Posting:)

Rahul said...

Thanks for writing this valuable post. By the way, I am an instructor and I teach filmmaking to everyone that has an interest in filmmaking like acting, modeling, direction, cinematography, and many other courses. Famous actress, producer, and director Ms. Ekta Kapoor started her own acting school where she and their faculties teach filmmaking to everyone, and after being certified they give placement support also. We provide the best Acting classes in Delhi, Mumbai, and all over India.