Problem:
After new installation you are able to sent mail out but not able to receive emails.The sending host is receiving fallowing command on SMTP handshake from your mail server “530 5.7.1 Client was not authenticated”
Solution:
I had one of my previous post same issue with Exchange 2007, please do remember, the product exchange is being delivered to you totally secure, and even anonymous access has not been turned off, you as an Exchange administrator must turn it on .
To understand and see the your mail server response , you will need to open telnet session to your mail server and use standard SMTP commands to see the mail server response and what is going on so you can remedy the problems.
- lets start installing
- Telnet client first
Open DOS or PowerShell and type below
servermanagercmd -install telnet-client |
Now on the same screen type
helo ( hit enter) 220 mail2.smtp25.org Microsoft ESMTP MAIL Service 250 mail2.smtp25.org Hello [10.10.10.10] mail from:Telnet25@Gmail.com ( Use yours) hit enter 530 5.7.1 Client was not authenticated |
As you see the server response is “530 5.7.1 Client was not authenticated”
Now lets take care of that, open EMC , go under your Server configuration, hub transport server default receive connector, properties, click on last tab “permission Groups” place check mark into “Anonymous users” click apply and ok.
Now go back to DOS window we opened earlier,
telnet to your mail server on port 25 one more time,
this time you will get
Telnet mail3 25 220 mail3.smtp25.org Helo 250 mail3.smtp25.org Hello mail from:telnet25@Gmail.com 250 2.1.0 Sender OK |
Now your mail server is ready to accept mails from outside
Oz Casey Dedeal
MVP (Exchange)
MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +
http://smtp25.blogspot.com/ (Blog)
40 comments:
Thank You ;) Alaah ybareek fek wy3teek el 3afya,,, Nabaweka@yahoo.com
Nabaweka@hotmail.com
thank you for your help. It's perfect
Jean-Yves
You rock!
Thanks.
thanks!!!
Thank You!! you fixed my problem
Thanks a lot from Panama Country
Cheers!
nice, thx
THX THX THX !!!
Sweet! Thanks for the answer! :)
I'm having the same problem not receiving the Email from Internet.I can send,receive Email Internally & can send email to outside as well.As per the documentation on Internet it is mentioned that Defaul Receive connector is for other hub transport servers & for edge transport server communication used.I receive Email from internet on Clint connector. ,should i change the setting you show on client connector or Default connecor.....
Hello! I have the same problem as Devang. I can send outside, and internally, and both hub connectors (server and edge transport) are checked to allow anonymous. I still get the 5.7.1. client not authenticated error. I tried telnet also, and got the same message.
Any ideas? Thanks!
Great post, thank you.
In fact, I am wondering, why there is no simple description of default settings or typical configuration of send/receive connectors. I haven't found it in MS Technet, nothing useful in MCTS training kit either.
That would be nice if there were all connectors with default settings already set up after installation, including relaying from local subnet, sending to * address space, etc.
Great writeup, thanks!
While playing with the configuration trying to set up an external user, I obviously not knowing what I was doing, took the anonymous out of the default connector... it took me days to find your post... check anonymous back and... voila... thank you.
Thanks for the quick tip! Great instructions.
Lovin' it. Just got me out of a MAJOR hole.
Thanks dude!
I would suggest creating a new Receive Connector and specifying the IP addresses, or range of IP addresses that should be able to send, then enable anonymous.
If you enable anonymous on the Default Receive connector, then you may turn your server into an open proxy, as the default networks are every IP address.
Great , Thanks a heap. YOU THE MAN!
Stuart - Perth WA
How to stop open relay in case of anonymous access.
applicatoing team using exchange server for testing and for some applicatoins. I want to stop them how can I simply block internal server applicatoions for using exchange server as relay and how I can I enable internet users.
In case if I configured to recieve only from internet with list of IP address and remove internal IP addressess what about external open relay.
I am confused.
Thank you, it saved me a looooot of trouble!
Excellent thank you, I could not find that darned setting!
BAM!! it worked!!
THANK YOU.
You just stopped me from having multiple heart attacks.
You are a star!
Ken
Thanks - your tip saved me a restless night.
You deserve a knighthood -
Lord Black
Thanks alot, i'm very excited.. :D
man ur the greatest tech support ever....dell senior tech cant solve my problem......u did solved my issue....good job thank you very much....
It works, but from what I can tell, this causes it to become an open relay?
I actually prefer to leave the default connector as-is and create a separate Internet Connector, which accepts any IP address on port 25, auth is TLS only and permission groups is Anonymous Users. This way it will segregate all your external mail traffic from the exchange server internal traffic.
Thanks..... Worked Great
Thanks ..good solution for use with Mac mail
You're awesome - thanks for the quick fix! Saved my change window! :)
Hello,
I’m a French speaker called kevin, trying to converse in English, please excuse or correct my langage’s mistakes.
First of all, thank you a lot for your tutorial, it have been really helpfull for me. Therefore, I get some problems and I asked everyone around me, nobody knows. I tried a smtp connection with yahoo (using smtp.mail.yahoo.com 25) , when I want to mention the Sender’s name(MAIL FROM : ) the CMD is asking me to use STARTTLS mode; by the time I’m writing STARTTLS, I can’t go far more. I read somewhere that I had to change my port into 465 which transform my connection into a SSL one, my CMD become empty, I don’t know what to write. I also wanted to ask you if you knwew some way of creating a batch file which can launch a telnet command without using an external program (out of WINDOWS like “blat” and his brothers). Please help me
Thanks to you,
Ralph Kevin
Actually this solution will make it open relay , and some users can use it in a bad way , for example I can telnet my hub transport server on port 25 and send an e-mail from any of my friends in the company without any issues,
I am not sure if I created new external connector and select tls only from the authentication and anonymous from the permissions will work or not ??
Any answer for this
THANKS! Quickly helped my team fix a late Friday problem created by our crack team pushing GPO's to exchange.
Thank you very much...
It helped!!!!
Thanks for sharing these.
It’s always useful to get pointers to the good blogs out there.
You might also be interested to know more about our company -
Parana Impact, which is one of the leading database marketing,
data intelligence and digital marketing service provider.
Atlassian Users Email List Suitable to small scale to large scale companies which will focus on driving more revenue and increase profitability.
So great work for informing us of the possibilities and following a certain path.
I really appreciate your hard work an giving us some information and inspiring others to follow.
Thanks so much.
digitalbrief digital marketing workshops
I would like to say that this blog really convinced me, you give me best information! Thanks, very good post.
Digital Marketing Service provider in indore
Keep Posting:)
Thanks for writing this valuable post. By the way, I am an instructor and I teach filmmaking to everyone that has an interest in filmmaking like acting, modeling, direction, cinematography, and many other courses. Famous actress, producer, and director Ms. Ekta Kapoor started her own acting school where she and their faculties teach filmmaking to everyone, and after being certified they give placement support also. We provide the best Acting classes in Delhi, Mumbai, and all over India.
Post a Comment