Q

Relay authentication issues on Exchange Server

We recently closed the open relay on our Exchange Server. After doing so, we were no longer able to receive e-mail for our sister company. Here's what we did. From Exchange System Manager we drilled down to: Administrative Group> FAG> Routing Groups> FRG> Connectors> Internet; then right click> Properties> Address Space Tab> Uncheck "Allow messages to be relayed to these domains."

This closed our open relay, but also caused our e-mail to bounce for any mail going to our sister.com. All mail going to brother.com was flowing as required. Any ideas?


I'm not sure why you did this. Exchange 2000 ships with relay prohibited for unauthenticated users. In other words, out of the box, only authenticated users are allowed to relay. If someone does not authenticate, they will not be able to relay.

There are three classes of SMTP domains you may want to accept messages for: local domains, non-local domains and shared domains. See Knowledge Base article Q260973 for details and instructions.

Local Domain: All of your Exchange 2000 servers accept messages for all domains listed in all Recipient Policies. Start by creating a Recipient Policy that includes SMTP:@domain (e.g., SMTP:@tntsoftware.com) for the address. Check the checkbox for the SMTP domain and the checkbox for: This Exchange Organization is responsible for all mail delivery to this address. See Knowledge Base article Q249299 for information on creating Recipient Policies. Additional information can be found in KB article Q289833.

Non-Local Domain: Non-Local Domains are also called Relay Domains. An example of a non-local domain would be the pre-existing domain for a recently acquired company. Another example would be if your company underwent an organizational name change. Start by creating an SMTP connector to the non-local domain. When you do this, check the Allow messages to be relayed to this domain checkbox on the Address Space tab on the Properties dialog for the SMTP connector. Note that the specified source bridgehead server(s) will be the servers that accept messages for this domain. See KB article Q265293 for details on how to configure an SMTP connector.

Shared domain: If you are sharing a domain with another SMTP server and you want Exchange 2000 to receive messages for that domain, you set up an SMTP connector for this domain. Then, add the domain to your Recipient Policies, making sure that the checkbox for This Exchange Organization is responsible for all mail delivery to this address is not checked.

Editor's Note: For more information, check out our Exchange Server Best Web Links.


This was first published in May 2002

Dig deeper on Email Protocols

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchWindowsServer

SearchEnterpriseDesktop

SearchCloudComputing

SearchSQLServer

Close