Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Messages rejected by receive connector

6 views
Skip to first unread message

rwvoss

unread,
Nov 23, 2009, 5:17:12 PM11/23/09
to
I administer a set of Exchange 2007 servers in a somewhat complex
organization. We are one of 7 domains all in the same forest. One of
the other domains has set up a distribution group. When people from
outside our network email the distribution group, they receive an
error that the message was rejected with an <#5.7.1 smtp;550 5.7.1
Client does not have permissions to send as this sender> error.

I currently have the default settings on my receive connectors. It is
my understanding that since this is coming from another Exchange 2007
server in the same organization it should be able to use the default
receive connector using the Exchange servers permission group.

Does anyone have an idea on why in the world it isn't working?

Thanks!

Rich Matheisen [MVP]

unread,
Nov 23, 2009, 9:13:12 PM11/23/09
to
On Mon, 23 Nov 2009 14:17:12 -0800 (PST), rwvoss <rwv...@gmail.com>
wrote:

If the message arrives from outside your organization it probably did
so over an anonymous connection.

If you (they) have the default settings on the DL, then only
authenticated users can send to the DL.

I don't think it has anything to do with your receive connectors.
---
Rich Matheisen
MCSE+I, Exchange MVP

rwvoss

unread,
Nov 24, 2009, 12:16:52 PM11/24/09
to
On Nov 23, 8:13 pm, "Rich Matheisen [MVP]"

I am able to check the DL for the other domain and I can see that the
option to require senders to authenticate is not selected, so that
would explain my problem. It looks like my options are to either
leave it as is and not allow the messages, turn on anonymous
connections on my receive connectors, or ask the other administrator
to change his set up. Am I correct in thinking that if I allow
anonymous access on my receive connectors than any server that can
connect via port 25 can spam my mailboxes?

Thanks for the help!

Randy

Rich Matheisen [MVP]

unread,
Nov 24, 2009, 10:07:17 PM11/24/09
to
On Tue, 24 Nov 2009 09:16:52 -0800 (PST), rwvoss <rwv...@gmail.com>
wrote:

[ snip ]

>I am able to check the DL for the other domain and I can see that the
>option to require senders to authenticate is not selected, so that
>would explain my problem.

No, it wouldn't. If the option /isn't/ checked then anonymous senders
/are/ permitted to send messages to the DL.

If anonymous senders are allowed then perhaps there are other delivery
restictions on the DL?

>It looks like my options are to either
>leave it as is and not allow the messages, turn on anonymous
>connections on my receive connectors, or ask the other administrator
>to change his set up. Am I correct in thinking that if I allow
>anonymous access on my receive connectors than any server that can
>connect via port 25 can spam my mailboxes?

You have spammers on your internal network????

rwvoss

unread,
Nov 25, 2009, 11:20:03 AM11/25/09
to
On Nov 24, 9:07 pm, "Rich Matheisen [MVP]"

No, but we're a university and do not have a firewall between the
student network and the server network. There are other securities in
place, but I'd rather not take the chance.

0 new messages