Share via

How to allow external IP to send email outside organization SMTP relay error 550.5.7.1

Ak_kat 1 Reputation point
2022-01-14T14:48:00.167+00:00

i want external IP to send email to external domains. below setup I have done,

I have created mailbox for example abc_1@mathieu.company .com
added external public IP to SPF record
create SMTP relay on exchange with below config.
165126-1.png

below is the test
for example.
ehlo mail.company.com
250-mail.company.com Hello [111.222.333.444]
250-SIZE 36700160
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-X-ANONYMOUSTLS
250-X-EXPS NTLM
250-8BITMIME
250-BINARYMIME
250-XEXCH50
250 XSHADOW
MAIL FROM:<abc_1@mathieu.company .com>
250 2.1.0 Sender OK
MAIL TO:abc@Stuff .com
550 5.7.1 Unable to relay
DEBUG SMTP: invalid address.

kindly assist me to solve this issue.

Exchange | Exchange Server | Management

5 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Andy David - MVP 157.4K Reputation points MVP Volunteer Moderator
    2022-01-14T16:23:51.513+00:00

    You need to allow anonymous relay on a custom receive connector and then set the allowed remote IP:
    https://learn.microsoft.com/en-us/exchange/mail-flow/connectors/allow-anonymous-relay?view=exchserver-2019#step-1-create-a-dedicated-receive-connector-for-anonymous-relay

    On the next page, in the Remote network settings section, do the following steps:
    Select the existing 0.0.0.0-255.255.255.255 entry, and then click Remove Remove icon., and then click Add Add icon.
    In the resulting Remote Address Settings dialog, enter an IP address or IP address range that identifies the network hosts that are allowed use this connector, and then click Save. You can repeat this step to add multiple IP addresses or IP address ranges. Err on the side of being too specific instead of too general to clearly identify the network hosts that are allowed to use this connector.

    0 comments
  2. Ak_kat 1 Reputation point
    2022-01-14T16:32:58.063+00:00

    i have done this same, but still no luck. btw they said they are using authentication. do I need to check basic authentication ?
    is there any other setting required?

    0 comments
  3. Andy David - MVP 157.4K Reputation points MVP Volunteer Moderator
    2022-01-14T17:07:54.21+00:00

    Did you set the ability to relay? 

    Get-ReceiveConnector "Receive Connector" | Add-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON" -ExtendedRights "Ms-Exch-SMTP-Accept-Any-Recipient"
    0 comments
  4. Ak_kat 1 Reputation point
    2022-01-15T02:10:57.227+00:00

    yes i did. but 1 thing i want to add that the security setting in receive connection is below not that I have added in my question. let me know if it can effect. one more thing. is it necessary to allow their IP from firewall?
    165333-2.png

  5. Joyce Shen - MSFT 16,701 Reputation points
    2022-01-18T05:55:16.377+00:00

    Hi @akbarali-4925

    Have you checked the protocol logging in Exchange server? You could check the troubleshooting part in this link: How to Configure Exchange Server 2016 for SMTP Application Relay

    And the steps: Troubleshooting Email Delivery with Exchange Server Protocol Logging
    Please Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.

    If an Answer is helpful, please click "Accept Answer" and upvote it.

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.