REPOST Allowing inbound email for secondary SMTP addresses results in "cannot relay"

Discussion:

(too old to reply)

FastEddie

2005-03-29 19:55:35 UTC

I have posted this a few times and have not gotten an answer that works.

I have 3 exchange 5.5 sites in one Organization. One site has Exchange 2003.
The other sites are NT4 with 5.5 servers and a trust relationship.

Some mailboxes in one exchange 5.5 site has secondary email addresses
@domain1.com but their primary SMTP email address is @domain.com

If I have mail coming inbound to the exchange 2003 server, it will not
deliver email to the @domain1.com (the secondary) email address. It says
"550 5.7.1 Unable to relay for ***@domain1.com".

I have added these domains to the default recipient Policy and it has not
fixed it. I assume if I check the box, in the recipient policy, it will add
the address for to all recipients (correct?) which I do not want.

by the way, each 5.5 site has created recipient policies with higher
prorities than the default policy.

Please help, this is stopping email from coming in for some users.

-Fasteddie

Rich Matheisen [MVP]

2005-03-30 01:44:01 UTC

Permalink

Post by FastEddie
I have posted this a few times and have not gotten an answer that works.
I have 3 exchange 5.5 sites in one Organization. One site has Exchange 2003.
The other sites are NT4 with 5.5 servers and a trust relationship.
Some mailboxes in one exchange 5.5 site has secondary email addresses
@domain1.com but their primary SMTP email address is @domain.com
If I have mail coming inbound to the exchange 2003 server, it will not

Then something else is wrong.

Post by FastEddie
I have added these domains to the default recipient Policy and it has not
fixed it. I assume if I check the box, in the recipient policy, it will add
the address for to all recipients (correct?) which I do not want.

There's no need to have the addresses assigned to any objects by the
RUS. Simply having the address in the recipient policy should be
enough. But I wouldn't modify the default policy, I'd create another
policy, add the domains to that policy, and leave the LDAP filter
blank. You can check the boxes, if you like -- with an empty LDAP
filter they won't be assigned to anything.

Post by FastEddie
by the way, each 5.5 site has created recipient policies with higher
prorities than the default policy.

That's normal.

Post by FastEddie
Please help, this is stopping email from coming in for some users.

Have you restarted the System Attendant service? The information in
the recipient policies must be transferred to the metabase file for
the SMTP server to accept mail for the new domains. It doesn't sound
like that's happening.

--
Rich Matheisen
MCSE+I, Exchange MVP
MS Exchange FAQ at http://www.swinc.com/resource/exch_faq.htm

FastEddie

2005-03-30 03:07:32 UTC

Permalink

See notes below

Post by Rich Matheisen [MVP]

Then something else is wrong.

Any Ideas?

Post by Rich Matheisen [MVP]

Ok. I'll create another recipient policy. How about the priority, should I
set the priority to highest? Any technical documentation that you can point
me to?

Post by Rich Matheisen [MVP]

Post by FastEddie
by the way, each 5.5 site has created recipient policies with higher
prorities than the default policy.

That's normal.

Post by FastEddie
Please help, this is stopping email from coming in for some users.

I restarted the SA, it also restarted the MTA stacks and IS. Then I saw the
ADC kick off a replication. I'll check tomorrow morning to see if the
addresses are up to date.

Are there issues with rebuilding the RUS if necesary? My question in
partucular, is if the custom secondary SMTP addresses stay? I have different
default SMTP addresses (domains). I want to make sure that they all don't
reset to the default SMTP address. Do I have to do that after hours? Will
the logged on users loose their address book until it is finished?

I just tried to send an email inbound to the secondary address I have
created for my testing and I still get the same error.

It is :

Event Type: Error
Event Source: MSExchangeTransport
Event Category: SMTP Protocol
Event ID: 7010
Date: 3/29/2005
Time: 9:00:28 PM
User: N/A
Computer: <<computer name>>
Description:
This is an SMTP protocol log for virtual server ID 1, connection #8798. The
client at "10.25.1.10" sent a "rcpt" command, and the SMTP server responded
with "550 5.7.1 Unable to relay for ***@abc123.com ". The full command
sent was "rcpt to:***@abc123.com". This will probably cause the
connection to fail.

For more information, click http://www.microsoft.com/contentredirect.asp.

I'll check this post in the morning.

thanks,

FastEddie

Post by Rich Matheisen [MVP]
--
Rich Matheisen
MCSE+I, Exchange MVP
MS Exchange FAQ at http://www.swinc.com/resource/exch_faq.htm

Rich Matheisen [MVP]

2005-03-30 04:18:44 UTC

Permalink

"FastEddie" <***@therockwells.net.no.spam> wrote:

[ snip ]

Post by FastEddie

Post by Rich Matheisen [MVP]
Then something else is wrong.

Any Ideas?

Sure. They were below this.

[ snip ]

Post by FastEddie
Ok. I'll create another recipient policy. How about the priority, should I
set the priority to highest?

Since the policy isn't going to be used to actually assign addresses
it doesn't matter what priority it is. It can't be higher than the
policies for the Exchange 5.5 sites, and it can't be lower than the
default policy. Anywhere in between is okay.

Post by FastEddie
Any technical documentation that you can point
me to?

Not off the top of my head. The Exchange "Help" might have something.

[ snip ]

Post by FastEddie

Post by Rich Matheisen [MVP]
Have you restarted the System Attendant service? The information in
the recipient policies must be transferred to the metabase file for
the SMTP server to accept mail for the new domains. It doesn't sound
like that's happening.

I restarted the SA, it also restarted the MTA stacks and IS.

That's normal.

Post by FastEddie
Then I saw the
ADC kick off a replication.

That should have no effect.

Post by FastEddie
I'll check tomorrow morning to see if the
addresses are up to date.

Why? The recipient policy has an empty LDAP filter so there's nothing
that'll be updated. What you want to see updated is the metabase file.
When that's updated the "can't relay" error will go away.

Post by FastEddie
Are there issues with rebuilding the RUS if necesary?

No. But you said you didn't want the recipient policy to add
addresses. have you changed your mind? If you have, it still won't
work because you have the 5.5 policies assigned the "highest" priority
and only one policy can be applied to an object.

Post by FastEddie
My question in
partucular, is if the custom secondary SMTP addresses stay?

Secondary SMTP proxy addresses aren't affected by the recipient
policies and RUS. The RUS may add new secondary proxy addresses, but
it won't delete them (well, not unless you do something really weird).

Post by FastEddie
I have different
default SMTP addresses (domains). I want to make sure that they all don't
reset to the default SMTP address. Do I have to do that after hours? Will
the logged on users loose their address book until it is finished?

See above re: ldap filters, etc.

Post by FastEddie
I just tried to send an email inbound to the secondary address I have
created for my testing and I still get the same error.

Then you may have a damaged metabase file.

You can use metaedit.exe to have a look at the file. But if you have a
backup (you do make a backup of the metabase, don't you?) then I'd
restore it if the one you're working with right now is hosed.

--
Rich Matheisen
MCSE+I, Exchange MVP
MS Exchange FAQ at http://www.swinc.com/resource/exch_faq.htm