Exchange 2007

[AliShafa]

Hi there,
I've been using popGrabber with exchange 2003 for some time. recently I upgraded to exchange 2007 and I get this error importing my emails:

2008-10-17T16:46:27: Processing message 19
2008-10-17T16:46:28: SMTP Server rejected sender XXXXX: Server rejected sender: 550 5.7.1 Client does not have permissions to send as this sender


any help is appreciated.
PS I'm using the professional version and have set my user name and password for my exchange server with ssl and authenticate checkboxes checked.

[Eclarsys Support]

Hello,

Does this happen with all emails? Since you are authenticating, Exchange verifies if the authenticated user has permissions to send the messages with the email address specified in the "FROM" part of the email. The recommended configuration for a POP3 connector is to disable authentication, but make sure to DISABLE Relaying in your configuration.

If this problem only happens with emails using your internal domain name in the FROM address, then you have to enable the "ms-exch-smtp-accept-authoritative-domain-sender" (it is enabled by default, but maybe in your configuration is has been disabled) if you wish to receive these messages. Please note that this emails are normally spam, unless you have external users which do not use Exchange but have an email address in the same domain using your ISP's SMTP server.

More information about this permission can be found here: http://exchangepedia.com/blog/2008/09/how-to-prevent-annoying-spam-from-your.html

Try disabling authentication in the POP3 Connector first, you can leave SSL enabled.

Regards,

Eclarsys Support

[AliShafa]

Does this happen with all emails? Since you are authenticating, Exchange verifies if the authenticated user has permissions to send the messages with the email address specified in the "FROM" part of the email. The recommended configuration for a POP3 connector is to disable authentication, but make sure to DISABLE Relaying in your configuration.

I noticed that all emails that I send to myself come through. only emails others send to me are rejected

Try disabling authentication in the POP3 Connector first, you can leave SSL enabled.

I removed the authenticate and now I'm getting this error:

2008-10-17T17:59:34: Processing message 1
2008-10-17T17:59:40: SMTP Server rejected sender XXX@XXXX.XXX: Server rejected sender: 530 5.7.1 Client was not authenticated

[Eclarsys Support]

Hello,

Exchange 2007 must be configured to receive messages without authentication. Please check the following link: http://forums.microsoft.com/TechNet/ShowPost.aspx?PostID=703467&SiteID=17

In a single-server Exchange 2007 setup you'll need to allow annonymous connections on your default receive connector.  By default Exchange 2007 servers not running the Edge Transport role will only accept inbound smtp connections from Exchange Users (clients), Exchange Servers (other Exchange 2007 servers) and Exchange Legacy Servers (legacy Exchange 2003 & below servers).  To allow annonymous smtp connections for your server, run the following management shell command:

Code:

Set-ReceiveConnector -Identity "Default <ServerName>" -PermissionGroups "AnonymousUsers"

[AliShafa]

Thanks, that's working now. I need to know what impact has this on my security.

Now for my second pop address (with a different email address as my exchange email address) I get this error:

2008-10-18T23:07:10: Processing message 1
2008-10-18T23:07:16: SMTP Server rejected recipient XXX@XXX.XXX: Server rejected recipient (XXX@XXX.XXX): 550 5.7.1 Unable to relay
2008-10-18T23:07:16: Message 1 skipped (recipient rejected)

could you help me with this one as well?

[Eclarsys Support]

2008-10-18T23:07:16: SMTP Server rejected recipient XXX@XXX.XXX: Server rejected recipient (XXX@XXX.XXX): 550 5.7.1 Unable to relay

This means that the domain "xxx@xxx.xxx" is not recognized by your server as a local address. You need to add this domain name to the accepted domains list in the Hub Transport.

In the Exchange Management console open Organization Configuration and then Hub Transport. Add the domain to the "Accepted Domains" list.

[AliShafa]

Works like a charm 

thanks mate.

[AliShafa]

I still need to know if allowing non-authenticated smtp is insecure and if yes in what way. my exchange server is behind a firewall and only TCP port 443 is exposed.

[Eclarsys Support]

Allowing anonymous SMTP connections should not be a security risk unless your server allows relaying. Your server was rejecting emails sent to domains which are not in your "accepted domains" list, which means it is correctly configured.

The only risk you have by allowing anonymous connections, is that anybody in your local network could send emails directly to any user in your Exchange server (but not to external email addresses), without authenticating. However, the IP address of the offending machine could be easily tracked looking at the header of the email message.

One option to prevent this is to configure your receive connector to accept messages only from a specific IP (the IP of the machine where PopGrabber is installed).

Regards,

Eclarsys Support

[billsal436]

Hi, I just migrated from 2003 to 2007 (SBS 2008) and I am having trouble....
I can not get popgrabber to retirieve any email. Here is the error I receive.

2010-12-06T08:46:58: Message 5 skipped (recipient rejected)
2010-12-06T08:46:58: Processing message 6
2010-12-06T08:46:59: SMTP Server rejected recipient sscadmin@statestreetcoff.local: Server rejected recipient (sscadmin@statestreetcoff.local): 550 [PERMFAIL] destination not valid within DNS

is there a setup "manual" specific to exchange 2007 as there was for 2003?

[Eclarsys Support]

Hello,

unfortunately we do not have a manual for Exchange 2007, since the configuration varies greatly depending on your network configuration.

Please make sure that you are setting the Exchange Server's hostname or IP address in the SMTP Server field, the error message you are receiving seems to be from an external SMTP Server.

Regards,

Eclarsys Support