Problems with IMAP/Exchange 2003

[Blunted One]

I am hoping there is a simple solution to my problem. We are running the latest version of MS Exchange 2003 with all the updates behind a hardware firewall.

My company has a worker who works from home and he connects through an IMAP conncetion to our email server. Everything seems to work fine and he is able to recieve emails, check on contacts, see the daily tasks and so forth. He is not able to send email outside of our domain. Anything that is not addressed to another person in the office gets returned to him with the following error....

Your message did not reach some or all of the intended recipients.

Subject: test
Sent: 2/23/2006 11:24 AM

The following recipient(s) could not be reached:

'anonymous' on 2/23/2006 11:24 AM
550 5.7.1 Unable to relay for anonymous@***.com

It will always bounce back and never goes out unless he uses OWA. I am not sure why this is happening and was wondering what is causing it and how if possible how to fix it so that the emails will reach their destinations weather or no they are sent to people inside or outside our company. Perhaps there is a setting I need to change? or could it be the firewall that is blocking emails?

[Tiger Shark]

Youu need to allow his remote IP address to "relay" mail. There is a setting, (sorry, I can't guide you to it, refer to help), that allows you to put remote IP's in to allow them to send email through your server... Put only his address in there or you become a spammers dream.

[mohaughn]

Originally posted here by Tiger Shark
Youu need to allow his remote IP address to "relay" mail. There is a setting, (sorry, I can't guide you to it, refer to help), that allows you to put remote IP's in to allow them to send email through your server... Put only his address in there or you become a spammers dream.

Better yet, don't do it by IP. Instead setup the Exchange SMTP virtual server to allow relaying from authenticated hosts. Tell him to setup his IMAP client to do authentication on outbound SMTP. This way he has to actually log into your exchange server using his mailbox login/password to send SMTP.

This should cover the different possible settings for you- http://www.microsoft.com/technet/pro....mspx?mfr=true

[Blunted One]

Thank you for the help and this definatly got me pointed in the right direction. Now all I have to do is wait for our outside employee to try using his email again and I am hoping it all goes over smoothly.

[Blunted One]

It seems not everything went according to plan after following the instructions from microsoft it seem to cut off our outside guy until I enabled anonymous access. Is this guy outside the office doing something wrong on his end or maybe not authenticating before connecting? Not sure what I did wrong but I enabled the relay permission on his user account and the authenticated user account. Perhaps I am missing a step here, but when I tried to disable anonymous access he couldn't connect and now that anonymous access is enabled again he cannot send outside of the domain.

[Tiger Shark]

Silly question... Why use IMAP? Why not give him OWA, (Outlook Web Access). Secure, efficient and no requirement for relaying.

[Blunted One]

Ok well now he is telling me that he can send emails outside of the domain. But that only seemed to work after I checked the relay box under the users and also checked anonymous access. Is this a security risk now or is everything good and secure. I just don't want to jepordize our network and email so some guy outside the office can send emails to people outside our domain. Thanks again for the help you guys rock.

[Tiger Shark]

I believe anonymous access means anyone will be able to read his email - or all your email depending where you applied it.

[Blunted One]

It is applied in the SMTP properties. Is this ok? Or do I need to walk this guy through some hoops so he is more secure and so I can turn off the anonymous access. Just trying to tie up any loose/unsecure ends. Thanks once again.

[mohaughn]

Did you change his client configuration to use authenticated SMTP? If he is just using anonymous SMTP you will have to leave anonymous enabled on the SMTP virtual server. If he is using to option in his client to use authenticated SMTP, he should authenticate and you should not need anonymous access enabled.