Exchange SMTP rejecting mail from ubuntu vm root user

[SirEvan]

I'm running exchange 2010 at home to learn more about AD and IT setups. I've set up an Ubuntu VM that sits in front of the exchange server, running Postfix/Spamassassin/Pyzor/Razor/DCC/CLAMAV/Mailscanner to weed out spam and viruses. While the setup works great at reducing nearly 100% of all spam, theres an issue with the vm sending messages to myself

I've set up the receive connector in exchange to only allow access from the VM for SMTP, so that nothing else can directly access exchange. I have no issues receiving email from anywhere on the internet, but if I try to send email from the ubuntu vm (logs, etc), Exchange seems to bounce or reject the message, with the following showing in the logs:

<myemail@mydomain>: host 192.168.0.3[192.168.0.3] said: 501 5.1.7 Invalid address(in reply to MAIL FROM command)

If I look in the root mail account on ubuntu, i see the following:

Final-Recipient: rfc822; <[email protected]>
Action: failed
Status: 5.1.7
Remote-MTA: dns; 192.168.0.3
Diagnostic-Code: smtp; 501 5.1.7 Invalid Address
.
.
.
.
To: [email protected]
From: root
Subject: Logwatch for ubuntu (Linux)
[/CODE]

I already enabled anonymous users to access the receiver connector, so why is exchange rejecting mail from the root user?

[sc302 Veteran]

can you post some screen shots of your receive connector you setup?

[+BudMan MVC]

why would exchange accept email from "root" That is not a valid email address, [email protected] would be valid email address.

To: [email protected]

From: root

Subject: Logwatch for ubuntu (Linux)"

[SirEvan]

why would exchange accept email from "root" That is not a valid email address, [email protected] would be valid email address.

To: [email protected]

From: root

Subject: Logwatch for ubuntu (Linux)"

that's what ubuntu is sending as. Shouldn't the "anonymous" access allow any sending party to access the SMTP server? I thought about that, since "root" is just a account name, and not a proper address, but I don't know how to change it.

Organization -> Hub Transport -> Send Connectors:

Server Configuration -> Hub Transport -> Receive Connectors:

[+BudMan MVC]

quick google for forward root mail to external found this

http://serverfault.com/questions/243669/procedure-to-forward-root-email-to-external-email

[sc302 Veteran]

I would agree with budman that the email address "root" is the problem. You would have to change it with the format of [email protected]. Budmans instructions should do that for you. The receive connector should work for you. The send connector is fine. in exchange 2007 they incorporated a block from unauthenticated sources to send mail outside of the domain.

In exchange powershell (there is no gui check box or setting you can make to enable this):

Get-ReceiveConnector "modelxposure.com" | Add-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON" -ExtendedRights "ms-Exch-SMTP-Accept-Any-Recipient"

[duddit2]

Looking at the initial diagram, your Linux box is 192.168.0.2, but on the receive connector on exchange you don't have that IP listed. Also for an internal machine to send to exchange direct (i.e. not through outlook so not AD secured) then you have to enable 'externally secured (For example with IPsec)' so that the connection will be permitted, as your box sending an email is acting as a client in this scenario and not a relay server.

See screenshot:

[sc302 Veteran]

you don't need to enable externally secured.

[duddit2]

Sorry ignore me, this is for relaying through the server, doh!

and this being in the rejection message confirms for me the format of the from address is to blame:

<myemail@mydomain>: host 192.168.0.3[192.168.0.3] said: 501 5.1.7 Invalid address(in reply to MAIL FROM command)