Jump to content

Question

Posted

I'm running exchange 2010 at home to learn more about AD and IT setups. I've set up an Ubuntu VM that sits in front of the exchange server, running Postfix/Spamassassin/Pyzor/Razor/DCC/CLAMAV/Mailscanner to weed out spam and viruses. While the setup works great at reducing nearly 100% of all spam, theres an issue with the vm sending messages to myself

[attachment=321596:Untitled.png]

I've set up the receive connector in exchange to only allow access from the VM for SMTP, so that nothing else can directly access exchange. I have no issues receiving email from anywhere on the internet, but if I try to send email from the ubuntu vm (logs, etc), Exchange seems to bounce or reject the message, with the following showing in the logs:

[quote]<myemail@mydomain>: host 192.168.0.3[192.168.0.3] said: 501 5.1.7 Invalid address(in reply to MAIL FROM command)[/quote]

If I look in the root mail account on ubuntu, i see the following:




[CODE]
Final-Recipient: rfc822; <myemail@mydomain.com>
Action: failed
Status: 5.1.7
Remote-MTA: dns; 192.168.0.3
Diagnostic-Code: smtp; 501 5.1.7 Invalid Address
.
.
.
.
To: myemail@mydomain.com
From: root
Subject: Logwatch for ubuntu (Linux)
[/CODE]

I already enabled anonymous users to access the receiver connector, so why is exchange rejecting mail from the root user?

Share this post


Link to post
Share on other sites

8 answers to this question

  • 0

Posted

can you post some screen shots of your receive connector you setup?

Share this post


Link to post
Share on other sites
  • 0

Posted

why would exchange accept email from "root" That is not a valid email address, root@something.tld would be valid email address.

To: myemail@mydomain.com
[b]From: root[/b]
Subject: Logwatch for ubuntu (Linux)"

Share this post


Link to post
Share on other sites
  • 0

Posted

[quote name='BudMan' timestamp='1353012364' post='595323200']
why would exchange accept email from "root" That is not a valid email address, root@something.tld would be valid email address.

To: myemail@mydomain.com
[b]From: root[/b]
Subject: Logwatch for ubuntu (Linux)"
[/quote]

that's what ubuntu is sending as. Shouldn't the "anonymous" access allow any sending party to access the SMTP server? I thought about that, since "root" is just a account name, and not a proper address, but I don't know how to change it.

[b]Organization -> Hub Transport -> Send Connectors:[/b]
[attachment=321600:hubtrans1.png]
[attachment=321602:hubtrans2.png]
[attachment=321604:hubtrans3.png]
[attachment=321606:hubtrans4.png]

[b]Server Configuration -> Hub Transport -> Receive Connectors:[/b]
[attachment=321608:rcv1.png]
[attachment=321610:rcv2.png]
[attachment=321612:rcv3.png]
[attachment=321614:rcv4.png]

Share this post


Link to post
Share on other sites
  • 0

Posted

quick google for forward root mail to external found this

http://serverfault.com/questions/243669/procedure-to-forward-root-email-to-external-email

Share this post


Link to post
Share on other sites
  • 0

Posted

I would agree with budman that the email address "root" is the problem. You would have to change it with the format of root@something.com. Budmans instructions should do that for you. The receive connector should work for you. The send connector is fine. in exchange 2007 they incorporated a block from unauthenticated sources to send mail outside of the domain.

In exchange powershell (there is no gui check box or setting you can make to enable this):
Get-ReceiveConnector "modelxposure.com" | Add-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON" -ExtendedRights "ms-Exch-SMTP-Accept-Any-Recipient"

Share this post


Link to post
Share on other sites
  • 0

Posted

Looking at the initial diagram, your Linux box is 192.168.0.2, but on the receive connector on exchange you don't have that IP listed. Also for an internal machine to send to exchange direct (i.e. not through outlook so not AD secured) then you have to enable 'externally secured (For example with IPsec)' so that the connection will be permitted, as your box sending an email is acting as a client in this scenario and not a relay server.

See screenshot:

Share this post


Link to post
Share on other sites
  • 0

Posted

you don't need to enable externally secured.

Share this post


Link to post
Share on other sites
  • 0

Posted

Sorry ignore me, this is for relaying through the server, doh!

and this being in the rejection message confirms for me the format of the from address is to blame:

<myemail@mydomain>: host 192.168.0.3[192.168.0.3] said: 501 5.1.7 Invalid address(in reply to MAIL FROM command)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0

  • Recently Browsing   0 members

    No registered users viewing this page.