SBS 2008 R2: Did something change with anonymous relays?

Posted by gravyface on Server Fault See other posts from Server Fault or by gravyface
Published on 2011-02-20T22:26:48Z Indexed on 2011/02/20 23:26 UTC
Read the original article Hit count: 225

Filed under:

exchange

|

sbs-2008

|

smtp-relay

Have noticed that prior documentation on setting up anonymous relays in SBS 2008 no longer work without some additional configuration.

Used to be able to follow this documentation, which is basically:

setup a new receive connector
add the IP address(es) that will be permitted to relay
check off "anonymous" under Permission Group and then run the Exchange shell script to grant permissions.

Now what seems to be happening is that if the permitted IP address happens to fall within the same address space as another more restrictive Receive Connector (like the "Default SBS08" one) and possibly if it's ahead of the new Receive Connector alphabetically (haven't tested that yet), the relay attempt fails with "Client Was Not Authenticated" error.

To get it to work, I had to modify the scope of the "Default SBS08" Receive Connector to exclude the one LAN IP that I wanted to allow relaying for.

I can't recall ever having to do this for Exchange 2007 Standard and/or any other SBS 2008 servers I've setup over the last couple of years and I don't remember doing this and the wiki entry I added at the office doesn't mention it either.

So my question is, has anyone else experienced this? Has there been a new change with R2 or perhaps an Exchange Service Pack?

© Server Fault or respective owner

Related posts about exchange

Upgrade Exchange 2003 to Exchange 2010 – Part II

as seen on Simple Talk - Search for 'Simple Talk'
In Jaap's second article on upgrading straight from Exchange Server 2003 to 2010, he explains how to move the various services from Exchange Server 2003 to Exchange Server 2010 and fully decommission the Exchange Server 2003 servers. >>> More
Upgrade Exchange 2003 to Exchange 2010

as seen on Simple Talk - Search for 'Simple Talk'
In this article, the first of two in which Jaap describes how to move from Exchange Server 2003 straight to Exchange Server 2010, he shows what is required before moving mailboxes from Exchange Server 2003 to Exchange Server 2010. He shows how to upgrade Active Directory, install both Exchange Server… >>> More
exchange server 2010 Outlook Web Access - Exchange Control Panel WEB Interface

as seen on Server Fault - Search for 'Server Fault'
from what i can gather the mailbox bit of the web interface works fine.. when any of the users go to options (top right) and try to use some of the features such as the Organise Mail Delivery Reports to find messages etc... it comes up with a message .. "An item with the same key has already been… >>> More
Backup multiple Exchange Accounts without direct access to exchange server

as seen on Server Fault - Search for 'Server Fault'
For e-mail, we use Microsoft Exchange and it is hosted by 1and1.com. We have about 30 Exchange accounts that I would like to backup to a PST file. That is, for each account that we have (all 30), I would like to create a single PST file (1.pst thru 30.pst). I do not have direct access to the Exchange… >>> More
when using exchange 2010 it complains of not talking to Information Store service on exchange 2007

as seen on Server Fault - Search for 'Server Fault'
I am attempting to do an upgrade in my org from exchange 2007 to exchange 2010. I moved all the mailboxes and made sure my certificates were setup in exchange 2010. I then changed my ip forwarding rules to forward mail to my exchange 2010 box. I can receive email. I then powered off my exchange 2007… >>> More

Related posts about sbs-2008

Intranet Site Authentication Issues on SBS 2008

as seen on Server Fault - Search for 'Server Fault'
Hello, Simply, the Sharepoint intranet site that is automatically installed with SBS 2008 is bound to port 5555 in IIS so to get to it you can browse to server-name:5555 and then authenticate using domain credentials. I have added another binding on port 80 using a host header so intranet.localdomain… >>> More
Unable to install sbs 2008 in DELL POWEREDGE T100 [closed]

as seen on Server Fault - Search for 'Server Fault'
Still unable to install WIN SBS 2008 in DELL POWEREDGE T100 server and the long post is going on at http://social.technet.microsoft.com/Forums/en-US/winservergen/thread/aa1bc4b0-943e-4ada-8de1-e03161c8fc2c My problem is unable to install sbs 2008 in 500 GB 4k sectors hdd but installation is successful… >>> More
SBS 2008 BPA Warnings After Migration From SBS 2003

as seen on Server Fault - Search for 'Server Fault'
We just finished a we-know-just-enough-to-be-dangerous migration from SBS 2003 to SBS 2008, and things seem to have gone relatively smoothly. After running the SBS 2008 Best Practices Analyzer on the destination server, we've got three warning messages, and I can't tell if they're important or not… >>> More
Can't seem to setup RICOH to scan to SBS 2008 shared folder

as seen on Server Fault - Search for 'Server Fault'
Banging my head against any hard surface trying to figure out why I cannot connect the RICOH copier to a shared folder on my SBS 2008. Here's the particulars: New SBS 2008 Server New Network clients running Win XP Pro SP3 New Ricoh multifunction copier Cannot browse network and find SBS server… >>> More
Windows SBS 2008 - how to diagnose port forwarding problems?

as seen on Server Fault - Search for 'Server Fault'
We have a Windows SBS 2008 machine. Several ports need to be forwarded from the router to the server (the machine hosts a FTP server, a Web server, and we need to be access it through Remote Desktop). We recently changed routers (from SpeedTouch to Huawei EchoLife HG520s). With the previous router… >>> More