Machine accounts are irrelevant. If what you're saying is true then my customers would not be able to connect to our services (I work for an ASP).
The only addresses that you need in the access list are those of your firewall\ mail gateway ? server(s), which have to be able to relay. All other relay users must authenticate. Are all the clients behind the firewall, or are some in front & using VPN? Are those clients that can't connect, on different ip addresses? Turn up the logging on the exchange server, and see what is reported in the event logs. Yours, Julian Stone -----Original Message----- From: Tony Hlabse [mailto:[EMAIL PROTECTED]] Sent: 16 February 2002 20:23 pm To: Exchange Discussions Subject: Relay blues I know this is fairly easy issue and discussed before but I don't understand why some users are getting 5.4 errors stating that the Exchange server can not relay their message. So bear with me on this one. I have a single E2K server sitting behind a Pix firewall. The email server is a domain controller in a single 2000 domain. The majority of the users log into NT4.0 domains, there 16 of them, and use mostly POP3 clients. The clients include Netscape, Express and Outlook. We are slowly converting all to use the full Outlook. I set the relay setting in E2K to the following. (Only the list below) is ticked and so is (Allow all computers that successfully authenticate) In the access list I put in 10.0.0.0 and subnet mask of 255.0.0.0 That is the schema they use. When set as above some users get the relay error message while others do not. As I was thinking about this this weekend it came to me that it may be a rights issue. If a user logs into a NT 4.0 domain and is using the Microsoft Exchange Server service for Outlook, that person will not be able to access his mailbox until that NT 4.0 users is given Mailbox rights on the AD where the exchange server resides. But for POP3 client users this is not true. But I am wondering if this is why when I have the relay settings as above that it's a mailbox rights issue causing the relay errors. NT 40 users of Full Outlook do not have this problem and of course were given full mailbox access in 2000 domain account. My guess is that it is a mailbox rights issue. Of course when I tell it to relay all, the errors go away. When I get in next Tuesday (school district) I am of going to add mailbox access rights to one of the erroring users and have them try again. Anything else that I might be missing? _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] ------------------------------------------------------------------------ This e-mail and any attachments may be confidential and/or legally privileged. If you have received this e-mail and you are not a named addressee, please inform the Netstore Technical Support Desk on +44 1344 444342 and then delete the e-mail from your system. If you are not a named addressee you must not use, disclose, distribute, copy, print or rely on this e-mail. Although Netstore routinely screens for viruses, addressees should scan this e-mail and any attachments for viruses. This mail has been processed with the Netstore Content Filtering Service. Visit our website at www.netstore.net ------------------------------------------------------------------------ _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED]
