Tuesday, August 21, 2007

SMTP Server Responses




During the protocol conversation, the SMTP server might reject certain commands. One reason is because of the lack of permissions. The following list explains what combination of configuration and (lack of) permissions are responsible for the certain protocol rejects by the SMTP server.

We have seen this on Exchange 2007 new installation


 

  • Open EMC (exchange management Console)
  • Go to Server configuration
  • Hub Transport
  • Default (Receive connector)
  • Permissions Group
  • Tick, Anonymous users


 

530 5.7.1 Client was not authenticated

In response to "MAIL FROM". The session is not authenticated and does not have the ms-Exch-SMTP-Submit permission.

  

535 5.7.3 Authentication unsuccessful

In response to "AUTH". Either the credentials are incorrect, or the authenticated user does not have the ms-Exch-SMTP-Submit permission. (The reason why the lack of the Submit permission results in an authentication failure, and not an authorization failure is because the server would give away information, making the SMTP server a resource for password guess attacks.)

  

550 5.7.1 Client does not have permissions to submit to this server

In response to "MAIL FROM". The session is authenticated but does not have the ms-Exch-SMTP-Submit permission.

  

550 5.7.1 Client does not have permissions to send as this sender

In response to "MAIL FROM:". The "MAIL FROM" command specified an address at an authoritative domain, and the session does not have the ms-Exch-SMTP-Accept-Authoritative-Domain-Sender permission.

  

550 5.7.1 Client does not have permissions to send on behalf of the from address

In response to End Of Data. The authenticated user does not have permission to submit on behalf of the sender address specified in the header of the message, and

the session does not have the ms-Exch-SMTP-Accept-Any-Sender permission.

  

550 5.7.1 Unable to relay

In response to the "RCPT TO". The recipient domain does not match any of the accepted domains, and the session does not have the ms-Exch-SMTP-Accept-Any-Recipient permission.


 


 

Best

Oz Ozugurlu

No comments: