This afternoon our server in the office suddenly started refusing to deliver mail to outside domains – email for our domain is still delivered. I've tried Googling around and I can't find anything quite like this. It's Small Business Server 2003 SP2 and has been running fine for two years. There are only about 10 accounts on it (6 in use).
As soon as I send an email from Outlook or OWA or even via SMTP (from a machine that sends out periodic emails from a cron job) a NDR is generated:
Your message did not reach some or all
of the intended recipients.Subject: test from owa Sent: 17/07/2009 10:08 PMThe following recipient(s) could not
be reached:xxx@xxx.xxx on 17/07/2009 10:08 PM You do not have permission to send to this recipient. Forassistance, contact your system
administrator.
…
Relaying denied. Proper authentication
required.
(I've changed the domain to example.com and masked out the destination address: it doesn't matter what destination email address (other than local accounts) is used the result is the same)
There were no software installed or configurations changed. I've checked the authentication settings and they still allow SMTP from the LAN but the same happens from all user accounts through OWA and Outlook I've checked. I've checked for extra connections in netstat and there aren't suspicious looking emails in the Message Tracking Center, in case it was hacked. I've checked a blacklist checking site and our IP address isn't listed. I've tried disabling and changing the "smart host" and that results in the exact same problem. I've even tried rebooting the server!
It's 11pm Friday night here and the the boss doesn't want to be without email over the weekend…
Where are some places I can look to fix this problem? We are planning a migration to SBS 2008 in the coming weeks, but it would be handy if the current box worked until then!
Thanks in advance.
Best Answer
I bet whatever server your SBS box is using as its outbound smarthost (your ISP's mail server?) has had SMTP authentication turned on.
Find the smarthost in the SBS settings (Exchange System Manager from memory), contact whoever is responsible for running that server, and talk to them about authentication.
You might also like to try doing a Wireshark trace on your SBS box' internet-facing network card - watch for any outbound SMTP connection, and look at what's actually happening on the wire. This might well give you more clues.
Good luck, I don't envy you. My experience with SBS is, shall we say, not so good. Moving to Server 2008 Standard was a great move for me.