Microsoft KB Archive Search

Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

  1. Home
  2. Users Without Permissions to Relay Messages Can Still Send Messages Through the SMTP Virtual Server

Users Without Permissions to Relay Messages Can Still Send Messages Through the SMTP Virtual Server

View products that this article applies to.

Symptoms

When you configure relay restrictions for the Simple Mail Transfer Protocol (SMTP) virtual server to deny the Submit Permission permission to a user so that the user cannot relay messages through the virtual server, you may find that the user can successfully send messages.

This problem occurs even though you restrict relay access and configure permissions for the user by taking the following actions in the Relay Restrictions dialog box. (To reach the Relay Restrictions dialog box, in Exchange System Manager, right-click the SMTP virtual server, click Properties, click the Access tab, and then click Relay.)
  • You click to clear the Allow all computers which successfully authenticate to relay, regardless of the list above check box.
  • You click Users, and then in the Permissions for Submit and Relay dialog box, you click to select the Deny check box that is next to the Submit Permission permission for the user.

↑ Back to the top

Cause

This problem may occur if anonymous access is enabled for the SMTP virtual server. In Exchange Server 2003, when you click to clear the Allow all computers which successfully authenticate to relay, regardless of the list above check box in the Relay Restrictions dialog box to configure relay permissions for specific users or computers, anonymous access is not automatically disabled on the SMTP virtual server. You must manually disable anonymous access to the SMTP virtual server.

↑ Back to the top

Workaround

To work around this issue, manually disable anonymous access for the SMTP virtual server:
  1. Click Start, point to Programs, point to Microsoft Exchange, and then click System Manager.
  2. In the console tree, expand Servers, expand ServerName, expand Protocols, and then expand SMTP.
  3. In the right pane, right-click the SMTP virtual server (for example, Default SMTP VirtualServer), and then click Properties.
  4. Click the Access tab.
  5. Under Access control, click Authentication.
  6. Click to clear the Anonymous access check box, click OK, and then click OK.

↑ Back to the top

Status

Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article.

↑ Back to the top

More information

When anonymous access is disabled and you deny the Submit Permission permission to a user so that the user cannot relay messages through the SMTP virtual server, if the user tries to send a message, they receive a message similar to the following message:
The message could not be sent because the server rejected the sender's e-mail address. The sender's e-mail address was 'EmailAddress'. Subject 'Subject', Account: 'Account', Server: 'Server', Protocol: SMTP, Server Response: '454 5.7.3 Client does not have permission to submit mail to this server.', Port: 25, Secure(SSL): No, Server Error: 454, Error Number: 0x800CCC78

↑ Back to the top

Keywords: KB818778, kbbug, kbnofix

↑ Back to the top

Article Info
Article ID : 818778
Revision : 6
Created on : 10/25/2007
Published on : 10/25/2007
Exists online : False
Views : 257