TL;DR: How do I make sure that the SMTP server doesn't accept external messages for distribution groups that are set to require authentication?
I have an Exchange 2010 server that has multiple distribution groups where some of the groups are used only internally (RequireSenderAuthenticationEnabled == $true) and some are used publicly (RequireSenderAuthenticationEnabled == $false).
The public groups work as expected.
The internal groups work as expected for internal (i.e. authenticated) users, however, the SMTP service is not rejecting messages from external users. Instead, it accepts the message into the queue:
250 2.6.0 <[email protected]> [InternalId=3951] Queued mail for delivery
But then fails to route the message:
Source : ROUTING
EventId : FAIL
InternalMessageId : 3951
MessageId : <[email protected]>
Recipients : {[email protected]}
RecipientStatus : {550 5.7.1 RESOLVER.RST.AuthRequired; authentication required}
So the end result is that the message is never received by the group, however, the sender doesn't know this b/c according to our SMTP server the message was accepted.
How do I ensure that the SMTP server rejects the message instead of queuing it for delivery? (I thought this was the default behavior but I'm not sure what might have changed)
The relevant receive connector is set up as follows:
Update 2019-03-19:
I have confirmed that running the same scenario on another environment (Exchange 2010 on SBS 2011) produces the expected results. I created two groups, set the RequireSenderAuthenticationEnabled flag accordingly, and the private group rejects external email at the SMTP connector with the following message:
550 5.1.1 User Unknown
The relevant SMTP connector has the same settings on the Authentication and Permission pages.
Update 2019-03-21:
After installing Exchange 2010 SP3 R26 the results are still the same.
0 Answers