Exchange 2016 / 2019 Error : Fixed : 550 5.7.54 SMTP; Unable to relay recipient in non-accepted domain

Hello All

Today we are going to see how to fix the error while sending the email to  External SMTP Relay in Exchange Server 2016 or 2019

Scenario

let’s see what happens if I try to use Telnet to send an email message from a valid internal address to an external recipient using telnet with the default receive connector 

220 cmex01.cloudmonkeys.xyz Microsoft ESMTP MAIL Service ready at Sat, 20 Apr 2024 18:08:38 +0530

ehlo

250-cmex01.cloudmonkeys.xyz Hello [::1]

250-SIZE 37748736

250-PIPELINING

250-DSN

250-ENHANCEDSTATUSCODES

250-STARTTLS

250-X-ANONYMOUSTLS

250-AUTH NTLM

250-X-EXPS GSSAPI NTLM

250-8BITMIME

250-BINARYMIME

250-CHUNKING

250 XRDST

mail from: ramki@cloudmonkeys.xyz

250 2.1.0 Sender OK

rcpt to: rush2ramki@hotmail.com

550 5.7.54 SMTP; Unable to relay recipient in non-accepted domain

Resolution 

There are two ways you can resolve this and allow your devices and applications to send to external recipients:

• Using authentication for SMTP connections
• Configuring an anonymous SMTP relay connector

In this blog, am going to cover in the second method - Configuring an anonymous SMTP relay connector

External SMTP Relay with Exchange Server 2016 Using Anonymous Connections

When authenticated SMTP is not an option we can create a new receive connector on the Exchange 2016 server that will allow anonymous SMTP relay from a specific list of IP addresses or IP ranges. 

In the Exchange Admin Center navigate to mail flow and then receive connectors. Select the server that you want to create the new receive connector on, and click the “+” button to start the wizard.

You may receive the below error while finish the new receive connector wizard

Remove the default IP range from the Remote network settings, and then add in the specific IP addresses or IP ranges that you want to allow anonymous SMTP relay from. I do not recommend adding entire IP subnets that contain other Exchange servers as this can cause issues with server to server communications.

Additional Configuration 

In the Exchange Management Shell run the following two commands

[PS] C:\Windows\system32>Set-ReceiveConnector -Identity "CMEX01\CMEX01_Annon_RELAY" -PermissionGroups Anonymoususers

[PS] C:\Windows\system32>Get-ReceiveConnector -Identity "CMEX01\CMEX01_Annon_RELAY" | Add-ADPermission -User "NT AUTHORITY\Anonymous logon" -ExtendedRights MS-EXCh-SMT

P-Accept-any-Recipient

 

Identity             User                 Deny  Inherited

--------             ----                 ----  ---------

CMEX01\CMEX01_Ann... NT AUTHORITY\ANON... False False

Now you can send the email from telnet or any application to send email to external with dedicated SMTP relay connector 

220 CMEX01\CMEX01_Annon_RELAY

ehlo

250-cmex01.cloudmonkeys.xyz Hello [192.168.0.13]

250-SIZE 37748736

250-PIPELINING

250-DSN

250-ENHANCEDSTATUSCODES

250-STARTTLS

250-X-ANONYMOUSTLS

250-AUTH NTLM

250-X-EXPS GSSAPI NTLM

250-8BITMIME

250-BINARYMIME

250-CHUNKING

250 XRDST

mail from: ramki@cloudmonkeys.xyz

250 2.1.0 Sender OK

rcpt to: rush2ramki@hotmail.com

250 2.1.5 Recipient OK

data

354 Start mail input; end with <CRLF>.<CRLF>

.

250 2.6.0 <6ba7172b-0798-4cc4-8872-5a8fbe3de58d@cmex01.cloudmonkeys.xyz> [InternalId=14267881357315, Hostname=cmex01.cloudmonkeys.xyz] 1530 bytes in 0.105, 14.185 KB/sec Queued mail for delivery

I hope this blog is  helpful to configure the relay connector for anonymous in exchange 2016 or exchange 2019. . Happy Learning  😃