SMTP Protocol returned a permanent error 554 Relay rejected for policy reasons.

pts.
Tags:
Lotus Domino
Microsoft Exchange
Hi, Need your assistance urgently We have two internal domino server eg server1,server2 Server1 is the only mail server that can send internet SMTP mail to the internet.it is running fine I need the internet bound mail on server 2 to be sent through server 1.Internal mail routes fine but when i try to send internet mail the mail bounces back with the following error: "Error transfering to server1:SMTP protocol returned a permanent error 554 relay rejected for policy reasons i have the SMTP inbound controls on server1 configuration document as follows: Allow messages from external internet domains to be sent only to the following internet domains: ,<domain name> Deny messages from external internet domains to be sent to the following internet domains: Allow messages only from the following external internet hosts to be sent to external internet domains:<ip address of server 2> Deny messages from the following external internet hosts to be sent to external internet domains: On server 2,i have the configuration setup as follows SMTP used when sending messages outside of the local internet domain:Enabled SMTP allowed within the local internet domain:Disabled Relay host for messages leaving the local internet domain:Server 1 ip address. I have gotten a lot of solution suggesting what i did was right but i still get the same error. Will appreciate your help,the users on server2 are screaming Rgds Yemoseh

Answer Wiki

Thanks. We'll let you know when a new response is added.

Yamoseh,

I have been suffering from the same error message but this was due to an error on my part when I was changing SMTP Inbound Restrictions to allow an AS/400 to relay SMTP mail though my Domino SMTP server to the Internet. I accidentally allowed the Domino Server to become an Open Relay which was subsequently detected by the Open Relay DB organisation which promptly placed my server on a blacklist. It could be blacklisting which is causing the Permanent SMTP Error 554 messages.

If this is the reason you need to make sure your server is no longer behaving as an Open Relay – just check your mail.box – it will be full of SPAM items which are not addressed to or from your users.

The main parameters you need to check are in the Configuration Doc under “Router/SMTP”, “Restrictions and Controls”, “SMTP Inbound Controls”. The settings:

“Allow messages to be sent only to the following external interenet domains:” set to blank (if you put anything in hese you’ll seriously restrict your users’ ability to send mail to anywhere except the nominated domains)

“Deny Messages to be sent to the following external internet domains” should be ‘*’ (ie all)

and

“Deny messages from the following internet hosts to be sent to external internet domains” should be ‘*’ (all)

To control which server can send internet mail via the SMTP server use the settings under “Inbound Relay Enforcement”

“Perform Anti-Relay enforcement for these connecting hosts:” set to ‘External hosts’

“Exclude these connecting hosts from anti-relay checks:” set to include your server2 hostname (make sure your DNS is set up to allow reverse lookups – if not, you will have to use the ip address of the server)

“Exceptions for authenticated users:” set as ‘Allow all authenticated users to relay’

If your server2 is a Domino Host on the same Domino Domain you shouldn’t need to add it to the exclusions list.

Have you set up a Global Domain document, a Foreign SMTP Domain document and finally a SMTP Connection documnet for your SMTP server? I believe this is the ‘old’ way of setting up a single SMTP gateway server (see “Sample mail routing configurations” in the Lotus Administrator Help) but it’s the only way I know and it works!!

If you have been blacklisted the SMTP error message should refer to a site address which has logged your server. If not, you can check for blacklisting at the following site which checks 39 organisations (I guess there are many more but this is a start… http://openrbl.org (click on the Openrb JS Client button, enter your server’s EXTERNAL ip address ie the one the outside world sees you. If you don’t know what this is, go to www.dnsreport.com and enter your domain name in the DNS Report field and go for it…checkout the report – you may find some interesting anomalies which could need attention – look for the MX Record – here you will find your external mail server address (it’s the one with ‘host’ not ‘relay’).

I hope this is comprehensive enough but you’ve basically got what I’ve learnt about over this last week following the original mistake made on Friday 20 Jan and I’m still waiting to get off the blacklist at ORDB!!

Best of luck

Dave

Discuss This Question:  

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following