Problem solve Get help with specific problems with your technologies, process and projects.

Allow local servers to relay through Exchange

Exchange 2003 ships "locked down." This is great from a security perspective, but can create problems for programs on other servers that notify admins of system issues via e-mail.

Please let others know how useful this tip is via the rating scale at the end of it. Do you have a useful Exchange or Outlook tip, timesaver or workaround to share? Submit it to our tip contest and you could win a prize.

Up until the release of Exchange Server 2003, Exchange Server shipped in a fairly insecure state -- it had to be locked down manually to prevent outsiders from "hijacking" it and using it to send unsolicited e-mail (i.e., spam). With all of the brouhaha about not running Exchange as an open relay, it's easy to see why Microsoft decided to ship Exchange 2003 in a locked down configuration.

The downside of having Exchange 2003 ship in this heightened state of security is that it's easy to forget when you need Exchange to allow certain machines to relay. This can lead to errors when a server that needs to send information through the Exchange server is rebuffed unexpectedly. Programs that run on another physical server that notify administrators of problems via e-mail would definitely experience this problem.

A few solutions are possible:

  1. The first option is the most obvious one. You could allow the servers in question to relay through your server, either by IP address or by a set of user credentials (or both, if the other program can support it). Most such programs do not use MAPI (the Exchange messaging interface) to send e-mail; they use SMTP, so they can send mail through any program that's been set up to handle it. This is best if the other server is in the same general network as the Exchange server, since it minimizes the chances for outside intrusion.

  2. Another workaround would be to set up a mailbox in the environment where the other server is. This is useful if the other server is in another forest or another network entirely. Then, have that mailbox forward to the appropriate mailbox on the Exchange server. (If the other server is in a completely separate network, it could relay through the ISP's smart host and avoid the authentication issue altogether.)

  3. A third possibility is to use a simple SMTP server like Argosoft's free mail server, but only if relaying through a smart host isn't possible or desirable -- and if it isn't set up correctly, it could be hijacked and used as an open relay all over again.

About the author: Serdar Yegulalp is editor of the Windows 2000 Power Users Newsletter and a regular contributor to

Do you have comments on this tip? Let us know.

Dig Deeper on Legacy Exchange Server versions

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.