Microsoft KB Archive/328666

= POP3 clients cannot authenticate to Exchange Server 5.5 with the Raptor Firewall =

Article ID: 328666

Article Last Modified on 10/27/2006

-

APPLIES TO


 * Microsoft Exchange Server 5.5 Standard Edition

-



This article was previously published under Q328666



Important This article contains information that shows you how to help lower security settings or how to turn off security features on a computer. You can make these changes to work around a specific problem. Before you make these changes, we recommend that you evaluate the risks that are associated with implementing this workaround in your particular environment. If you implement this workaround, take any appropriate additional steps to help protect your system.



SYMPTOMS
Remote POP3 clients may not be able to authenticate to Exchange Server, and the POP3 clients may receive the following error message:

550 relaying prohibited



CAUSE
This issue may occur if you are using a Raptor Firewall V6.0. The issue occurs because the Raptor Firewall V6.0 does not support Extended Simple Mail Transfer Protocol (ESMTP) commands until you configure it to do so. Remote users cannot authenticate to the server until you configure the firewall to allow Exchange Server 5.5 ESMTP verbs to be displayed.

ESMTP includes encryption on top of the authentication that Exchange Server uses to transfer Internet mail. SMTP does not include this additional layer of encryption. Some systems are not compliant with Internet Engineering Task Force (IETF) Request for Comments (RFC) 1651, which defines ESMTP commands, and so the systems do not accept ESMTP commands. This limitation may create compatibility problems when you send e-mail message over the Internet.



RESOLUTION
Warning This workaround may make your computer or your network more vulnerable to attack by malicious users or by malicious software such as viruses. We do not recommend this workaround but are providing this information so that you can implement this workaround at your own discretion. Use this workaround at your own risk.

Note A firewall is designed to help protect your computer from attack by malicious users or by malicious software such as viruses that use unsolicited incoming network traffic to attack your computer. Before you disable your firewall, you must disconnect your computer from all networks, including the Internet.

To resolve this issue, configure the firewall so Exchange 5.5 ESMTP verbs can be displayed. Use the firewall control panel to disable the SMTP daemon, and then create a rule to allow port 25 traffic to pass through. When you do this, the firewall does not act on SMTP traffic, so the Exchange server can do the authentication.

For more information about how to configure the Raptor firewall, see the documentation that came with the product, or contact Symantec for support with this issue. For information about how to contact Symantec, click the appropriate article number in the following list to view the article in the Microsoft Knowledge Base:

65416 Hardware and software vendor contact information, A-K

60781 Hardware and software vendor contact information, L-P

60782 Hardware and software vendor contact information, Q-Z



MORE INFORMATION
The third-party products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, regarding the performance or reliability of these products.

Additional query words: XADM

Keywords: kb3rdparty kberrmsg kbprb KB328666

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.