Microsoft KB Archive/255168
XCON: Problem Receiving SMTP Mail with Error Message: Client Was Not Authenticated
The information in this article applies to:
- Microsoft Exchange 2000 Server
An SMTP message sent to a mailbox on a computer running Microsoft Exchange 2000 Server may generate a non-delivery report (NDR) that says that the "Client was not authenticated." The NDR may contain the following information:
Unable to deliver the message due to a communications failure.
505 5.7.3 Client was not authenticated
This happens despite the fact that the mailbox on the Exchange 2000 server can send messages to any external SMTP address without problems.
By default, Exchange 2000 SMTP Service does not allow unauthenticated SMTP connections. This is by design and is intended to prevent the Exchange 2000 server from being used as a potential relay for sending unsolicited mail (spamming). Therefore, the only inbound SMTP traffic that an Exchange 2000 server accepts out of the box is from another Exchange 2000 server (because the servers automatically authenticate with one another through Kerberos), or from a client that knows how to issue an AUTH command. If an Exchange 2000 server is going to be listening on the Internet, you have to enable anonymous access.
NOTE: Because enabling anonymous access to the SMTP service also opens up the Exchange 2000 server for relay, you may need to specify the IP addresses, subnets, or domains that will be allowed to relay. This specification must include your other Exchange 2000 servers. In doing this, you should clear the Allow all computers which successfully authenticate to relay, regardless of the list above check box. To see this check box, open the properties of the default SMTP server, click the Access tab, and then click Relay.
Enabling anonymous access also allows internal POP/IMAP clients to relay without the AUTH command.
Additional query words: exch2kp2w NDR, smtp, relay,
Issue type : kbinfo
Last Reviewed: October 21, 2000