This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SMTP multiple domains - Relay not permitted

Hi there...

My issue is that we run three companies which all have different external domain names.. we installed our UTM box a few months back and love it, SMTP was a breeze to setup and we didn't think we had a problem until today.

I need to confirm we are the owner of one of our domains and they want to send us an email.. we really only use one of our domain names for email so we did not notice that the other two could not receive emails until now.

This is our setup

 Routing

  • Domains has the three domains as *.domain1.com, *.domain2.net, *.domain3.net
  • Route by: DNS hostname
  • Verify recipients: With callout 

Relaying

  • Host-based Relay: our internal Exchange server 

And not much else...

The error we get in the log is

H=mail-qk0-f175.google.com [xxx.xxx.xxx.xxx:36692 F=<xxx@gmail.com> rejected RCPT <xxx@domain1.net>: Relay not permitte

If anyone has any ideas I would be grateful.

Chris



This thread was automatically locked due to age.
  • Actually.. as  final attempt to solve this .. after 3 hours of tinkering with different settings I tried adding another domain to the Routing tab

    I added domain2.net and domain3.net without the "*" and i received 10 emails.

    Maybe it was obvious from the documentation, but it seems to suggest you should use wildcards liberally.

    Hopefully this will save someone else a few hours of frustration in the future.

    Regards

    Chris

  • Hi Chris,

    Glad you were able to resolve it yourself!

    From my understanding of the domains section of email filtering it is a string match type lookup and does not have the capability to understand wildcards. so it will be looking for emails that are tharg@*.domain1.com and not tharg@subdomain.domain1.com.

    Just to add to your already found solution!

    Emile

  • Emile,

    As always its obvious when you finally find the answer.. and all to often it is staring you in the face all along.

    Thank you for the extra explanation.. you are 100% right it was the "dot" in front of the domain name.. grr

    Thanks again

    Chris