As previously mentioned we’re running CommitCRM as our CRM and PSA tool and the program needs to interact with Exchange to both receive and send emails. Although we had this working to a degree, I finally got around to troubleshooting why we weren’t getting certain emails through. I had previously read on UKSBSG that Exchange 2007 by default wouldn’t allow anon email to be routed internally – something a scan to email device might need to do. CommitCRM has a tool to test the email settings and this was giving the following error:
504 5.7.4 Unrecognized authentication type
RequestDone Rq=11 Error=504 5.7.4 Unrecognized authentication type
A quick Google didn’t turn up anything useful so I turned to the ever resourceful MS Partner Online Technical Community (PTOC). As always I got a extensive reply and because it was in the SBS forum this was within four hours. Shawn from MS explained that the application was trying to use “UTH CRAM-MD5”, but that this was supported by Exchange 2003 and not Exchange 2007. To work around this problem Shawn laid out the steps to create a new Receive Connector for Commit to use:
- 1. In EMC, expand Server Configuration, highlight the Hub Transport.
- 2. Start new Receive Connector wizard
- 3. On the Introduction page, follow these steps:
- a. In the Name: field, type a meaningful name for this connector. This name is used to identify the connector.
- b. In the Select the intended use for this connector: field, select Custom.
- c. Click Next.
- 4. On the Local network settings page, click Next
- 5. On the Remote Network settings page, remove the existing 0.0.0.0 - 255.255.255.255 entry. Then add only the IP of the application server to the list
- 6. After completing the Wizard, open properties of the new created receive Connector
- 7. Enable the option "Exchange Servers" under Permission group
- 8. On the authentication page, enable "Externally secured" option
- 9. Restart Microsoft Exchange Transport service
This helped partially, but I also needed to allow Commit to send emails anonymously:
- 1. Open the properties of the Receive Connector we created.
- 2. Under the Permission Group tab, enable Anonymous users.
- 3. Under Authentication tab, only enable "Basic Authentication"
- 4. Restart the Exchange Transport Service.
I was now closer and could send emails internally, but not externally. Via further communication with Shawn I discovered that Exchange 2007 doesn’t allow anonymous users to relay, but this can be changed with the following command in the Exchange Management Shell:
Get-ReceiveConnector "Connector_Name" | Add-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON" -ExtendedRights "Ms-Exch-SMTP-Accept-Any-Recipient"
After using this command email started flowing correctly for Commit and I’m pretty sure the same setup could be used for other devices/apps that need to route email.
Many thanks once again to the guys at MS PTOC, life is a lot easier when you know someone will have the answer.