How to Setup an Unauthenticated Relay in Exchange 2007
By Ian Matthews, Up & Running Technologies Inc, January 27, 2010  Last Updated January 28, 2010

You likely have a server or application which needs to send email but cannot authenticate (sign in as a user) against your Exchange mail server for one reason or another.   It is actually quite a painless process to configure your Exchange server  to NOT need to authenticate SMTP traffic from a particular IP address:

 

	Go to your Exchange Management Console, and drill into SERVER CONFIGURATION, HUB TRANSPORT, RECEIVE CONNECTORS.  Then Right click and select NEW RECEIVE CONNECTOR
	Type in a Name that means something to you in the NEW SMTP RECEIVE CONNECTOR field and make sure the SELECT THE INTENDED USE drop down is on CUSTOM.
	Leave the Local Network Settings at their defaults and click NEXT.  You can complete the FQDN field if you wish but it is not required.
	On the Remote Network Settings screen double click the 0.0.0.0-255.255.255.255 entry and put in the address range of the server which you want to exempt from authenticating... ya know... the one you want to allow to relay.  In my case I had three servers so I put that range in, but you could use the same IP for the Start and the END, if you only had one server you wanted to allow to relay.
	Click the NEW button to make it happen

Now that you have your spanky new connector, all you have to do is tell Exchange that the server(s) you want to allows relays from (i.e. the ones in the IP Range you specified above) do not have to authenticate.  This is pretty easy:

 

Double click on your new connector and select the PERMISSIONS tab.  Then click ONLY the EXCHANGE SERVERS option.  I know, I know, you are thinking you should click the ANONYMOUS option, but you should not.  The EXCHANGE SERVERS option is telling your Exchange to treat the servers specified in the IP Range as if they were Exchange servers (i.e. let them anything... including relay!)

Now click the AUTHENTICATION tab and select only the TRANSPORT LAYER SECURITY and EXTERNALLY SECURED check boxes.  This tells your Exchange server that there is no need to force and authentication, because the server(s) which will be connecting are trusted and secured through some other means (i.e. you think your LAN is secure!) Note: You MUST set the PERMISSIONS tab BEFORE, you EXTERNALLY SECURED

___________________________________
 

In my case, I needed to get a PHPBB v3 Forum I run (www.commodore.ca/forum) to send email to new registrants.  I was getting one of two errors in the PHPBB's MAINTENANCE, ERROR LOG:

 

E-mail error » EMAIL/SMTP /forum/ucp.php No supported authentication methods. Backtrace Connecting to mail.commodore.com:25 LINE: 926 <- 220 server08.web2008.local Microsoft ESMTP MAIL Service ready at Sat, 23 Jan 2010 03:37:39 -0700

 

E-mail error » EMAIL/SMTP /forum/ucp.php Ran into problems sending e-mail at Line 962. Response: 550 5.7.1 Unable to relay <calgrych@yahoo.com> possibly an invalid e-mail address? Backtrace Connecting to mail.commodore.com:25 LINE: 926 <- 220 server08.web2008.local Microsoft ESMTP MAIL Service ready at Tue, 26 Jan 2010 20:49:23 -0700

I had the configuration set in the phpbb Email SMTP Configuration in the Administrators Control Panel (ACP) that you see in the screen shot to the left. 

NOTE: That originally, I was using the mail server NAME (mail.commodore.ca) which was a mistake because that address resolves to a public IP and my Exchange "relay" connector was setup for 10.1.4.14.  Because the did not match, I could not relay.  


Now my PHPBB v3 forum can send (relay) email through my Exchange server without any problem.  If you are worried about security, I think you can sleep easily, because you configured your Exchange server to allow relays only from the IP address of the server in question.

Note that in addition to using the PHPBB support forum, you might find THIS page and THIS Microsoft article to be helpful, if you continue to have problems.