Video Screencast Help

554 5.1.2 Recipient address rejected: User unknown

Created: 08 May 2013 | 2 comments


I have looked around the forums but haven't found the answer to my problem, but apologies if this duplicates an error.

I am trying to configure SMG to relay messages from a particular set of IP address' to both local and non-local domains. The local domains work fine, but sending to non-local (*@ for example) does not work. I get 554 5.1.2 Recipient address rejected: User unknown.

The local domains are configured under Protocol>Domains, but I do not know how to allow SMTP email to non-local domains. Using the built in tools I am able to do an MX lookup for, but beyond this I'm stumped.

Can anyone suggest what I might be doing wrong please?


Operating Systems:

Comments 2 CommentsJump to latest comment

Art_P's picture

The non-local domains would still need to be configured as local domains, since you are accepting inbound directed email for those domains. However, you would need to make sure that recipient validation is not turned on non-local domains.

Aside from recipient validation, the important difference would be in the delivery tab which dictates where the message goes after it is accepted. You would likely configure it to use MX Lookup so that it will get the appropriate Mail Exchanger IP of the non-local address.

The primary issue with this configuration is that you would be creating open relays for those non-local domains. You will need to protect the Messaging Gateway so spammers are not able to bounce messages through your appliance to those non-local domains. In your message you are stating that you are somehow restricting acceptance to a specific set of IPs, but it is still important to be aware of the open relay status.

TSE-JDavis's picture

In addition to that, you can also turn on the outbound mail scanning feature. You would then assign an IP/interface for the outbound mail senders to send their mail to and add their IP addresses to the outbound mail acceptance list.

Yet another option is to turn on authentication so they can relay through the SMG as long as they provide the credentials assigned to them in the LDAP source you point us to (Active Directoy, Domino, etc.).

Both of those options are under the Administration -> Configuration section and is configured on the scanner(s) under the SMTP tab.