Unable to deliver email from Messaging Gateway to Exchange 2007 or later mail server.
Symptoms When attempting to deliver email to an Exchange 2007 or later server from a Messaging Gateway (SMG) appliance the email never delivers.
In the message audit log the message displays an action of Deliver message normally
Under the delivery the Delivered to is none
Performing a telnet communication from the appliance to the Exchange 2007 or later server you receive error 530 5.7.1 client was not authenticated. This is seen after "mail from: firstname.lastname@example.org"
By default, Exchange 2007 and later servers only accepts secure, authenticated connections. The Messaging Gateway appliance is attempting to send email to the server without authenticating resulting in the message being rejected with a terminal 530 response.
Allow anonymous authentication email access to the Exchange server. These instructions were verified for Exchange 2007 and 2010, steps may very in later versions.
Open Exchange Management Console
Expand Server Configuration
Select Hub Transport
Under the "Receive Connectors" tab, right click on the connector that is used and select "Properties".
Note: The connector name usually starts with "Default", followed by the hostname of your exchange server. If you want to make sure it is the right connector or if there is more than one connector present in your configuration, then follow these steps to verify you are editing the right connector's settings
Right-click on the connector name and choose Properties, if not done so already
Click on the Network tab
Under the "Use these local IP addresses to receive mail" section, locate the entries that start with "All available IPv... " in the table
Inside the "Port" column, make sure it has the value of "25". If this port value is different, then click "Cancel" and go back to the "Receive Connectors" tab and choose another connector and repeat these steps until you find a connector that has the port "25" listed under the "Port" column. This is the same SMTP port you configured on your Symantec Brightmail Gateway appliance for this mail server.
If the port "25" is there, you can proceed to the next step - Permissions Group tab.
Select the tab "Permission Groups"
Check "Anonymous users"
If secure and authenticated communication is required by IT policy, the SMG appliance may be configured with a TLS client certificate to authenticate itself to the Exchange infrastructure.