I have a service account for an application that is used to send out emails via a MSExchange server. The 'From' field gets populated by the email address in the current users profile, but the server is sending back a response
"SmtpException: Mailbox unavailable. The server response was: 5.7.1 Client does not have permissions to send on behalf of the from address."
As there are alot of email addresses that could be being sent from, is it possible to set up the service account so that it will have send on behalf permissions for "*#domain1.com email addresses" or do they all have to be added one at a time?
Send on behalf isn't really possible like this given how it's set. If you were OK with Send-As (so the mails would come from Service1#domain1.com versus Service1 on Behalf of bob#domain1.com), you could grant the service account send-as rights at the domain, OU, or mailbox database levels.
Related
Community,
If a user wants to register with your website, and you want to make sure the user’s email actually exists and is being used, the practice has been to create code that sends a message to the user’s email.
Nowadays, most smtp servers require authentication to accept mail. Since u cannot know your user’s email address in advance, I would like the others to enlighten me on how they are doing their email address verification.
I already know how to authenticate my message-sending application with yahoo, (and may be gmail) but how do you verify user email in the case of unknown smtp servers at which your user might have an email address ????
All I have is an email client (emClient) and a working sendgrid account. When prompted to enter an email address, I can happily put anything#mydomain.com and it will confirm that it works with SMTP. I can also send emails using this client. I authenticate with the username apikey and my api key.
However, these emails are permanently stuck in the "outbox" and are constantly sent over and over again, presumably because the client has no confirmation that they were sent. When trying to set up a new account under this domain, I setup my "incoming server" as smtp.sendgrid.net and provide my credentials and it sort-of works (after prompting me for my authentication?).
As you can see, SMTP authenticates just fine and this makes sense as I am seemingly able to send email. However, both IMAP and POP3 when I select them in the "incoming server" are stuck on this "testing" stage until they fail.
Now, if we skip ahead to me sending something out - basically, it works. I receive the email on the destination, it does not get marked as spam and it comes from my domain and my name.
However, when I attempt to receive an email on the anything#mydomain.com one, it just doesn't do anything. I don't get an error from gmail that it wasn't delivered, it simply just doesn't get delivered.
For my domain settings, I have the following configured:
Twilio SendGrid developer evangelist here.
While SendGrid allows you to send emails over SMTP or via the API, SendGrid is not a full mailbox that you can connect to over POP3 or IMAP. You cannot connect to SendGrid using an email client, that is not what it is intended for. SendGrid is not a mailbox, but a way to programmatically send and receive emails and other email based events.
The way to receive incoming emails is via the inbound parse webhook. When you have set that up, incoming emails to your configured domain will cause a webhook, an HTTP request, to be sent to a URL you configured, with all the information about the email.
I have authenticated my domain in the SendGrid, now when I specify any email (with authenticated domain) it will send the mail. I want to restrict this to Fromuser#domain.com.
Let's say I want to restrict sending mail for this user noreply#domain.com, so that it can not be miss used by any other sender from the organization. Is this possible in SendGrid?
I have opened a centralized mailbox that collects all the emails that come to my organization (for analysis).
This is done by a Transport Rule that i created which redirects all the email to this mailbox.
The problem is that when i tried to send it back to the original recipients with the EWS application it gives me this error:
ErrorSendAsDenied -
The user account which was used to submit this request does not have the right to send mail on behalf of the specified sending account., Cannot submit message.
This email was sent from outside of the organization so I guess i should grant the centrailzied mailbox SEND-AS permissions for the external email.
I have looked at the Add-ADPermission cmdlet here:
https://technet.microsoft.com/en-us/library/bb124403%28v=exchg.160%29.aspx?f=255&MSPPError=-2147217396
And tried to grant the mailbox permissions to "NT AUTHORITY\ANONYMOUS LOGON" but it doesn't recognize it,
How can grant the permissions?
Thanks!
You won't be able to resend the message as the original sender unless you own that sender domain and that is an authoritative domain (eg you can then assign rights to send as the security principal that owns that email address). Otherwise what your doing is considered spoofing and will be disallowed in the client API's for security reasons. You also don't wan't to just resend a message like that anyway eg if it has external recipients and you just resent it to all the recipients it you will be sending another copy to those external recipients in that case (which will mostly likely then just get bounced for spf reasons). What you need to know is the envelope recipients of the original message and just resend to those recipients.
A few workarounds for this would be to use the replay directory on Transport server https://technet.microsoft.com/en-us/library/bb124230(v=exchg.150).aspx this would be the most common method as it allows you control the delivery via Xheaders (eg so you can restrict which recipients get the message your resending) and gives the most flexibility but requires file level access to the Transport Server. Other EWS methods would be to look at using Moderation instead and then release the approved the messages,
I have a simple SMTP service which sends mails to all my clients. Though all my clients from a particular organization receive my mail, only one individual mail bounces back.
PS : He receives mails from another email client on the same host.
I am unable to figure out if the error is on our side or just the email settings of that particular user.
The error on the bounced mail is:
553:Sender is on user denylist
I Want to be sure before replying to client that the error is on his/her email settings.
Yes, that appears to be a specific block rule on the recipient side.
It looks like they are using McAfee Email Protection. The user or admin will probably need to adjust some settings. According to this page the intended recipient can follow these instructions:
To manage user’s block list navigate to Account Management > Users >
double-click on user > Sender Deny.