I recently had an issue with a new Exchange 2007 server which could send emails to other Exchange 2003 users, and outgoing Internet emails, but when the Internet user replied, they got the following error message:
Delivery has failed to these recipients or distribution lists:
blah@blah.com
Your message wasn't delivered because of security policies. Microsoft Exchange will not try to redeliver this message for you. Please provide the following diagnostic text to your system administrator.
The following organization rejected your message: mailserver.blah.com
Sent by Microsoft Exchange Server 2007
Diagnostic information for administrators:
Generating server: blah.com
blah@blah.com
mailserver.blah.com #550 5.7.1 Client does not have permissions to send as this sender ##
Original message headers:
.....
After much hunting around I found that this was because the default recieve connectoron "mailserver" hadn't been configured to accept unauthenticated connections (like SMTP from outside the organisation). Running the following command fixed it immediately, and no, it doesn't mean your system can be used to relay.
Add-AdPermission -Identity "Default MAILSERVER" -User "NT AUTHORITY\Authenticated Users" -ExtendedRights ms-Exch-SMTP-Accept-Any-Sender
I hope this helps you out, and feel free to click on the ads on the side of the page to show your appreciation.