the company i work for has a client that is running an exchange 2003 server on sbs2003. currently, people from within the main location can send email out of the domain, but people connecting from outside the building through SMTP can only send email to other internal domain mailboxes but can not send email to other domains. they want to be able to let these remote smtp clients send email to anyone anywhere. nearest we can figure is there is a policy somewhere limiting this. any thought on where to look or what to change?

EDIT: should also mention they have a Barracuda spam firewall.

When you say "Outside the building", do you mean dialed in remotly to your network via a VPN link, Web based email system or at another site within your WAN?

When you say "Outside the building", do you mean dialed in remotly to your network via a VPN link, Web based email system or at another site within your WAN?

outside on their own ISPs, say from home for example with outlook.

That's a relaying thing and I can't forget where it's set in 2003. But basically the default is that if you aren't authenticated securely through the domain you can't use the smtp to send outside the domain, because if you could you have an open relay at that point and that's a huge no-no.

I would bet if your outside people connect through the VPN first they'd have no issues, which is how it should be.

Now if you are pop/smtp for outside address you need to have ssl enabled and have it require a secure login first. But I forget the specifics of how to set that up.

If you suggesting what I think you are suggesting (ie.. that you want to have an SMTP server on the internet that allows people to send emails to any domain).. I would suggest DON'T. That's an open relay and it will be used for spam email within minutes of it's discovery.

If you suggesting what I think you are suggesting (ie.. that you want to have an SMTP server on the internet that allows people to send emails to any domain).. I would suggest DON'T. That's an open relay and it will be used for spam email within minutes of it's discovery.

no. its not an open relay. the client is set to authenticate. the people that initially set the server up did this intentionally. now we are handling their IT service and they want it undone lol.