If you have applications which need to send emails through the Exchange 2007 Receive Connecter, even if you allow the anonymous user on the Permission Groups of the connecter, the anonymous user is not allowed to relay to Email Adresses outside the corporation.

Therefore you get following error:

550 5.7.1 Unable to relay

5.7.1: The sender is not authorized to send e-mail messages to this e-mail address. Possible causes: 1)The session is not authenticated and does not have the ‘ms-Exch-SMTP-Submit’ permission. 2)The session is authenticated but does not have the ‘ms-Exch-SMTP-Submit’ permission. 3)The ‘MAIL FROM’ command specified an address at an authoritative domain and the session does not have the ‘ms-Exch-SMTP-Accept-Authoritative-Domain-Sender’ permission. 4)The authenticated user does not have permission to submit on behalf of the sender address specified in the header of the message and the session does not have the ‘ms-Exch-SMTP-Accept-Any-Sender’ permission. 5)The recipient domain does not match any of the accepted domains and the session does not have the ‘ms-Exch-SMTP-Accept-Any-Recipient’ permission. 6)The recipient domain is rejecting all mail from this server using a block list.

Use following cmdlet to enable relaying for anonymous user:

Get-ReceiveConnector “Default ex1″ | Add-ADPermission -User “NT Authority\Anonymous logon” -ExtendedRights “ms-Exch-SMTP-accept-Any-Recipient”

Share/Bookmark