We have faced the following error when were trying to send an email outside organization to the (from the Gmail) to a distribution group (list) or a public folder (mail enabled public folder) in a domain with the Exchange (the same problem may occur in Office 365 tenant).
The email is not delivered to the recipient, the sender receives a non-delivery report, and an error appears in the Exchange Server logs:
Diagnostic-Code: smtp; 550 5.7.1 RESOLVER.RST.AuthRequired; authentication required
Note. Exchange distribution groups allow you to organize a single email address for multiple recipients (customers, partners or users). Thus, instead of sending an email to several recipients, you can send it to one email address and the email will be delivered to all group members.
This is because by default Exchange organization policy is required to authenticate in order to send the email to the distribution group. By default, sending email to a distribution group is allowed only within the domain. Since the external sender is not an authenticated user of your domain, it receives a non-delivery report with the code 550 5.7.1 RESOLVER.RST.AuthRequired.
In Exchange 2010/2007 you can disable authentication requirements when sending emails to a specific distribution group. To do this:
- Run the Exchange Management console and go to the section Recipient Configuration > Distribution Group;
- In the list of distribution groups of your Exchange forest, find the Distribution Group name that you are having trouble with and open its Properties;
- Go to the Mail Flow Settings tab;
- Select an item Message Delivery Restrictions and press Properties button;
- Uncheck the option “Require that all senders are authenticated”;
- Click OK to save changes;
- Try to send another test email to the distribution group from the external mailbox.
You can also turn off authentication when receiving emails for the certain distribution group using Exchange Management Shell:
set-DistributionGroup -identity YourDistributionList -RequireSenderAuthenticationEnabled: $false
Or like this:
set-DynamicDistributionGroup -identity YourDistributionList -RequireSenderAuthenticationEnabled: $false
There is more advanced way: if you receive mail from outside via an external relay, you can configure a separate connector with authorization of the postfix/exim mail server in your domain.
In Office 365, similar problems may arise when you receive email to the Public Folder. You can change the permissions for the Public Folder using Powershell:
Add-PublicFolderClientPermission -identity "\yourpublicfolder1" -User Anonymous -AccessRights CreateItems Add-PublicFolderClientPermission -identity "\yourpublicfolder1" -User Default -AccessRights CreateItems
Current permissions to the public folder can be displayed as follows:
Get-PublicFolderClientPermission -identity "\yourpublicfolder1"
Now try sending again, watch your logs in Exchange via the Toolbox Message tracking tool and hopefully you will now have success and no error.