Exchange 550 5.7.1 RESOLVER.RST.AuthRequired; authentication required

We have faced the following error when were trying to send an email outside organization to the (from the Gmail) to a distribution group (list) or a public folder (mail enabled public folder) in a domain with the Exchange (the same problem may occur in Office 365 tenant).

The email is not delivered to the recipient, the sender receives a non-delivery report, and an error appears in the Exchange Server logs:
Action: failed

Status: 5.7.1

Diagnostic-Code: smtp; 550 5.7.1 RESOLVER.RST.AuthRequired; authentication required

remote server returned '550 5.7.1 resolver.rst.authrequired; authentication required

Note. Exchange distribution groups allow you to organize a single email address for multiple recipients (customers, partners or users). Thus, instead of sending an email to several recipients, you can send it to one email address and the email will be delivered to all group members.

This is because by default Exchange organization policy is required to authenticate in order to send the email to the distribution group. By default, sending email to a distribution group is allowed only within the domain. Since the external sender is not an authenticated user of your domain, it receives a non-delivery report with the code 550 5.7.1 RESOLVER.RST.AuthRequired.

In Exchange 2010/2007 you can disable authentication requirements when sending emails to a specific distribution group. To do this:

  1. Run the Exchange Management console and go to the section Recipient Configuration > Distribution Group;
  2. In the list of distribution groups of your Exchange forest, find the Distribution Group name that you are having trouble with and open its Properties;
  3. Go to the Mail Flow Settings tab;
  4. Select an item Message Delivery Restrictions and press Properties button;
  5. Uncheck the option “Require that all senders are authenticated”; 550 5.7.1 resolver.rst.authrequired; authentication required
  6. Click OK to save changes;
  7. Try to send another test email to the distribution group from the external mailbox.
READ ALSO  How to Reset Virtual Directories and ECP on Exchange 2016?

You can also turn off authentication when receiving emails for the certain distribution group using Exchange Management Shell:

set-DistributionGroup -identity YourDistributionList -RequireSenderAuthenticationEnabled: $false

Or like this:

set-DynamicDistributionGroup -identity YourDistributionList -RequireSenderAuthenticationEnabled: $false

There is more advanced way: if you receive mail from outside via an external relay, you can configure a separate connector with authorization of the postfix/exim mail server in your domain.

In Office 365, similar problems may arise when you receive email to the Public Folder. You can change the permissions for the Public Folder using Powershell:

Add-PublicFolderClientPermission -identity "\yourpublicfolder1" -User Anonymous -AccessRights CreateItems

Add-PublicFolderClientPermission -identity "\yourpublicfolder1" -User Default -AccessRights CreateItems

Current permissions to the public folder can be displayed as follows:

Get-PublicFolderClientPermission -identity "\yourpublicfolder1"

Now try sending again, watch your logs in Exchange via the Toolbox Message tracking tool and hopefully you will now have success and no error.

Cyril Kardashevsky
Latest posts by Cyril Kardashevsky (see all)
READ ALSO  GPT or MBR: How to Check HDD Partition Table Style

2 comments

  1. Is there a way we could allow a specific external sender address or domain to be able to send mail to the distribution group without uncheck box for authentication

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.