Server error: ‘550 5.7.1 Unable to relay’

Issue: User unable to send out email. Error message :Server error: ‘550 5.7.1 Unable to relay’

1)Check email account settings.
2)Make sure smtp server is correct
3) In email account settings, more settings, Outgoing Server,  make sure there a tick for “My outgoing server (SMTP) requires authentication” and Use same settings as my incoming mail server is selected.


Exchange 2013 – POP3 users unable to receive emails

POP3 users unable to receive emails but Exchange users and OWA are working fine.

Error Message:
Log onto incoming mail server (POP3): Your server does not support the connection encryption type you have specified. Try changing the encryption method. Contact your mail server administrator or Internet service provider (ISP) for additional assistance.


1) In EMS, type Get-ServerComponentstate -Identity <mailservername> to check

If the result is:

2) Type Set-ServerComponentState -Identity <mailservername> -Component PopProxy -Requester HealthAPI -State Active

3) Type Get-ServerComponentstate -Identity <mailservername> to confirm PopProxy’ s state is active.

4) POP3 users should able to receive their incoming mails.


Exchange Server 2013 – Change message size limit

Beside changing the Maximum send size (for send connectors) and Maximum receive size (for receive connectors) in ECP (Exchange Admin Center).

In Exchange Management Shell, need to change Global Transport configuration settings.

To change Global Transport configuration settings for  MaxSendSize  to 30MB & MaxReceiveSize to 50MB:
Set-TransportConfig –MaxSendSize 30MB –MaxReceiveSize 50MB

To double check:
Get-TransportConfig | ft MaxSendSize, MaxReceiveSize
Get-SendConnector | ft name, MaxMessageSize
Get-ReceiveConnector | ft name, MaxMessageSize


Couldn’t open connection to server

Problem: I encountered error message “Couldn’t open connection to server” when trying to configure Android mobile.


Made changes in AD security, then configure mobile.

Active Directory:
1) Go to Active Directory Users and Computers
2) Click on View, check Advanced Features
3) Right click on user account and selects Properties
4) Click on Security tab and Advanced button
5) Check the box for “Allow inheritable permissions from the parent to propagate to his object and all child objects. Include these with entries explicitly defined here.”

1) Go to Settings
2) click on Add account under Accounts column
3) Select Email and then Microsoft Exchange ActiveSync
4) Type in the email address and password and click Next
5) Type in the Domain\Username, Server
Check Use secure connection (SSL)
Check Accept all SSL certificates
port should be 443
Click Next
6) Click Next and give the account a name.
7) Click Next and you are done.

NOTE: Mine is Asus Zenfone 6 and Android version is 4.4.2

Reset Password in EAC

I wanted to be able to reset password in Exchange Admin Center (EAC).

When I trying to add Reset Password role for Organization Management, I encountered error message:
You don’t have access to create, change, or remove the “Reset Password-Organization Management” management role assignment. You must be assigned a delegating role assignment to the management role or its parent in the hierarchy without a scope restriction.
Exit EAC.

So I opened Exchange Management Shell (EMS), run Add-pssnapin Microsoft*, Install-CannedRbacRoles & Install-CannedRbacRoleAssignments to reinstall RBAC. Exit EMS.

Login to EAC, I was able to add Reset Password role for Organization Management.

Click on Recipients, mailboxes, double-click on any email account. The Reset Password option is shown in General tab.


Exchange Server 2013 – unable to send emails to certain companies, “421 4.4.2 Connection dropped due to SocketError.”

Error Message:
“Remote Server at (xx.xx.xx.xx) returned ‘400 4.4.7 Message delayed’
1/21/2014 9:52:30 AM – Remote Server at (xx.xx.xx.xx) returned ‘441 4.4.1 Error encountered while communicating with primary target IP address: “421 4.4.2 Connection dropped due to SocketError.” Attempted failover to alternate host, but that did not succeed. Either there are no alternate hosts, or delivery failed to all alternate hosts. The last endpoint attempted was xx.xx.xx.xx:25′”

My solution:
Set-SendConnector “(connector name)” -ForceHELO $true
After changed ForceHELO value to true, I can see mails started to go out in Queue Viewer.

Other solutions [not suitable for everyone including me :P]
1) Change the MTU value:
– Run regedit, go to \H_L_M\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces
– Choose relevant network interface (e.g. check IP address, Default gateway, DNS)
– Create New DWORD named MTU with decimal value of 1400

2) Change IgnoreSTARTTLS value to true
Set-SendConnector “(connector name)” -IgnoreSTARTTLS $true