XCON: NTLM Authentication Does Not Work Between Exchange Server 5.5 Internet Mail Service and Windows 2000 SMTP Stack (295439)

MORE INFORMATION

This problem is documented in the Exchange 2000 Release Notes.

The protocol logs show that the authentication itself works, but the communication afterward does not work. The SMTP Protocol log of Exchange Server 5.5 contains an output that is similar to the following (for mail flow from Exchange Server 5.5 to Windows 2000):

4/4/01 4:55:59 PM : A connection to xxx.xxx.xxx.xxx was established.
4/4/01 4:55:59 PM : IO: 220 w2k.test.com Microsoft ESMTP MAIL Service, Version: 5.0.2195.1600 ready at Wed, 4 Apr 2001 17:38:21 +0200
4/4/01 4:55:59 PM : 220 w2k.test.com Microsoft ESMTP MAIL Service, Version: 5.0.2195.1600 ready at Wed, 4 Apr 2001 17:38:21 +0200 4/4/01 4:55:59 PM : >>> EHLO e55.dummy.com
4/4/01 4:55:59 PM : IO: 250-w2k.test.com Hello [yyy.yyy.yyy.yyy]
250-AUTH GSSAPI NTLM
250-TURN
250-ATRN
250-SIZE 2097152
250-ETRN
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-8bitmime
250-BINARYMIME
250-CHUNKING
250-VRFY
250 OK
4/4/01 4:55:59 PM : 250-w2k.test.com Hello [yyy.yyy.yyy.yyy]
250-AUTH GSSAPI NTLM
250-TURN
250-ATRN
250-SIZE 2097152
250-ETRN
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-8bitmime
250-BINARYMIME
250-CHUNKING
250-VRFY
250 OK
4/4/01 4:55:59 PM : AUTH NTLM TlRMTNTUAABAAAt5IAQAcABwAgBAAAAAAAAAAAAAAABELUVYU1JWAAAAAAAAAA==
4/4/01 4:55:59 PM : IO: 334 TlRMTVNTUAACAAAADgAOADAAAAC1goFABpOL40iMvvcAAAAAAAAAJQAlAA+AAAAUwBNAFQAQQBIAE8ARQACQAA4AUwBNAFQAQQBIAE8ARQABABAVwAyAEsAVABBAEgATwBFAFMATQAEACQAdABhAGgAbwBlAHQAZQBzAHQALgZBtAHMAZgB0AC4AYwBvAG0AAwA6AHcAMgBrAHQAYQBoAG8AZQBzAG0ALgB0AGEAaABvAGUAdABlAHMAdAAuAG0AcwBHmAHQALgBjAG8AbQAAAAAA
4/4/01 4:55:59 PM : 334 TlRMTVNTUAACAAAADgAOADAAAAC1goFABpOL40iMvvcAAAAAAAAAAJQAlAA+AAAAUwBNAFQAQQBIAE8ARQCAA4AUwBNAFQAQQBIAE8AARQABABQAVwAyAEsAVABBAEgATwBFAFMATQAEACQAdABhAGgAbwBlAHQAZQBzAHQALgBtAHMAZgB04AC4AYwBvAG0AAwA6AHcAMgBrHQAYQBoAG8AZQBzAG0ALgB0AGEAaABvAGUAdABlAHMAdAAuAG0AcwBQmAHQALgBjAG8AbQAAAAAA
4/4/01 4:55:59 PM : TlRMTVNTUAATDAAZAAGAAYAHYAAAAYABgAjgAAAA4ADgBAAAAAGgAaAE4AAAAOAA4AaAAAABAAEACmAAAAtYKBQFMATQBUAEEASABPAEAQQBkAG0AaQBuAGkAcwB0AHIAYQB0AG8AcgBWAEUAQwBfAE4ABVABFAO8vcWp+tVatUrAF8Hc1nen0i9mUF3HSToedG9e1J/S2h9wNllxIRqn2oTAnFvF6V5VrvRzIxH2n4mxaVdzZ98=
4/4/01 4:55:59 PM : IO: 235 2.7.0 Authentication successfull
4/4/01 4:55:59 PM : 235 2.7.0 Authentication successfull
4/4/01 4:55:59 PM : MAIL FROM: user@dummy.com SIZE=857 RET=FULL

4/4/01 5:01:01 PM : A connection to xxx.xxx.xxx.xxx was established.
4/4/01 5:01:01 PM : IO: 220 w2k.test.com Microsoft ESMTP MAIL Service, Version: 5.0.2195.1600 ready at Wed, 4 Apr 2001 17:43:24 +0200
4/4/01 5:01:01 PM : 220 w2k.test.com Microsoft ESMTP MAIL Service, Version: 5.0.2195.1600 ready at Wed, 4 Apr 2001 17:43:24 +0200
4/4/01 5:01:01 PM : EHLO e55.dummy.com
4/4/01 5:01:01 PM : IO: 250-w2k.test.com Hello [yyy.yyy.yyy.yyy]
250-AUTH GSSAPI NTLM
250-TURN
250-ATRN
250-SIZE 2097152
250-ETRN
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-8bitmime
250-BINARYMIME
250-CHUNKING
250-VRFY
250 OK
4/4/01 5:01:01 PM : 250-w2k.test.com Hello [yyy.yyy.yyy.yyy]
250-AUTH GSSAPI NTLM
250-TURN
250-ATRN
250-SIZE 2097152
250-ETRN
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-8bitmime
250-BINARYMIME
250-CHUNKING
250-VRFY
250 OK
4/4/01 5:01:01 PM : AUTH NTLM TlRMTVZNTUAZADAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABD/////////fw==
4/4/01 5:01:02 PM : IO: 535 5.5.4 Cannot authenticate parameter
4/4/01 5:01:02 PM : 535 5.5.4 Cannot authenticate parameter
4/4/01 5:01:02 PM : QUIT
4/4/01 5:01:02 PM : IO: 221 2.0.0 w2k.test.com Service closing transmission channel
4/4/01 5:01:02 PM : 221 2.0.0 w2k.test.com Service closing transmission channel

For SMTP communication from Exchange Server 5.5 to Exchange 2000, the following entry may be logged in the SMTP Protocol log during the second authentication attempt:

4/5/01 11:16:32 AM : AUTH NTLM TlRMMTVNTUAADAADAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABD/////AADAAA==
4/5/01 11:16:32 AM : 499 No routing hosts are reachable for test.com. Message subject: ""Test"". Rescheduling delivery for later.

XCON: NTLM Authentication Does Not Work Between Exchange Server 5.5 Internet Mail Service and Windows 2000 SMTP Stack (295439)

SYMPTOMS

CAUSE

WORKAROUND

STATUS

MORE INFORMATION