Thanks Deni. Relayi9ng works perfectly when the users are logged into the domain. Only fails when users are using the SMTP server to send messages to users not in our domain. I was checking the "Relay Restrictions" from the "Default SMTP Virtual Server Properties" --> "Access" tab and note that "Allow all computers which successfully authenticate to relay, regardless of the list above" and wondered, will the computers really authenticate when the user is external to the domain? Shouldn't relaying be based on user rather than machine authentication? So I figured that I'd disable this option and specify users instead. So I proceeded to make sure that Authenticated users were allowed to relay. However, for users who have their messages being forwarded to their external accounts, senders started getting bounced message with the same error message 5.7.1. Which account does Exchange use to forward user messages on their behalf? In any case, wouldn't that account be under authenticated users anyway? These relaying shenanigans are driving me up the wall. I'm about to start forwarding all email to a Smarter Host as my users are starting to get rather agitated and a quick solution seems far away. Cheers, Anthony.