To understand what this message means, we need to understand, at least at a conceptual level, how email makes its way from your outbox to your recipient’s inbox.
That trip can be short or long, depending on a number of factors.
And one of those factors is the relay.
Become a Patron of Ask Leo! and go ad-free!
- How email gets from your outbox to your recipient’s inbox is complex magic.
- Multiple servers can be involved, including servers that simply relay messages from one to another.
- When neither the sender nor recipient is known to the server, it’s considered an “open relay”.
- Open relays can be abused by spammers, and are therefore denied.
- Today, “relaying denied” is typically the result of server misconfigurations you have no control over.
- There are a few things you can double check, just in case.
Email, in concept, is magic
When you send a message using the email program on your computer, you may have a picture like this in your mind about what’s happening:
You send email, magic happens, and your recipient downloads it.
We need to look a little more closely at that magic.
Email and servers
In reality, sending an email message is a multi-step process, even at the highest level.
Here’s what happens:
- Your email program contacts your ISP’s email server (or the server of whatever email provider you use) and sends that message to that server, typically using SMTP: Simple Mail Transport Protocol.
- Your ISP’s email server sees the domain (the part after the “@” in an email address) of your intended recipient, and looks up the internet server responsible for handling that domain’s email. (The “MX” record in the Domain Naming System or DNS contains this information.)
- Your ISP’s email server contacts that server directly, and, once again using the SMTP protocol, sends the email on.
- The receiving server, because it handles email for the recipient’s domain, accepts the email, examines the email name (the part before the “@”), and places the message into the mailbox for that email name.
- Your recipient eventually downloads email to his PC, typically using POP3 or IMAP protocols.
That’s what happens most of the time.
But it wasn’t always so.
Email and relay servers
The email system — like the internet itself — is designed to be both flexible and robust.
The scenario above assumes that any ISP’s email server can connect directly to any other ISP’s email server to deliver email. Particularly in the early days, that wasn’t always possible. Even today, it’s possible that your ISP’s email server may not be able to connect directly to the email server of your message’s intended recipient.
The result is that a middleman gets involved: the relay server.
The job of a relay server is to accept email from a server on one side, and pass it on to a server on the other. In other words, its job is to “relay” that email.
In fact, in the first scenario above (without the middleman), your ISP’s email server is acting as a relay as well; it’s accepting mail on one side (from you) and sending it on to the other (the recipient’s server).
Email relaying and spam
This is where spam, or rather spam prevention, complicates things.
When you send email through your ISP, you “authenticate” as you send, usually by including your account ID and password in your email program’s email-sending (SMTP) configuration. This means your ISP knows who you are, and that you have the authority to send email to anyone through the server.
When your ISP’s server contacts the recipient’s server, it does not authenticate. The receiving server looks at the destination of the email, knows it’s for a domain it manages, and therefore knows it is supposed to accept email for that domain from anyone.
Each server in the path accepts the email either because:
- The sender has authenticated and is allowed to send anything
- The server handles email for the recipient.
So, what happens if a server tries to send mail to another server without authentication, and that server also doesn’t handle the email for the intended recipient?
You guessed it: relay denied.
When an email server receives an email:
- If the sender of an email has not been authenticated
- If the recipient of that message is not handled by that server
it’s considered a request to relay that message on to its final destination.
A server that would accept email from just anyone and forward it on as needed is called an “open relay”, meaning anyone could use it without accountability. In other words, spammers.
Most servers deny relays specifically to prevent spam. Open relays were once a commonplace and convenient way to connect up and send email. Today an open relay is considered a serious security hole, as it allows spammers unfettered access to send their junk.
Dealing with “Relaying Denied”
With all that as background, what do you do if you get a “relaying denied” message in response to something you sent?
- Double-check your own email program’s configuration — specifically its SMTP settings — making sure you’re following your ISP’s instructions.
- Double-check the email address you’re sending to, making sure that it’s correct.
- Try again later.
In reality, the vast majority of “relaying denied” messages today are due to email server configuration errors over which you have no control. When email starts to fail, server administrators often hear about it quickly and move to fix whatever caused the issue.
Trying again in a few hours, or a few days, is often the most effective solution.
If you found this article helpful, I'm sure you'll also love Confident Computing! My weekly email newsletter is full of articles that help you solve problems, stay safe, and give you more confidence with technology. Subscribe now and I'll see you there soon,