Password recovery fails with error "550 5.7.1 Unable to relay for [email protected]_mail.com" in "SecurityNotifyTask-0.log"

A forgotten password needs to be recovered using option "Forgot your password ?" on Symantec Endpoint Protection Manager (SEPM) console logon screen.

Username for the password recovery and SEPM domain are typed in correctly.

After enabling Apache Tomcat debugging for SEPM Server with "" parameter described in TECH230072, debug log called "SecurityNotifyTask-0.log" shows following error by after SEPM sends the mail for password recovery:

[email protected]_mail.com 22/03/2018 01:11 PM

550 5.7.1 Unable to relay for [email protected]_mail.com

(* where "[email protected]_mail.com" is the actual SEPM administrator mail)

Exchange Server denies to forward your mail from SEPM Server`s built-in SMTP Server with password reset link to the desired user.

You should allow relaying mails from SEPM Server on your Exchange Server. 

To achive that you need to use a Exchange System Manager. You can allow a computer hosting SEPM to relay mails via Exchange Server using options and of Exchange System Manager described in following articles:

https://support.microsoft.com/en-ie/help/324958/how-to-block-open-smtp-relaying-and-clean-up-exchange-server-smtp-queu

https://technet.microsoft.com/en-us/library/dd277329.aspx

Please note however, that option may vary in different Exchange System Manager versions. For more details please ask the Exchange System Manager manufacturer.