In almost every Exchange organization I have seen, there's a need to allow another server or service to send email through Exchange. Most common are reports from Backups, Spam/Internet filters, and A/V.
The Default Receive Connector is secured to not allow anonymous connections, so you'll need to create a new Receive Connector to allow non-Exchange servers to relay mail...it's easy.
In the Exchange Management Console (EMC) go to Server Management > Hub Transport. Select the Hub Transport server you want to create the new Receive Connector on, right-click choose New Receive Connector.
Name your new connector (be descriptive so those who come behind you know what the connector does) and click Next.
You can leave the local network settings alone, or you can use a dedicated IP.
**Note** A dedicated IP addresses for each connector is only required if you need to create connectors with different authentication settings.
In the Remote Network Settings select the default IP range and delete it.
Click Add and enter the IP address of the server you want to allow to relay through Exchange.
Click OK, then Next.
Click New.
The Receive Connector has populated, but it's not ready for relaying.
Right-click your new Receive Connector, then Properties.
Hit the Permission Groups tab and select the Exchange Servers checkbox.
Hit the Authentication Tab and select the Externally Secured checkbox.
Apply the changes.
Since we pared down the remote IP range to a single IP address, all other servers will be denied relaying through the Exchange Server. You can add more IP, ranges, and subnets later on by editing the Connector Properties.
**Note** You may have to restart the Transport Service if the connector settings aren't picked up right away and you get mailflow errors.
Duplicating Custom Connectors to other Hub Transport Servers
If you have multiple Hub Transport servers that need the custom connector, you can clone them over two PowerShell commands.
Fire up the Exchange Management Shell (EMS).
First you have to retrieve the list of remote IP addresses from the existing receive connector by running:
$ips = (Get-ReceiveConnector "Server Name\Connector Name").RemoteIPRanges
**Note** Replace the Server Name and Connector Name with the one you are duplicating.
To create the new relay connector on the other Hub Transport server, run:
New-ReceiveConnector -Name "Connector Name" –Server Server Name” -Usage Custom -AuthMechanism ExternalAuthoritative -PermissionGroups ExchangeServers -Bindings 0.0.0.0:25 -RemoteIPRanges $ips
All done!
Microsoft Enterprise Messaging tips, tricks, and general help.
No comments:
Post a Comment