pcteamadmin
asked on
Exchange 2007 Message Header and IP
I have recently installed an Exchange 2007 server in my organization. The server is located behind a firewall, and withing the firewall I port the public IP over to the private IP address. I would like to keep this setup if possible.
Though, whenever mail is sent out, the message headers state the internal machine name and private IP address of the server. I need to change this so it sends mail out as the public IP and puclic machine name I used for my MX record, but I don't see where I can do this at.
When I telnet to the server, the helo information has my public name.
How do I set this up?
The information is similar to:
Internal IP of Mail Server: 192.168.1.1
Internal Machine Name: myserver.corp.mydomain.com
Public IP: 72.242.17.25
Public name/MX: mail.mydomain.com
Thanks for your help.
Tom
Though, whenever mail is sent out, the message headers state the internal machine name and private IP address of the server. I need to change this so it sends mail out as the public IP and puclic machine name I used for my MX record, but I don't see where I can do this at.
When I telnet to the server, the helo information has my public name.
How do I set this up?
The information is similar to:
Internal IP of Mail Server: 192.168.1.1
Internal Machine Name: myserver.corp.mydomain.com
Public IP: 72.242.17.25
Public name/MX: mail.mydomain.com
Thanks for your help.
Tom
ASKER
I already have the public name setup in the send connector.
Like I had stated above, the HELO is the way I want it. It's the message header that I want to change.
Like I had stated above, the HELO is the way I want it. It's the message header that I want to change.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Exchange 2007 does not out of the box does not modify the p2 headers where we you will see the servers that the message has passed through. You can in Exchange 2003 remove that information from mail messages before they are sent out to the Internet. In order to do that you will need to remove the ms-exch-send-headers-routi ng permissions from the nt \authoritiy\anonymous users from the last send connector that is touching the mails as they are send out to the Internet. Typically this will be your edge server. Here are some steps on how you can do that on your Exchange server. You will need to use the Exchange Management Shell to change those permissions.
1. In the powershell type in the following get-sendconnector and press enter. This is so that we can get the identity of the you Send connector. This will be the connector that has the address space of asterisk.
2. Type in remove-adpermission -identity edgesync -default first site name to internet -user nt authority\anonymous login -extendedrights Ms-Exch-Send-Headers-Routi ng
Note: In the identity section you will need to put the identity of the send connector that we got from running the get-sendconnector command.
3. Then press enter. This will remove the ms-exch-send-headers-routi ng right for the user nt authoritiy\anonymous login on your send connector. If you want to add this permission back you use the exact command above except replace remove-adpermission to add-adpermission.
I have also included below a link to technet site that talks about permissions on the send connector.
Send Connectors
http://technet.microsoft.com/en-us/aa998662.aspx
1. In the powershell type in the following get-sendconnector and press enter. This is so that we can get the identity of the you Send connector. This will be the connector that has the address space of asterisk.
2. Type in remove-adpermission -identity edgesync -default first site name to internet -user nt authority\anonymous login -extendedrights Ms-Exch-Send-Headers-Routi
Note: In the identity section you will need to put the identity of the send connector that we got from running the get-sendconnector command.
3. Then press enter. This will remove the ms-exch-send-headers-routi
I have also included below a link to technet site that talks about permissions on the send connector.
Send Connectors
http://technet.microsoft.com/en-us/aa998662.aspx
Simon.