Tech or Treat! Write an article about your scariest tech disaster to win gadgets!Learn more

x
?
Solved

Exchange 2007 - Creating Internal Trusted Relay

Posted on 2009-04-07
10
Medium Priority
?
647 Views
Last Modified: 2012-05-06
I have a copier that can not seem to authenticate when sending mail. It is setup to scan documents and email them to us. Previously I used a Fedora server and made its IP address trusted so it could relay mail. Does exchange have the ability to be an open relay based on ip addresses?
0
Comment
Question by:celoedus
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
10 Comments
 
LVL 65

Expert Comment

by:Mestha
ID: 24089267
Is it emailing external people as well, or just internal people?

Simon.
0
 

Author Comment

by:celoedus
ID: 24091407
Internal Only.
0
 
LVL 8

Expert Comment

by:big_daddy0690
ID: 24091867
You need to add a receive connector to allow this.
 
  1. In the Exchange Management Console expand Server Configuration and select Hub Transport.
  2. Select your exchange server then on the right side click New Receive Connector.
  3. Name your connector for example "Internal Trusted Relay" and select Custom for the connector type. Next
  4. Specify your FQDN for the connector. Next
  5. Remove the default remote IP range and add the IP address(es) or range(s) that you wish to allow relaying.
  6. Next, New, Finish.
  7. Right click the new connector and select Properties.
  8. Configure the options within the Authentication and Permission Groups tabs as appropriate.
Note - If you need to allow Anonymous users to send to external recipients then you will need to manually add that permission with the following command using the Management Shell.

Get-ReceiveConnector Receive Connector Name | Add-ADPermission -User NT AUTHORITY\ANONYMOUS LOGON -ExtendedRights Ms-Exch-SMTP-Accept-Any-Recipient
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
LVL 8

Expert Comment

by:big_daddy0690
ID: 24091886

Get-ReceiveConnector Receive Connector Name | Add-ADPermission -User NT AUTHORITY\ANONYMOUS LOGON -ExtendedRights Ms-Exch-SMTP-Accept-Any-Recipient

Open in new window

0
 
LVL 65

Expert Comment

by:Mestha
ID: 24092629
If it is internal only then you shouldn't need to do anything. Are you using an Edge server? If not then you should already have anonymous enabled on the receive connector. If you are using an Edge then simply enable anonymous on the Receive Connector.

You shouldn't need to add a new connector, the existing ones will be fine.

Simon.
0
 
LVL 8

Accepted Solution

by:
big_daddy0690 earned 1000 total points
ID: 24101300
That was not the case when I was setting up my Exchange 2007 server. I have all roles installed on the same server and it would not accept mail from anything other then Outlook Clients and our Exchange 2003 server.

Currently I have two connectors. One for Outlook clients connecting on port 587 and one for internal relay.
0
 
LVL 65

Assisted Solution

by:Mestha
Mestha earned 1000 total points
ID: 24101447
By default the connectors are configured in that way, because Microsoft is expecting everyone to have an Edge server. All you need to do is enable anonymous on the Connector for port 25.

Simon.
0
 
LVL 8

Expert Comment

by:big_daddy0690
ID: 25559011
I feel that the question was answered by Mestha and myself. My suggestion would be to split the point between us.

Thanks,
Bob
0

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are times when we need to generate a report on the inbox rules, where users have set up forwarding externally in their mailbox. In this article, I will be sharing a script I wrote to generate the report in CSV format.
As much as Microsoft wants to kill off PST file support, just as they tried to do with public folders, there are still times when it is useful or downright necessary to export Exchange mailboxes to PST files. Thankfully, it is still possible to e…
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

647 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question