I am installing a new server with Exchange 2007. I have two recieve connectors. one with the FQDN of the internal server (i.e. server.domain.local) and one for the Internet with a FQDN for the public address of the server (i.e. mail.domain.com). When I try to telnet to port 25 on this server from an external location, I get "220 server.domain.local Microsoft ESMTP MAIL Service", when I would expect "220 mail.domain.com Microsoft ESMTP MAIL Service". If I proceed with the test then in response to the "rcpt to" statement, I get "550 5.7.1 Unable to relay for firstname.lastname@example.org". I am interpreting this as the internal connector recieveing external email, but I do now know how or why. The only clue I have is an error in the event log "Receive connector 192.168.1.1:25 requires Transport Layer Security (TLS) before the MailFrom command can be run, but the server can't achieve it. Check the authentication settings of this connector."
While I have googled this, it does not mean much to me. The implication would be that I have somehow messed up the certificate for the recieve connector, but I do not know if this is correct or how to correct it. I am afraid certificates are a bit of a black art to me!
Can anyone advise/help?
The internal connector is set to TLS authentication with Basic, Exchange and Intergrated also ticked. Permissions are all set except partners
The Internet connector is set to TLS authentication and permissions to only anonymous.