Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Receive connectors SBS 2011 / Exchange 2010

Posted on 2011-09-06
9
Medium Priority
?
1,590 Views
Last Modified: 2012-06-27
I should be able to figure this out, but I must be missing something..  I uninstalled Trend Micro and somehow in the process it wiped out some settings in my receive connectors.  The main symptom was that although Exchange email continued to flow, a few people who get their email via POP who are outside the network could no longer send or receive email.  I was able to fix that, but in the process they could no longer send mail if they had their client configured to require authentication.  At this point I am not sure what settings each of the connectors should have for Authentication and Permission Groups.  I need to be able to send/receive mail to and from the internet, send/receive mail from a fax device within the network, and I need my POP clients to be able to send/receive email without an open relay.  I know this is simple, and I'm probably overthinking it, but it's driving me nuts!
0
Comment
Question by:landiiiks2
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
9 Comments
 
LVL 14

Expert Comment

by:setasoujiro
ID: 36490594
ok,

send connector should require authentication

the receive connector should allow anonymous connection to receive internet mail.

also check if you require pop or secure pop (port difference)
0
 

Author Comment

by:landiiiks2
ID: 36491023
I really didn't think anything had happened to the send connector, but maybe I'm wrong.  I looked at the output of get-sendconnector |fl and couldn't tell whether authentication is required.  Did I just miss it?  The receive connector does allow anonymous connection, I am just not sure what else needs to be checked on that page and on the authentication page.  I don't require secure POP.  Thanks...
0
 

Author Comment

by:landiiiks2
ID: 36491394
I found this answer - run the following command:  Get-ReceiveConnector "YourReceiveConnectorName" | Remove-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON" -ExtendedRights "ms-Exch-SMTP-Accept-Any-Recipient".  Is that what will fix it and require authentication for outgoing email?  I need to find the answer fast because it appears that I do have an open relay at the moment.  Thanks!
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 14

Expert Comment

by:setasoujiro
ID: 36492173
as i said, the send connector should only allow authenticated users/your lan IP range to send mail
receive should allow anonymous.

alsdo you can do this from the management console, and do not need the shell for this
0
 

Author Comment

by:landiiiks2
ID: 36492209
Well, the command failed anyway, said the ACE didn't exist.  And I don't see anywhere in the send connector settings that allow me to set what you say.  It would have to be authenticated users, not IP range because of the POP3 users.  
0
 
LVL 14

Accepted Solution

by:
setasoujiro earned 2000 total points
ID: 36492248
OK check this:

under server config-->Hub TRansport--> receive connectors --> properties
check if anonymous is allowed there
this should be marked, also exchange users and servers
and network should be all

that should be it
0
 
LVL 14

Expert Comment

by:setasoujiro
ID: 36492282
also forgot to say: TLS should also be enabled under authentication, in order to have pop3 ppl send mails through your server
0
 
LVL 14

Expert Comment

by:setasoujiro
ID: 36492286
on the same receive connector
0
 

Author Closing Comment

by:landiiiks2
ID: 36922004
I think this was the complete answer - I ended up opening up an incident wtih Microsoft and the guy didn't know what he was doing - I had it just about working before he called me back and then he messed things up even worse, and finally I fixed it myself.  So I'm not even sure to this day what else wasn't right but it's working now and I appreciate the help.
0

Featured Post

Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you troubleshoot Outlook for clients, you may want to know a bit more about the OST file before doing your next job. IMAP can cause a lot of drama if removed in the accounts without backing up.
Want to know how to use Exchange Server Eseutil command? Go through this article as it gives you the know-how.
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question