Solved

Creating Exchange 2007 Receive connector

Posted on 2012-04-10
6
492 Views
Last Modified: 2012-07-24
We have Exchange 2007 configured as single server. We are moving from an in house spam filtering device to a hosted spam solution.  The hosted spam solution will receive all mail externally and then in turn forward to our Exchange server/Network.  I have created a new Receive Connector and added the IP of the internal network card on the firewall as allowed to relay. I have also set as anonymous access. When I test the setup by unchecking the Anonymous access on my Default Receive Connector and save all settings, mail flow stops.  I need to know what the best steps are to configure a new receive connector for mail coming from my firewall and not have anonymous access enabled on the default Receive Connector. I don't want the server open for anyone to send from with the default connector.
0
Comment
Question by:webfullcircle
  • 3
  • 3
6 Comments
 
LVL 14

Expert Comment

by:isaman07
ID: 37829433
Your internet facing receive connector must have anonymous access allowed, or else, you will never-ever receive emails from the internet. This is not a security hole, it is like that by design and not only for Microsoft, but any other platform. Having anonymous access, does not mean you are open relay.
Now if you want to tighten, in your case you can and you should, because you will receive incoming emails only through your spamfiltering provider, then on your firewall, create a rule that accepts smtp connection only from your prividers IP and that smtp port is redirected to your exchange. Doing this will minimize any security breach.
0
 
LVL 1

Author Comment

by:webfullcircle
ID: 37829485
isaman07  - I like the firewall approach. One additional note. I have setup a new receive connector to only allow inbound email from the router (added IP of internal interface of router only to allow for relay). This receive connector has Anon Access enabled. I then disable Anon Access  on the Default Receive Connector and that is where in bound email stops. My question is this normal or is there a step I am missing.
0
 
LVL 14

Expert Comment

by:isaman07
ID: 37829610
As i explained, this is normal, YOU MUST HAVE ANONYMOUS ACCESS enabled at all times. or the other approach, if you have a spam filtering appliance or mail forwarder in front of your exchange server, then yes you can configure your appliance to relay to your exchange using a username and password, then you can disable the anonymous access, since all incoming emails will go through your appliance. In your case, if  you follow the firewall approach, you are more than safe TRUST ME on that.
0
Will my email signature work in Office 365?

You've built an email signature using raw HTML code in Office 365, but you can't review how it looks with Transport Rules. So you have to test it over and over again before it can be used. Isn't this a bit of a waste of your time? Wouldn't a WYSIWYG editor make it a lot easier?

 
LVL 14

Accepted Solution

by:
isaman07 earned 350 total points
ID: 37829625
OOOps, forgot to say, you don't need to create a new receive connector, just leave the default one as it is (with anonymous enabled), your firewall will take care of the rest.
0
 
LVL 1

Author Comment

by:webfullcircle
ID: 37829698
thanks isaman07.  Let me test this out and will update the Question!
0
 
LVL 1

Author Closing Comment

by:webfullcircle
ID: 38219112
This was the actual solution. We created a separate connector.
0

Featured Post

Are your end users making ugly email signatures?

Have you left it up to your end users to create their own email signatures? Are they forgetting to add the company logo or using garish font colors? Take control and ensure all users have the same email signature.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
In this video we show how to create a User Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Mailb…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now