One internal MS Exchange 2010 Edge Transport server named EDGESRV01
Two internal MS Exchange 2010 Hub transport servers named HUBSRV01 and HUBSRV01 and HUBSRV02
One external mail server named EXTMAILSRV01 with the IP Address 10.0.0.10.
All internal servers are in the ”mycompany.com” domain that I’m managing.
What I want:
Make it possible for EXTMAILSRV01 to relay through EDGESRV01 with from-address email@example.com and send to an external address or @mycompany.com-address.
The connection from EXTMAILSRV1 to EDGESRV01 has to be secured with password and encryption in some way and EXTMAILSRV should only be able to send with firstname.lastname@example.org.
It's kind of a SmartHost i want to create.
Restrict connections only from 10.0.0.10 in a new receive connector. The authentication is set to MTLS and Basic Authentication after starting TLS. Permission Group is set to Anonymous users.
The receive connector will be linked to two send connectors designated to this setup. One send connector for recipients within the organization, which will use the internal Hub Transport servers as smart hosts, and one send connector for other recipients (external), which will use DNS to find the recipient mail server.
Where I’m stuck:
I don’t know how to secure the receive connector with a password (or username and password). What to do?
How do I restrict what address EXTMAILSRV01 can send from?
Also I not sure if it’s wise to use MTLS between my Edge Transport and external servers?!
Please help :)