troubleshooting Question

Receive connector for external SmartHost usage

Avatar of Netcompany
NetcompanyFlag for Denmark asked on
Exchange
5 Comments1 Solution2081 ViewsLast Modified:
Setup:
One internal MS Exchange 2010 Edge Transport server named EDGESRV01
Two internal MS Exchange 2010 Hub transport servers named HUBSRV01 and HUBSRV01 and HUBSRV02
One external mail server named EXTMAILSRV01 with the IP Address 10.0.0.10.

All internal servers are in the ”mycompany.com” domain that I’m managing.

What I want:
Make it possible for EXTMAILSRV01 to relay through EDGESRV01 with from-address no-reply@mycompany.com and send to an external address or @mycompany.com-address.

The connection from EXTMAILSRV1 to EDGESRV01 has to be secured with password and encryption in some way and EXTMAILSRV should only be able to send with no-reply@mycompany.com.
 
It's kind of a SmartHost i want to create.

What know:
Restrict connections only from 10.0.0.10 in a new receive connector. The authentication is set to MTLS and Basic Authentication after starting TLS. Permission Group is set to Anonymous users.

The receive connector will be linked to two send connectors designated to this setup. One send connector for recipients within the organization, which will use the internal Hub Transport servers as smart hosts, and one send connector for other recipients (external), which will use DNS to find the recipient mail server.

Where I’m stuck:
I don’t know how to secure the receive connector with a password (or username and password).  What to do?

How do I restrict what address EXTMAILSRV01 can send from?

Also I not sure if it’s wise to use MTLS between my Edge Transport and external servers?!

Please help :)
ASKER CERTIFIED SOLUTION
Antonio Vargas
Microsoft Senior Cloud Consultant

Our community of experts have been thoroughly vetted for their expertise and industry experience.

Join our community to see this answer!
Unlock 1 Answer and 5 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 5 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros