Solved

Exchange 2010 Receive Connectors

Posted on 2013-11-09
7
583 Views
Last Modified: 2013-11-25
when installing Exchange 2010 , it creates 2 Receive connectors. Client and Default Connectors.

Any Exchange 2010 Expert to explain how to configure each connector?

Thank you
0
Comment
Question by:jskfan
  • 3
  • 3
7 Comments
 
LVL 35

Assisted Solution

by:Mahesh
Mahesh earned 375 total points
ID: 39636985
Default Servername: This Receive connector accepts connections from other Hub Transport servers and any Edge Transport servers you have.
Client Servername: This Receive connector accepts SMTP connections from all non-MAPI clients, such as POP and IMAP.
Please follow below article to configure them.
http://technet.microsoft.com/en-us/library/aa996395(v=exchg.141).aspx

If your Hub Transport server is internet facing, then you must modify default servername connector to allow anonymous connections.Check below link
http://technet.microsoft.com/en-us/library/bb738138(v=exchg.141).aspx
0
 

Author Comment

by:jskfan
ID: 39637177
In our case, Hub Transport has some send connectors that route emails through Smart hosts and some connectors directly through DNS MX records.


Receive Connectors is a little bit a gray area to me.

we have one named Anonymous connector, I do not understand the meaning of:
Specify the FQDN this connector will provide to respond to HELO or EHLO.
Under Network Tab, I see:
Use these Local IP address to Receive mail:
10.10.40.10
Receive mail from servers that have these IP addresses :
10.10.x.x
10.10.x.x
…..

under Permissions group:
Anonymous users
Exchange user


And we have another connector, it has:
Under Authentication, it has only one checkbox ticked : Transport Layer Security (TLS)
under permissions group : only Anonymous users is selected


Any explanation about this configuration will be very helpful

Thanks
0
 
LVL 35

Assisted Solution

by:Mahesh
Mahesh earned 375 total points
ID: 39637298
"Specify the FQDN this connector will provide to respond to HELO or EHLO."
meaning of above sentence is, if you telnet public IP \ Private IP address of this exchange server on port 25, then it will respond with Helo or Ehelo word.
So this is basically response to telnet.
Anonymous connector will receive any mail communication from specified 10.10.x.x
Here under authentication tab "Exchange Server authentication" must be selected which you have not mentioned above.

The another conector is basically their to receive mails from any hosts with TLS security.
in order to work this concept additional steps must be required as mentioned in below article
http://technet.microsoft.com/en-us/library/bb123543(v=exchg.141).aspx

I don't know if above article has been configured at your end.

basically you required one connector on which u can receive external mails (Anonymous users
and one conector through which you can accept connections from your exchange users and exchange servers
0
Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

 

Author Comment

by:jskfan
ID: 39637573
One connector that is named Anonymous Relay:
Under network Tab (Use these local IP addresses to receive mail) is pointing to HUB01server.
and (Receive Mails from remote servers that have these IP addresses ) points to multiple IP addresses….. this part is clear.
Under group permissions Anonymous users and exchange users are checked….Does that mean another Exchange server cannot relay even if it is IP address is listed under :Receive Mails from remote servers that have these IP addresses ????
under Authentication :nothing checked off there (nothing selected)

==============
our default Receive connector:

Under network Tab (Use these local IP addresses to receive mail) is pointing to HUB01server.
and (Receive Mails from remote servers that have these IP addresses ) points to 0.0.0.0 255.255.255.255 addresses….. this part is clear.

under Authentication , everything is checked except for: Enable Domain Security (Mutual Auth TLS) and Externally Secured (for example, with IPSec)
under Permission Groups:
Exchange users, Exchange servers,Legacy Exchange servers are checked.
=================

we have another connector called public Smtp.
Use these local IP addresses to receive mail is pointing to HUB01 server.
Receive mail from remote servers that have these IP addresses points to 0.0.0.0  255.255.255.255
Authentication  has only the  "The Transport Layer Security (TLS)" checked.
Permission Groups : just Anonymous is selected.

===================
as for the Client connector:
under Specify the FQDN this connector will provide in response to HELO or EHLO, there is the OWA adderss : Webmail.company.com

under Network tab:
use these local IP addresses to receive mail is pointing to HUB01 server
Receive mail from remote servers that have IP addresses, is pointing to a node,  I am not sure what s the role of this node.
under Authentication:
TLS is checked , but Mutual Auth TLS is not.
Basic authentication is checked as well as  Offer Basic authentication

Exchange server Authentication is not checked
Integrated Windows Authentication is checked
Externally Secured is not checked
============
These are the connectors we have….the area which not really clear is the area under authentication tab and Permission Groups tab… why some checkboxes are selected and some not and what 's the effect of their selection


Thanks
0
 
LVL 10

Assisted Solution

by:Vijaya Babu Sekar
Vijaya Babu Sekar earned 125 total points
ID: 39637897
You dont require to default connector.

Default Connector:

it would be useful for receiving the mail from other hop or Exchange server based on the AD topology (sites and services) service

Client Connector:

It would be useful for receiving the mail from outlook client. so not required to touch the connector

If you want SMTP permission for application server, better you can create one more receive connector and configure further. based on the requirement.

Thanks.
0
 
LVL 35

Accepted Solution

by:
Mahesh earned 375 total points
ID: 39638230
Can you Please go throughly with below article
You will get all information related to Receive Connectors
http://technet.microsoft.com/en-us/library/aa996395(v=exchg.141).aspx
0
 

Author Closing Comment

by:jskfan
ID: 39676333
Thanks
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now