Solved

Locking Down Exchange 2010 Receive Connector

Posted on 2014-04-10
4
505 Views
Last Modified: 2014-07-22
I am reviewing the Receive Connectors for a client and wanted to see how best we can lock down.
Environment is a single Exchange Server 2010 with all roles installed. The Default Connector is configured for 10.1.1.0/24 under Network > Receive Mail from ..... If I read this right, they should only have the IP Address of other Servers/Devices that send mail - not the IP Address range for local computers? So it should only list the IP Address of itself?

Please help - they are having issues being blacklisted and I think this may assist in denying client machines from sending mail. Assuming this does not preent client machines from using Outlook to send etc.
0
Comment
Question by:Flipp
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 13

Assisted Solution

by:imkottees
imkottees earned 250 total points
ID: 39993609
Hi,

As long as "Exchange Servers" are checked under permission groups there wont be any issues for Clients.

Adding IP address for allowing open SMTP relay.
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 250 total points
ID: 39995403
The Default receive connector is usually configured to accept email from ALL IP address ranges.

Is this an SBS Server by any chance?
If so, then you would have another connector, which will be for inbound email from external sources. That will be configured to only accept email for everything outside the local subnet.

What you have failed to include in your question is how inbound email currently flows and whether there are any other connectors.

Simon.
0
 
LVL 6

Author Comment

by:Flipp
ID: 40213447
Thanks Simon. Although not a SBS, we do configure in a similar way to what I recall of my SBS days in Exchange. One connector to receive incoming email and open to our incoming mail filter only. The other connector is the one I wanted to get some clarity on to whether we have this configured correctly or not.

I think we have this correct now so thank you for your replies and apologies for delays. :)
0
 
LVL 6

Author Closing Comment

by:Flipp
ID: 40213448
Thank you one and all :)
0

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
A 2007 NCSA Cyber Security survey revealed that a mere 4% of the population has a full understanding of firewalls. As business owner, you should be part of that 4% that has a full understanding.
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

724 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question