Solved

Receive Connector Issues with Exchange 2013

Posted on 2015-01-31
11
115 Views
Last Modified: 2015-02-02
Exchange 2013 in regards to Receive Connectors is really confusing me.  It appears by default that it is basically an open relay. I'm showing it allowing any IP address to relay through it and had tested that internally through telnet.  I than have issues with our spam filter getting connection refused when connecting to it, so I'm not sure whats going on.  I created a separate send connector just for the Barraucda and set it to anonymous and ran the exchange shell command to really allow the anonymous logon and still get connection refused.
0
Comment
Question by:Chris Rice
  • 5
  • 2
  • 2
  • +1
11 Comments
 
LVL 9

Expert Comment

by:Benjamin MOREAU
ID: 40581865
The default receive connector is not open relay. It accept only SMTP mails for local mailboxes. If your try to send mail with your receive connector to an outside mail; it will not work.

If you want to do open relay, you have to add rights on your recevice connector with powershell.
0
 

Author Comment

by:Chris Rice
ID: 40581866
I'm confused as why I can telnet to the exchange server from devices on the network through port 25. However I can't from our Barracuda for some reason. Hoping to put this into production tonight but have seen odd send/receive issues with 2013 so far
0
 
LVL 9

Expert Comment

by:Benjamin MOREAU
ID: 40581910
You Can connect to port 25 but you Can only send mail to local user.

Exchange have to accept communication on port 25 from all client. It is normal for a mail server.

If only barracuda send mail to exchange, you Can add a receive connector only for tour barracuda ip with anonymous accès allowed.
0
Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

 

Author Comment

by:Chris Rice
ID: 40581913
Yeah I tried that and still got connection refused
0
 
LVL 20

Expert Comment

by:Satya Pathak
ID: 40581962
0
 
LVL 20

Expert Comment

by:Satya Pathak
ID: 40581963
0
 

Author Comment

by:Chris Rice
ID: 40581979
I've seen both of those articles.  The Barracuda picks up external e-mail and sends it to the Exchange servers, so I think the default connector should work.  Earlier when I tested on a internal server I was able to telnet to port 25 fine, but now I get connection refused like I do from the Barracuda, so I'm not sure whats going on...
0
 

Author Comment

by:Chris Rice
ID: 40581987
I think I found the issue.  This customer I'm working with had some odd lan to lan firewall rule with port 25.  I disabled it and was able to connect from Barracuda to 2013 server
0
 
LVL 24

Expert Comment

by:VB ITS
ID: 40582061
You may want to look at limiting the use of the open relay connector to only Barracuda's IP addresses (which you can get from them) and your Exchange server. Add any network devices that also need to relay through your server but that's it. This will prevent your server from getting added to any blacklists in case a machine in your network gets infected and tries to send out spam through your server.
0
 

Author Comment

by:Chris Rice
ID: 40582073
I would do that with the default frontend receive connector and remove the 0.0.0.0-255.255.255.255 ? I normally created separate ones with 2007 and 2010 having hub transport server usually separate and left the default there, but I was attempting that with this setup having both roles on one server and it seemed to mess things up with mail flow.
0
 
LVL 24

Accepted Solution

by:
VB ITS earned 500 total points
ID: 40582079
Ah, OK. I think I understand what may have happened now. In Exchange 2013 the Transport architecture has changed from what we have been used to with the previous versions of Exchange (i.e. 2007 and 2010). Have a read of these articles to help you get a better idea:
https://exchangemaster.wordpress.com/2014/01/24/incorrectly-adding-new-receive-connector-breaks-exchange-2013-transport/
http://exchangeserverpro.com/exchange-2013-configure-smtp-relay-connector/
http://himmetyildiz.blogspot.com.au/2013/07/how-to-create-anonymous-relay-send.html

What this means is you can still create additional custom receive connectors for anonymous relay, you just need to associate them to the correct Transport Role. I believe the first article explains it best so have a read and let me know if you have any questions.
0

Featured Post

Courses: Start Training Online With Pros, Today

Brush up on the basics or master the advanced techniques required to earn essential industry certifications, with Courses. Enroll in a course and start learning today. Training topics range from Android App Dev to the Xen Virtualization Platform.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

786 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question