Solved

Receive Connector Issues with Exchange 2013

Posted on 2015-01-31
11
112 Views
Last Modified: 2015-02-02
Exchange 2013 in regards to Receive Connectors is really confusing me.  It appears by default that it is basically an open relay. I'm showing it allowing any IP address to relay through it and had tested that internally through telnet.  I than have issues with our spam filter getting connection refused when connecting to it, so I'm not sure whats going on.  I created a separate send connector just for the Barraucda and set it to anonymous and ran the exchange shell command to really allow the anonymous logon and still get connection refused.
0
Comment
Question by:Chris Rice
  • 5
  • 2
  • 2
  • +1
11 Comments
 
LVL 9

Expert Comment

by:Benjamin MOREAU
ID: 40581865
The default receive connector is not open relay. It accept only SMTP mails for local mailboxes. If your try to send mail with your receive connector to an outside mail; it will not work.

If you want to do open relay, you have to add rights on your recevice connector with powershell.
0
 

Author Comment

by:Chris Rice
ID: 40581866
I'm confused as why I can telnet to the exchange server from devices on the network through port 25. However I can't from our Barracuda for some reason. Hoping to put this into production tonight but have seen odd send/receive issues with 2013 so far
0
 
LVL 9

Expert Comment

by:Benjamin MOREAU
ID: 40581910
You Can connect to port 25 but you Can only send mail to local user.

Exchange have to accept communication on port 25 from all client. It is normal for a mail server.

If only barracuda send mail to exchange, you Can add a receive connector only for tour barracuda ip with anonymous accès allowed.
0
 

Author Comment

by:Chris Rice
ID: 40581913
Yeah I tried that and still got connection refused
0
 
LVL 20

Expert Comment

by:SatyaPathak
ID: 40581962
0
Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

 
LVL 20

Expert Comment

by:SatyaPathak
ID: 40581963
0
 

Author Comment

by:Chris Rice
ID: 40581979
I've seen both of those articles.  The Barracuda picks up external e-mail and sends it to the Exchange servers, so I think the default connector should work.  Earlier when I tested on a internal server I was able to telnet to port 25 fine, but now I get connection refused like I do from the Barracuda, so I'm not sure whats going on...
0
 

Author Comment

by:Chris Rice
ID: 40581987
I think I found the issue.  This customer I'm working with had some odd lan to lan firewall rule with port 25.  I disabled it and was able to connect from Barracuda to 2013 server
0
 
LVL 24

Expert Comment

by:VB ITS
ID: 40582061
You may want to look at limiting the use of the open relay connector to only Barracuda's IP addresses (which you can get from them) and your Exchange server. Add any network devices that also need to relay through your server but that's it. This will prevent your server from getting added to any blacklists in case a machine in your network gets infected and tries to send out spam through your server.
0
 

Author Comment

by:Chris Rice
ID: 40582073
I would do that with the default frontend receive connector and remove the 0.0.0.0-255.255.255.255 ? I normally created separate ones with 2007 and 2010 having hub transport server usually separate and left the default there, but I was attempting that with this setup having both roles on one server and it seemed to mess things up with mail flow.
0
 
LVL 24

Accepted Solution

by:
VB ITS earned 500 total points
ID: 40582079
Ah, OK. I think I understand what may have happened now. In Exchange 2013 the Transport architecture has changed from what we have been used to with the previous versions of Exchange (i.e. 2007 and 2010). Have a read of these articles to help you get a better idea:
https://exchangemaster.wordpress.com/2014/01/24/incorrectly-adding-new-receive-connector-breaks-exchange-2013-transport/
http://exchangeserverpro.com/exchange-2013-configure-smtp-relay-connector/
http://himmetyildiz.blogspot.com.au/2013/07/how-to-create-anonymous-relay-send.html

What this means is you can still create additional custom receive connectors for anonymous relay, you just need to associate them to the correct Transport Role. I believe the first article explains it best so have a read and let me know if you have any questions.
0

Featured Post

Don't lose your head updating email signatures!

Do your end users still have the wrong email signature? Do email signature updates bore you or fill you with a sense of dread? You can make this a whole lot easier on yourself by trusting an Exclaimer email signature management solution. Over 50 million users do...so should you!

Join & Write a Comment

ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now