Solved

Receive Connector Issues with Exchange 2013

Posted on 2015-01-31
11
120 Views
Last Modified: 2015-02-02
Exchange 2013 in regards to Receive Connectors is really confusing me.  It appears by default that it is basically an open relay. I'm showing it allowing any IP address to relay through it and had tested that internally through telnet.  I than have issues with our spam filter getting connection refused when connecting to it, so I'm not sure whats going on.  I created a separate send connector just for the Barraucda and set it to anonymous and ran the exchange shell command to really allow the anonymous logon and still get connection refused.
0
Comment
Question by:Chris Rice
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 2
  • 2
  • +1
11 Comments
 
LVL 9

Expert Comment

by:Benjamin MOREAU
ID: 40581865
The default receive connector is not open relay. It accept only SMTP mails for local mailboxes. If your try to send mail with your receive connector to an outside mail; it will not work.

If you want to do open relay, you have to add rights on your recevice connector with powershell.
0
 

Author Comment

by:Chris Rice
ID: 40581866
I'm confused as why I can telnet to the exchange server from devices on the network through port 25. However I can't from our Barracuda for some reason. Hoping to put this into production tonight but have seen odd send/receive issues with 2013 so far
0
 
LVL 9

Expert Comment

by:Benjamin MOREAU
ID: 40581910
You Can connect to port 25 but you Can only send mail to local user.

Exchange have to accept communication on port 25 from all client. It is normal for a mail server.

If only barracuda send mail to exchange, you Can add a receive connector only for tour barracuda ip with anonymous accès allowed.
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 

Author Comment

by:Chris Rice
ID: 40581913
Yeah I tried that and still got connection refused
0
 
LVL 20

Expert Comment

by:Satya Pathak
ID: 40581962
0
 
LVL 20

Expert Comment

by:Satya Pathak
ID: 40581963
0
 

Author Comment

by:Chris Rice
ID: 40581979
I've seen both of those articles.  The Barracuda picks up external e-mail and sends it to the Exchange servers, so I think the default connector should work.  Earlier when I tested on a internal server I was able to telnet to port 25 fine, but now I get connection refused like I do from the Barracuda, so I'm not sure whats going on...
0
 

Author Comment

by:Chris Rice
ID: 40581987
I think I found the issue.  This customer I'm working with had some odd lan to lan firewall rule with port 25.  I disabled it and was able to connect from Barracuda to 2013 server
0
 
LVL 24

Expert Comment

by:VB ITS
ID: 40582061
You may want to look at limiting the use of the open relay connector to only Barracuda's IP addresses (which you can get from them) and your Exchange server. Add any network devices that also need to relay through your server but that's it. This will prevent your server from getting added to any blacklists in case a machine in your network gets infected and tries to send out spam through your server.
0
 

Author Comment

by:Chris Rice
ID: 40582073
I would do that with the default frontend receive connector and remove the 0.0.0.0-255.255.255.255 ? I normally created separate ones with 2007 and 2010 having hub transport server usually separate and left the default there, but I was attempting that with this setup having both roles on one server and it seemed to mess things up with mail flow.
0
 
LVL 24

Accepted Solution

by:
VB ITS earned 500 total points
ID: 40582079
Ah, OK. I think I understand what may have happened now. In Exchange 2013 the Transport architecture has changed from what we have been used to with the previous versions of Exchange (i.e. 2007 and 2010). Have a read of these articles to help you get a better idea:
https://exchangemaster.wordpress.com/2014/01/24/incorrectly-adding-new-receive-connector-breaks-exchange-2013-transport/
http://exchangeserverpro.com/exchange-2013-configure-smtp-relay-connector/
http://himmetyildiz.blogspot.com.au/2013/07/how-to-create-anonymous-relay-send.html

What this means is you can still create additional custom receive connectors for anonymous relay, you just need to associate them to the correct Transport Role. I believe the first article explains it best so have a read and let me know if you have any questions.
0

Featured Post

Edgartown IT Case Study

Learn about Edgartown's quest to ensure the safety and security of the entire town's employee and citizen data. Read the case study!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains how to install and use the NTBackup utility that comes with Windows Server.
In-place Upgrading Dirsync to Azure AD Connect
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…
how to add IIS SMTP to handle application/Scanner relays into office 365.

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question