Recently I setup an Exchange 2016 Server. Everything looks fine except the Exchange 2016 default Receive connector allows internal relay.
Eg: Two emails firstname.lastname@example.org and email@example.com in my domain abc.com. An anonymous user can send emails to firstname.lastname@example.org on behalf of email@example.com (no authentication required). But if anonymous user try to send email to firstname.lastname@example.org using email@example.com, Exchange will refuse to send it.
May I know how could I do to restrict user authentication even for emails in the internal domain? I cannot disable the Anonymous users otherwise Exchange server will not receive any emails.