Thursday, September 16, 2010


In Exchange Server 2007 there are two receive connectors.
All SMTP mail is routed through a Send connector.

Server to Server SMTP and Client to Server SMTP.

Client---> server SMTP is used for POP3 and IMAP clients to send mail via SMTP.
Client Usage Type will allow the Permission Group of Exchange Users

In Exchange 2007, Microsoft wanted to comply with updated RFC standards and kept Server to Server SMTP communication over port 25 and segregated Client to Server communications over port 587

By default, Client to Server Authentication is encrypted using TLS via this Client Receive Connector


If you want to allow an anonymous application such as a Web Application to relay off of your Exchange 2007 server, you would do the following:

1. Create a new Receive Connector with the Custom Usage Group
2. For Remote Network Settings, remove, and then add the IP Address of the remote server that requires relaying permissions
3. Once the new Custom Receive Connector is created, go into the properties of this connector, go to the Permission Groups Tab > Add Anonymous Users

If you look at the Authentication Tab, only Transport Layer Security will be selected. This is called Opportunistic TLS which means that TLS will be accepted and is the preferred method for communication, but TLS will not be required.

To activate Anonymous users to use this connector for relaying, you must issue the following command:
Get-ReceiveConnector “Receive Connector Name” | Add-ADPermission -User “NT AUTHORITY\ANONYMOUS LOGON” -ExtendedRights “Ms-Exch-SMTP-Accept-Any-Recipient”

No comments:

Post a Comment