Exchange Server Relay Receive Connector

Microsoft Exchange servers do not allow SMTP relay by default so you have to configure it yourself.

But, before you allow relaying, make sure this is want you need.

Let's go over a simple design for relaying.

First of all, you have to create new receive connectors with the appropriate permissions. Make sure the "Anonymous" access is enabled and that the servers that need to relay are configured on the Remote IP Ranges. This way, only these servers will be able to relay.

I also create A records in the DNS servers that point to the servers with the connectors and set the record's name as the HELO/EHLO response of the connectors.

The following commands will extend the receive connectors in order to accept messages for any sender and accept any sender:

Get-ReceiveConnector "Relay Exchange 1" |
    Add-ADPermission -User 'NT AUTHORITY\Anonymous Logon' -ExtendedRights MS-Exch-SMTP-Accept-Any-Recipient

Get-ReceiveConnector "Relay Exchange 1" |
    Add-ADPermission -User 'NT AUTHORITY\Anonymous Logon' -ExtendedRights MS-Exch-SMTP-Accept-Any-Sender

This is very handy if you have a multi-tenant Exchange server.

Popular posts from this blog

Domain Controller Machine Password Reset

Configuring a Certificate on Exchange Receive Connector

Verbose Parameter Passing to cmdlet inside Function