How to Configure a Relay Connector for Exchange Server 2010

Some time ago I had promised a friend that he could use my Exchange environment as a relay connector to his external IP on a different port then 25. After searching the GUI, I couldn’t find the needed options so I did a search on the Exchange shell options and I came out to this article from Paul Cunningham:

Note: this is written by Paul Cunningham: more information you can find on his website: http://exchangeserverpro.com/

In most Exchange Server 2010 environments there will be the need to allow relaying for certain hosts, devices or applications to send email via the Exchange server.  This is common with multi-function devices such as network attached printer/scanners, or applications such as backup software that send email reports.

SMTP communication is handled by the Hub Transport server in an Exchange organization.  The transport service listens for SMTP connections on it’s default Receive Connector. However, this connector is secured by default to not allow anonymous connections (ie, the type of connection most non-Exchange systems will be making).

You can see this in effect if you telnet to the server on port 25 and try to initiate unauthenticated SMTP communications.

For some Hub Transport servers that are internet-facing, anonymous connections may already be enabled.  In those cases relay would still be denied but will behave differently than the first example.

You’ll note that relay is denied if I try to send from an @hotmail.com address to an @gmail.com address, because neither is a valid domain for the Exchange organization. But with Anonymous Users enabled on the Receive Connector I can send from an @hotmail.com address to a valid local address.

However if I try to relay out to an external recipient, the Exchange server does not allow it.

To permit a non-Exchange server to relay mail we can create a new Receive Connector on the Hub Transport server. Launch the Exchange Management Console and navigate to Server Management, and then Hub Transport. Select the Hub Transport server you wish to create the new Receive Connector on, and from the Actions pane of the console choose New Receive Connector.

Give the new connector a name such as “Relay ” and click Next to continue.

You can leave the local network settings as is, or optionally you can use a dedicated IP address for this connector if one has already been allocated to the server. Using dedicated IP addresses for each connector is sometimes required if you need to create connectors with different authentication settings, but for a general relay connector it is not necessary to change it.

Highlight the default IP range in the remote network settings and click the red X to delete it.

Now click the Add button and enter the IP address of the server you want to allow to relay through the Exchange server. Click OK to add it and then Next to continue.

Click the New button to complete the wizard.

The Receive Connector has now been created but is not yet ready to allow the server to relay through it.  Go back to the Exchange Management Console, right-click the newly created Receive Connector and choose properties.

Select the Permission Groups tab and tick the Exchange Servers box.

Select the Authentication Tab and tick the Externally Secured box.

Apply the changes and the Receive Connector is now ready for the server to relay through.

Because the remote IP range has been secured to that single IP address, any other servers on different IP addresses still won’t be able to relay through the Exchange Server. From any other IP address not included in the remote IP range on the Receive Connector relay will be denied.

You can later add more IP addresses, IP ranges, subnets, or even add multiple IP addresses to the Receive Connector using a script if necessary.

30 thoughts on “How to Configure a Relay Connector for Exchange Server 2010

  1. I’m impressed. I dont think Ive met anyone who knows as much about this subject as you do. Youre truly well informed and very intelligent. You wrote something that people could understand and made the subject intriguing for everyone. Really, great blog you’ve got here.

  2. I want to thnkx for the time you have made in composing this blogpost. I am hoping the same top-grade work from you in the future as well. In fact your creative writing abilities has inspired me to get my own blog now. Really the blogging is spreading its wings quickly. Your write up is a good model of it.

  3. I was very encouraged to find this site. I wanted to thank you for this special read. I definitely savored every little bit of it and I have you bookmarked to check out new stuff you post.

  4. Excellent post. I was checking continuously this blog and I am impressed! Extremely useful information specially the last part 🙂 I care for such info much. I was looking for this certain info for a very long time. Thank you and good luck.

  5. After research a number of of the weblog posts on your website now, and I truly like your method of blogging. I bookmarked it to my bookmark web site list and can be checking again soon. Pls check out my website online as effectively and let me know what you think.

  6. Very detailed instructions.. Just what I need in school.. Now I understand the essence of a relay connector and how to work on it.. Thanks so much for sharing.. Looking forward to more of your posts..

  7. Helpful blog post and thank you for sharing. Several things in here I have never thought about before, I would like to use this moment to say that I really love this blog. It’s been a great resource of information for me. Thank you so much!

    • Wonderful work! That is the kind of info that are supposed to be shared around the internet.
      Shame on the search engines for no longer positioning this post upper!
      Come on over and discuss with my website . Thanks =)

Geef een reactie

Het e-mailadres wordt niet gepubliceerd. Vereiste velden zijn gemarkeerd met *

*