![]() While this simplifies the receive connector configuration (only the load balancer IP needs to be added as an allowed IP) it opens up a number of concerns: However, as you’ll see by reading my article on issues with load balancing SMTP traffic, when a load balancer is source NATing the connections the only IP address that will appear to the Exchange server is that of the load balancer itself, not the source device or application. This means creating the same relay connector on multiple servers and managing the same list of permitted IP addresses on those connectors. If you plan to load balance you’ll need to ensure that the same receive connectors exist on all of the servers in the load balanced pool. If you want to provide a highly available SMTP service then a load balancer is the natural solution. Here’s some additional items that you should consider when you’re providing SMTP relay services with Exchange Server 2016 for your environment. InternalId=863288426497, Hostname=] Queued mail for ![]() 220 Microsoft ESMTP MAIL Service ready at Thu, 22Ģ50 Hello In my test environment that IP address will now be allowed to send email from any email address (whether it is a valid internal address or not) to any external address. We can now test the connector using Telnet from the IP address that was added to the remote network settings of the receive connector. C:\>Get-ReceiveConnector "EXSERVER\Anon Relay EXSERVER" | Add-ADPermission -User 'NT AUTHORITY\Anonymous Logon' -ExtendedRights MS-Exch-SMTP-Accept-Any-Recipient C:\>Set-ReceiveConnector "EXSERVER\Anon Relay EXSERVER" -PermissionGroups AnonymousUsers ![]() ![]() In the Exchange Management Shell run the following two commands. Select the server that you want to create the new receive connector on, and click the “ ” button to start the wizard.Ĭlick Finish to complete the wizard, then there is some additional configuration still required. In the Exchange Admin Center navigate to mail flow and then receive connectors. When authenticated SMTP is not an option you can create a new receive connector on the Exchange 2016 server that will allow anonymous SMTP relay from a specific list of IP addresses or IP ranges. External SMTP Relay with Exchange Server 2016 Using Anonymous Connections So any device or application on the network that can use authenticated SMTP can be set up to use that connector listening on port 587 on your Exchange 2016 server. In the above example the email is successfully received by the external recipient. PS C:\>Send-MailMessage -SmtpServer -Credential $credential -From -To -Subject 'Test email' -Port 587 -UseSsl Next, use the Send-MailMessage cmdlet with parameters specifying the server, to and from addresses, subject line, and the port number. First, capture some valid credentials to use for authentication. To test using the Client Frontend connector to send an email message I’m going to use PowerShell’s Send-MailMessage cmdlet instead of Telnet. C:\>Set-ReceiveConnector "EXSERVER\Client Frontend EXSERVER" -Fqdn -TlsCertificateName $tlscertificatename C:\>$tlscertificatename = "$($cert.Issuer)$($cert.Subject)" The syntax of the TlsCertificateName string is made up of two different attributes of the certificate, so I use the following commands to apply the configuration to my receive connector. CN=Microsoft Exchange Server Auth CertificateĭAB089E53CA660DEF7B8EE303212C31C0E3D3499 IP.WS. Use Get-ExchangeCertificate to identify the thumbprint of the SSL certificate you’ll be using. Assuming you’ve already configured an SSL certificate for Exchange Server 2016, and added a DNS alias for your SMTP devices and applications to use (I’m using a DNS alias of in this example), you should then also set the TlsCertificateName for the receive connector. Minimal configuration is required to get this working. C:\>Get-ReceiveConnectorĮXSERVER\Default EXSERVER True The receive connector is named “SERVERNAMEDefault Frontend SERVERNAME”, for example, “EXSERVERDefault Frontend EXSERVER” in my test environment. This allows inbound internet email to be received by the server, and is also suitable for internal relay scenarios. When Exchange Server 2016 is first installed the setup routine automatically creates a receive connector that is pre-configured to be used for receiving email messages from anonymous senders to internal recipients. Internal SMTP Relay with Exchange Server 2016 Let’s take a look at each of those scenarios, and then some additional considerations when you are deploying this in your own production environments.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |