none
Default Receive Connectors Created on a Hub Transport Server

    Question

  • Hello All,

                There are 2 default receive connectors created on hub,

    Client Mail       port 587

    Default mail    port 25

    i think that 1 conector to clients inside the organization and the other one to pepole from outside, is that wrong ?

    Wat the different between the client and the default ?

    why i can change ( Specify the FQDN this connector will provide in response to HELO or EHLO ) at client but i can't change it at the default ?



    Ahmad Samir
    Wednesday, August 17, 2011 7:23 PM

Answers

  • Hello All,

                There are 2 default receive connectors created on hub,

    Client Mail       port 587

    Default mail    port 25

    i think that 1 conector to clients inside the organization and the other one to pepole from outside, is that wrong ?

    Wat the different between the client and the default ?

    why i can change ( Specify the FQDN this connector will provide in response to HELO or EHLO ) at client but i can't change it at the default ?



    Ahmad Samir

    i think that 1 conector to clients inside the organization and the other one to pepole from outside, is that wrong ?

    Wrong...

     

     

    Receive Connectors

    Receive Connectors are responsible for receiving incoming email sent to a Transport server.  This includes mail sent from Mailbox Servers, POP3 and IMAP clients, and other hosts or applications sending via SMTP.

    By default a Hub Transport server is configured with two Receive Connectors – one for clients (POP3 and IMAP) and one for SMTP.  Both are configured as secure by default and should be kept that way if possible.

    Other common uses of Receive Connectors are for secure relays within an organization.  This is typically for devices such as scanners that scan to email, or application servers that send SMTP notifications.

    Receive Connectors can be configured with a broad range of security options, such as restricting to certain IP addresses or subnets, requiring certain authentication methods, or by limiting connecting servers to only certain actions (eg only sending to internal addresses, allowing override of sender spoof checks, or allow override of size limits).

    It is important not to expose unsecured Receive Connectors to the internet as this may cause the server to be exploited as an open relay.

     

    Port 25:As part of the anti-spam best practices, you should block this outgoing for any machine that doesn’t need to send email directly. 

    Port 587: please See RFC 2476 - Message Submission

     

    The default client recieve connector is indeed for POP/IMAP clients.  But it is there for them to SEND to the Exchange server.  Thus port 587 which is a de facto standard for secure SMTP from POP/IMAP.  Yes, I know that POP/IMAP have other secure ports assigned to the protocol, but that is for the client to receive from server, not for the client to send to the server. 

     


     


    "Abhi" "Exchange Specialist" ------------- Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    • Marked as answer by Medo Bond Friday, August 19, 2011 11:29 PM
    Friday, August 19, 2011 5:56 AM

All replies

  • Hi,

    Good Article about Receive Connectors and it has the information about the default Recieve Connectors created during setup

    Understandig Receive Connectors
    http://technet.microsoft.com/en-us/library/aa996395.aspx

     

     


    Martina Miskovic
    Wednesday, August 17, 2011 7:51 PM
  • Hi Ahmad,

     

    Wat the different between the client and the default ?

     

    Client Servername: This Receive connector accepts SMTP connections from all non-MAPI clients, such as POP and IMAP.

     

    Default Servername:   This Receive connector accepts connections from other Hub Transport servers and any Edge Transport servers you have.

     

    why i can change ( Specify the FQDN this connector will provide in response to HELO or EHLO ) at client but i can't change it at the default ?

     

    Don’t modify the FQDN value on the default Receive connector named Default <Server Name> that's automatically created on Hub Transport servers. If you have multiple Hub Transport servers in your Exchange organization and you change the FQDN value on the Default <Server Name> Receive connector, internal mail flow between Hub Transport servers will fail.

     

    Normally when you try to change the FQDN on the default <Server Name> receive connector, you will get “If the AuthMechanism attribute on a Receive Connector contains the value Exchange Server, you must use the FQDN parameter on the Receive Connector...” this is because Exchange Server authentication set on the receive connector, Exchange Servers use this to authenticate SMTP sessions among themselves.

     

    Thanks,

     

    Evan

    Friday, August 19, 2011 5:43 AM
  • Hello All,

                There are 2 default receive connectors created on hub,

    Client Mail       port 587

    Default mail    port 25

    i think that 1 conector to clients inside the organization and the other one to pepole from outside, is that wrong ?

    Wat the different between the client and the default ?

    why i can change ( Specify the FQDN this connector will provide in response to HELO or EHLO ) at client but i can't change it at the default ?



    Ahmad Samir

    i think that 1 conector to clients inside the organization and the other one to pepole from outside, is that wrong ?

    Wrong...

     

     

    Receive Connectors

    Receive Connectors are responsible for receiving incoming email sent to a Transport server.  This includes mail sent from Mailbox Servers, POP3 and IMAP clients, and other hosts or applications sending via SMTP.

    By default a Hub Transport server is configured with two Receive Connectors – one for clients (POP3 and IMAP) and one for SMTP.  Both are configured as secure by default and should be kept that way if possible.

    Other common uses of Receive Connectors are for secure relays within an organization.  This is typically for devices such as scanners that scan to email, or application servers that send SMTP notifications.

    Receive Connectors can be configured with a broad range of security options, such as restricting to certain IP addresses or subnets, requiring certain authentication methods, or by limiting connecting servers to only certain actions (eg only sending to internal addresses, allowing override of sender spoof checks, or allow override of size limits).

    It is important not to expose unsecured Receive Connectors to the internet as this may cause the server to be exploited as an open relay.

     

    Port 25:As part of the anti-spam best practices, you should block this outgoing for any machine that doesn’t need to send email directly. 

    Port 587: please See RFC 2476 - Message Submission

     

    The default client recieve connector is indeed for POP/IMAP clients.  But it is there for them to SEND to the Exchange server.  Thus port 587 which is a de facto standard for secure SMTP from POP/IMAP.  Yes, I know that POP/IMAP have other secure ports assigned to the protocol, but that is for the client to receive from server, not for the client to send to the server. 

     


     


    "Abhi" "Exchange Specialist" ------------- Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    • Marked as answer by Medo Bond Friday, August 19, 2011 11:29 PM
    Friday, August 19, 2011 5:56 AM
  • Hello All,

                There are 2 default receive connectors created on hub,

    Client Mail       port 587

    Default mail    port 25

    i think that 1 conector to clients inside the organization and the other one to pepole from outside, is that wrong ?

    Wat the different between the client and the default ?

    why i can change ( Specify the FQDN this connector will provide in response to HELO or EHLO ) at client but i can't change it at the default ?



    Ahmad Samir


    Port 587 for Non Mapi SMTP Relay

    Port 25 for Mapi SMTP Relay

    No need to change the FQDN let it as default.

    Thanks


    Mihir Nayak
    Friday, August 19, 2011 6:00 AM