none
Relay Access control for Exchange 2010 SP1

    Question

  • Hello Everyone, 

    We have Exchange 2010 SP1 and Hardware loadbalancer on our environment. Some tools or scripts will use the load balancer to send the SMTP emails to our exchange server. Now, we have created two receive connectors:

    Allow Relay to external

    Allow Relay to internal

    We have added the hardware loadbalancer IP address to allow relay to external at this moment. However, we would like to use the exchange receive connectors to control which server or application are allowed to send the emails to our exchange mailbox. If we put the loadbalancer IP address to allow relay to internal, there may have security issue as everyone can use the load balancer ip address to send the emails without any authentication. Will anyonre have idea how we can use the exchange connectors to control the access?

    Thanks,

    Exchange Users

    Thursday, March 15, 2012 10:16 AM

All replies

  • Thursday, March 15, 2012 10:32 AM
  • hi,

    Yes, you can add user that you want to allow to relay into the allow list on the receive connector. So you can control the access.

    Hope can help you

    thanks,


    CastinLu

    TechNet Community Support

    Friday, March 16, 2012 6:06 AM
  • hi,

    Yes, you can add user that you want to allow to relay into the allow list on the receive connector. So you can control the access.

    Hope can help you

    thanks,


    CastinLu

    TechNet Community Support

    Hi Castin,

    The Citrix Netscout hardware network load balancer cannot get the client IP address to the exchange server. Exchange server can only allow hardware network load balancer on the receiver. The hardware network load balancer can add the Client IP header to the packet. I would like to know if exchange server can have a way to detect the Client IP Header to resolve this issues.

    Thanks,

    Exchange User


    • Edited by VLV2012 Monday, April 02, 2012 7:14 AM
    Monday, April 02, 2012 6:59 AM