locked
Exchange 2007 Relay Problems RRS feed

  • Question

  • Hi,

    We recently upgraded to Exchange 2007 thinking it would be an improvement for us, but at least in one area it seems to be prooving to be a significant DOWNGRADE in functionality from our existing Exchange 2000 system. I am hoping I am just missing something here and there is a way to recreate the existing functionality we had under Exchange 2000.

    Some background, we are a small organization with only one server where we will be running Exchange 2007. Therefore, we are going to want the hub transport server role to be connecting directly to the internet to send/recieve mail.

    We also have a couple internal application servers that we want to be able to anonymously connect and send/relay mail through. Obviously, we also don't want to be an Open Relay for the Public though.

    In Exchange 2000. These goals were relatively trivial to achieve. We had a single SMTP connector that connected to the Default Virtual SMTP Server of the Exchange 2000 Server.
    On the Default Virtual SMTP Server we allow Anomymous Access and Connections from ANY IP. However on the RELAY tab I only allow the IP addresses of computers on my internal network to RELAY.

    This allows us to Recieve Mail from any computer on the internet and allows any computer physical attached to our LAN (about 20 stations confined to a single physical office) which would include or regular users workstations and our application servers to RELAY anonymously. However no one from the outside (external IP) can use us as an Open Relay.
    Note also that our FW is configured to drop any packets coming in from the external interface that claim to be origonating our internal IP range... so there is really no danger of a relayer even spoofing thier IP address somehow to try to use us to relay. This arrangement has worked flawlessly for years.

    Unfortunately I don't see any way to recreate this functionality under Exchange 2007. There doesn't even seem to be anything resembling a Virtual SMTP Server that I can manage under it (although I'm sure it must have the equivalent somewhere)....and the closest thing I can find is the Hub Transport Server Role and the Send and Recieve Connectors. Unfortunately the Recieve Connector doesn't seem to make any distinction between RECIEVING E-mail and RELAYING e-mail.....which is a pretty core distinction in functionality.

    What am I missing here? Any advice as to how I can recreate the existing functionality that I have in my Exchange 2000 setup under Exchange 2007 would be appreciated. Thanks!


    Mel



     
    Thursday, April 2, 2009 9:57 PM

Answers

  • Hello Mel,

    Procedure has changed and explained in below article. You need to create a separate Receive Connector and bind it with the list of IP or IP range to receive email anonymously from.

    Allowing application servers to relay off Exchange Server 2007

    Amit Tank | MVP - Exchange | MCITP:EMA MCSA:M | http://ExchangeShare.WordPress.com
    • Proposed as answer by Amit Tank Monday, April 6, 2009 4:18 AM
    • Marked as answer by Mike Shen Tuesday, April 7, 2009 3:45 AM
    Friday, April 3, 2009 10:12 AM