locked
How Do I Secure Relaying (Receive Connector) In my LAN RRS feed

  • Question

  • Until recently I thought my Exchange Server's Default Receive connector was secured enough. We configured one application to send mails to staff using our

    exchange server's IP as the relay server (without creating a Custom Receive Connector) and found out that the exchange 2010 server delivered the mail

    internally.

    How do we secure our Default Receive Connectors to allow only specific IPs to send out mail through relay. Which options should we disable off the

    Properties of the Receive Connector (Authentication & Permission Groups) ?

    thanks.

    Tuesday, February 21, 2012 2:20 PM

Answers

  • You need to create a new connector for the devices that will need to relay anonymously and set the IP filter to include just those devices then enable anon relay in the permission groups tab.

    On your default connector you will need to set up ranges that exclude those ip addresses then disable annon authentication on the permission groups tab.


    • Edited by JonBridger Tuesday, February 21, 2012 4:04 PM
    • Proposed as answer by JonBridger Tuesday, February 21, 2012 4:38 PM
    • Marked as answer by wendy_liu Tuesday, March 6, 2012 9:06 AM
    Tuesday, February 21, 2012 4:01 PM

All replies