locked
Exchange 2013- How to create Relay Receive connector for Application RRS feed

  • Question

  • Hi All,

    how to create connector for internal application so tha they can send the notification. 

    I want application only send messges from valid SMTP Address like accepted domain.

    they should not send any message from "any" address.

    Regres

    AM

     

    Tuesday, September 20, 2016 4:58 PM

Answers

  • Hi

    There are mostly two requirements in a business:-

    1. Internal Relay
    2. External Relay

    Internal Relay:- make an SMTP connection to an Exchange server and send email to recipients that are internal to the organization suppose, a “scan to email” feature on a multi-function print device) Relay.

    External Relay:- make an SMTP connection to an Exchange server and send email to recipients that are outside the organization suppose, applications or hardware that sends automated reports or alerts to external vendors.

    Go to the webpage of the exchange management page https://yourexchangeserver/ecp

    Go to the Mail flow > Receive Connectors > + for add a new connector.

    Enter a name for the connector

    Select role (Hub Transport) and type (Custom) click on Next
    Note: If you want to relay outside your organization than you need to select Frontend Transport role instead of the Hub Transport role. click Next

    Leave the setting of this page unchanged

    Remove the IP address which are shown in Next page

    You get an error that the field is required. click on the + to add a new range

    Enter a single IP address or a local LAN address which is allowed to email via the exchange server

    The remote network settings will look like this

    10.10.10.10/24

    When clicked on finished. You have to edit the relay connector and go to security tab.
    Select the option “Anonymous users”

    Click on Save........

    You can check the status of your connector through powershell:-

    Get-ReceiveConnector “Name_of_Your_Connector” | Add-ADPermission -User “NT AUTHORITY\ANONYMOUS LOGON” -ExtendedRights “Ms-Exch-SMTP-Accept-Any-Recipient”

    Now you can send a email message form another server or application located on your network.

    Hope this will help you out.

    Kindly click "Mark as Answer" on the post that helps you, this can be beneficial to other community members reading this thread.

    Regards.

    H.shakir


    • Edited by H Shakir Tuesday, September 20, 2016 6:00 PM
    • Proposed as answer by Jason.Chao Wednesday, September 21, 2016 2:39 AM
    • Marked as answer by Jason.Chao Friday, September 30, 2016 9:24 AM
    Tuesday, September 20, 2016 5:59 PM

All replies

  • Hi

    There are mostly two requirements in a business:-

    1. Internal Relay
    2. External Relay

    Internal Relay:- make an SMTP connection to an Exchange server and send email to recipients that are internal to the organization suppose, a “scan to email” feature on a multi-function print device) Relay.

    External Relay:- make an SMTP connection to an Exchange server and send email to recipients that are outside the organization suppose, applications or hardware that sends automated reports or alerts to external vendors.

    Go to the webpage of the exchange management page https://yourexchangeserver/ecp

    Go to the Mail flow > Receive Connectors > + for add a new connector.

    Enter a name for the connector

    Select role (Hub Transport) and type (Custom) click on Next
    Note: If you want to relay outside your organization than you need to select Frontend Transport role instead of the Hub Transport role. click Next

    Leave the setting of this page unchanged

    Remove the IP address which are shown in Next page

    You get an error that the field is required. click on the + to add a new range

    Enter a single IP address or a local LAN address which is allowed to email via the exchange server

    The remote network settings will look like this

    10.10.10.10/24

    When clicked on finished. You have to edit the relay connector and go to security tab.
    Select the option “Anonymous users”

    Click on Save........

    You can check the status of your connector through powershell:-

    Get-ReceiveConnector “Name_of_Your_Connector” | Add-ADPermission -User “NT AUTHORITY\ANONYMOUS LOGON” -ExtendedRights “Ms-Exch-SMTP-Accept-Any-Recipient”

    Now you can send a email message form another server or application located on your network.

    Hope this will help you out.

    Kindly click "Mark as Answer" on the post that helps you, this can be beneficial to other community members reading this thread.

    Regards.

    H.shakir


    • Edited by H Shakir Tuesday, September 20, 2016 6:00 PM
    • Proposed as answer by Jason.Chao Wednesday, September 21, 2016 2:39 AM
    • Marked as answer by Jason.Chao Friday, September 30, 2016 9:24 AM
    Tuesday, September 20, 2016 5:59 PM
  • Configure
    Wednesday, September 21, 2016 7:34 AM
  • Get-ReceiveConnector “Name_of_Your_Connector” | Add-ADPermission -User “NT AUTHORITY\ANONYMOUS LOGON” -ExtendedRights “Ms-Exch-SMTP-Accept-Any-Recipient

    If i do like this , than i will able to send messages from any domain like

    ABC@bbc.com ,

    I am looking for the soultuion where i can restrict my receive connector to send from my accepted domain only.

    Wednesday, September 21, 2016 7:36 AM
  • Hi AM,

    You should remove the permission “ms-Exch-SMTP-Accept-Any-Recipient” and make sure the permission “ms-Exch-SMTP-Accept-Authoritative-Domain-Sender” exists.

    Please refer to the following command:

    Get ad permission:

    Get-ReceiveConnector " Receive Connector Name " | Get-ADPermission | fl identity, user, extendedrights

    Add ad permission:

    Get-ReceiveConnector “Receive Connector Name” | Remove -ADPermission -User “NT AUTHORITY\ANONYMOUS LOGON” -ExtendedRights “Ms-Exch-SMTP-Accept-Any-Recipient”

    For more detailed information please see: https://technet.microsoft.com/en-us/library/jj673053(v=exchg.150).aspx

    Hope it helps.


    Jason Chao
    TechNet Community Support


    Please remember to mark the replies as an answer if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Wednesday, September 21, 2016 8:59 AM
  • i have addred this entry but still i am able to send SMTP messages from this application connector.

     Get-ReceiveConnector "Application Relay Connector" | Remove-ADPermission -User “NT AUTHORITY\ANONYMOUS LOGON” -ExtendedRights “Ms-Exch-SMTP-Accept-Any-Recipient”

    Wednesday, September 21, 2016 9:56 AM
  • Hi,

    We need to give required authentication to this anonymous users account for this connector. 

    For the detailed steps, please refer to the following article:

    http://social.technet.microsoft.com/wiki/contents/articles/21640.steps-to-configure-relay-in-exchange-2013.aspx 

    BR.


    Jason Chao
    TechNet Community Support


    Please remember to mark the replies as an answer if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Monday, September 26, 2016 3:03 AM