locked
Exchange 2013 Open Relay to specific IP Configuration RRS feed

  • Question

  • Trying to setup an open relay for a few network devices to send email through my Exchange 2013 server. Does anyone know the correct configuration for an open relay in Exchange 2013? I've tried countless configurations of Allowed devices and Security settings and nothing has worked. 
    Tuesday, May 28, 2013 4:47 PM

Answers

  • Thanks for the replies but I found the answer on my own after lots of trial and error.

    A client of mine has an Exchange 2007 and Exchange 2013 coexistence setup currently as we are migrating all users to Exchange 2013. I ran into a relay problem when I created a relay for printers and apps to send through the Exchange 2013 server. When I created a receive connector with the Hub Transport role. Scope was set to allow only traffic from certain IPs on port 25. Authentication was set to Externally secured and permissions was set for Exchange server, per Microsoft recommendation. Well this setup broke SMTP traffic between Exchange 2007 and Exchange 2013. 

    The correct settings I found was to create a Receive connector with the same settings as above, but the receive connector must be a FrontendTransport role receiver. Mail flow was not broken between exchange servers and printers/apps were able to send through the relay receive connector.

    • Marked as answer by Erik1783 Wednesday, June 5, 2013 7:33 PM
    Wednesday, June 5, 2013 7:33 PM
  • Hi,

    You have to configure two things:

    1. Add the ip adress in the receive connector to accept connection.
    2. Add the ip adress to the white list in order no to get filtred by antispam agents.

    Good luck!

    Tuesday, May 28, 2013 6:13 PM

All replies

  • Hi,

    You have to configure two things:

    1. Add the ip adress in the receive connector to accept connection.
    2. Add the ip adress to the white list in order no to get filtred by antispam agents.

    Good luck!

    Tuesday, May 28, 2013 6:13 PM
  • More specifically, what are the correct settings for the security settings for the open relay? I've tried Externally secured and allow connections from "Exchange Servers" but this isn't working.
    Tuesday, May 28, 2013 7:41 PM
  • Hi,

    What do you mean exactly by open relay?

    From wikipedia : An open mail relay is an SMTP server configured in such a way that it allows anyone on the Internet to send e-mail through it, not just mail destined to or originating from known users. Is it really your case?

    If you have only some custom applications/devices that will sends emails internal/external recepients it is not an open relay.

    Does your devices pass throw an antispam/ mail relay before reaching your exchange server?

    Any way there are two config to do as i mentionned in my upper post(receive connector connector/antispam agents).

    Tuesday, May 28, 2013 8:07 PM
  • I have some devices/applications internally that need to send externally through the Exchange server. No firewall between devices and Exchange server.
    Tuesday, May 28, 2013 8:14 PM
  • First thing to do :

    In the EAC, navigate to Mail flow > Send connectors or Mail flow > Receive connectors. and add your devices IP adress to the receive connector as allowed remote address.

    Does you devices support SMTP auth? if not you need to allow the anonymous users to connect to the receive conenctor you configured.

    • Now you try sending emails.
    • If it doesn't work it is most likely related to antispam features (Exchange integrated antispam agents). you can adjust antispam feature to allow your devices to send email without getting blocked.
    Tuesday, May 28, 2013 8:30 PM
  • Thanks for the replies but I found the answer on my own after lots of trial and error.

    A client of mine has an Exchange 2007 and Exchange 2013 coexistence setup currently as we are migrating all users to Exchange 2013. I ran into a relay problem when I created a relay for printers and apps to send through the Exchange 2013 server. When I created a receive connector with the Hub Transport role. Scope was set to allow only traffic from certain IPs on port 25. Authentication was set to Externally secured and permissions was set for Exchange server, per Microsoft recommendation. Well this setup broke SMTP traffic between Exchange 2007 and Exchange 2013. 

    The correct settings I found was to create a Receive connector with the same settings as above, but the receive connector must be a FrontendTransport role receiver. Mail flow was not broken between exchange servers and printers/apps were able to send through the relay receive connector.

    • Marked as answer by Erik1783 Wednesday, June 5, 2013 7:33 PM
    Wednesday, June 5, 2013 7:33 PM
  • Thanks for the replies but I found the answer on my own after lots of trial and error.

    A client of mine has an Exchange 2007 and Exchange 2013 coexistence setup currently as we are migrating all users to Exchange 2013. I ran into a relay problem when I created a relay for printers and apps to send through the Exchange 2013 server. When I created a receive connector with the Hub Transport role. Scope was set to allow only traffic from certain IPs on port 25. Authentication was set to Externally secured and permissions was set for Exchange server, per Microsoft recommendation. Well this setup broke SMTP traffic between Exchange 2007 and Exchange 2013. 

    The correct settings I found was to create a Receive connector with the same settings as above, but the receive connector must be a FrontendTransport role receiver. Mail flow was not broken between exchange servers and printers/apps were able to send through the relay receive connector.

    Creating one with FrontEndTransport was also what did it for me. Thank you!
    Friday, June 14, 2013 9:12 AM
  • Here's some more information that might be helpful,

    Exchange 2013 - Allowing a Host/IP to Relay Mail


    Pete


    Regards Pete Long http://www.petenetlive.com

    Wednesday, December 4, 2013 1:31 PM