none
internal NAV2013 to relay email externaly through our internal exchange server 2013 RRS feed

  • Question

  • ello,

    We are using NAV 2013 to externally relay email outside and inside through our in house Exchange server 2013.

    I created a new Frontend connected with "TYPE" Custom and selected specific ip to configure relay through exchange server.

    Once created the Receive connectors I want only Anonymous permission to be set under permission group and not exchange users as this is allowing external 3rd party exchange server to relay emails through our exchange server.

    When i edit the properties of the exchange server to uncheck Exchange Server it gives me an error "You must set the value for the PermissionGroups parameter to ExchangeServers when you set the AuthMechanism parameter to a value of ExternalAuthoritative."

    My motive is that I want to allow only the NAV2013 to relay emails through our exchange and no other exchange server or any other application for security reasons.

    Once i created a Receive Connectors bydefault TLS is selected and then i put a tick mark on Anonymous but as soon as i save i get error "You must set the value for the PermissionGroups parameter to ExchangeServers when you set the AuthMechanism parameter to a value of ExternalAuthoritative." and it doesn't let me save unless i select Exchange Server

    I have followed the same link that you provided me.

    There is another problem as well, I have restricted a distribution group from receiving email from external to the organisation but as soon as i created this relay connectors this group starts receiving email external to the organisation which is very strange. I tested by disabling the relay connector and then sending email from gmail and then i get a bounce in gmail and the DG doesn't receive email but as soon as I enable relay connector the distribution group starts receiving email.

    I have also recreated the connector as well but still the same issue.

    Please help

    Monday, June 2, 2014 5:23 AM

Answers

  • Hi,

    1. Select the type of the connector (when you create) as FrontEnd Transport and not Hub Transport (especially if it is multi-role server, things won't work otherwise).

    2. Add your NAV IP in remote settings.

    3. Select anonymous users and DONT select externally secured. Just add the permission for anonymous users to send to internet.

    Get-ReceiveConnector “Receive Connector Name” | Add-ADPermission -User “NT AUTHORITY\ANONYMOUS LOGON” -ExtendedRights “Ms-Exch-SMTP-Accept-Any-Recipient”


    TheUCGuy.Net

    Thursday, June 5, 2014 10:55 AM

All replies

  • Hi,

    Please double check whether the "You must set the value for the PermissionGroups parameter to ExchangeServers when you set the AuthMechanism parameter to a value of ExternalAuthoritative" is an error, we can safely ignore it if it is only a warning message. 

    I found a related KB for your reference even if the Exchange server version is mismatched.

    Exchange 2010: Get-ReceiveConnector warns that an Exchange 2007 connector is corrupted and in an inconsistent state

    http://support.microsoft.com/kb/2291884

    Please double confirm the following setting:

    Authentication tab: Checked TLS and Externally Secured.

    Permission Groups: Anonymous users, Exchange Servers

    Thanks

    Mavis


    Mavis Huang
    TechNet Community Support


    • Edited by Mavis_Huang Thursday, June 5, 2014 10:30 AM
    Thursday, June 5, 2014 10:27 AM
  • Hi,

    1. Select the type of the connector (when you create) as FrontEnd Transport and not Hub Transport (especially if it is multi-role server, things won't work otherwise).

    2. Add your NAV IP in remote settings.

    3. Select anonymous users and DONT select externally secured. Just add the permission for anonymous users to send to internet.

    Get-ReceiveConnector “Receive Connector Name” | Add-ADPermission -User “NT AUTHORITY\ANONYMOUS LOGON” -ExtendedRights “Ms-Exch-SMTP-Accept-Any-Recipient”


    TheUCGuy.Net

    Thursday, June 5, 2014 10:55 AM