none
How to allow own emails from mailchimp (ms-Exch-SMTP-Accept-Authoritative-Domain-Sender)

    Question

  • Hello,

    wwe have removed  for NT AUTHORITY\Anonymous Logon extended right ms-Exch-SMTP-Accept-Authoritative-Domain-Sender in order to not accept spam emails which claim to come from internal users. Additionally we have an ISP secondary MX Record whom we allow this on a different receive connector where only that IP is added in remote network scoping.

    Also we work with spf and dkim DNS settings for mcsv.net in order to tell the outside world that emails from mailchimp (newsletter) is ok.

    But due to the above mentioned ms-Exch-SMTP-Accept-Authoritative-Domain-Sender removal for anonymous we, as ourselfs, do not accept mailchimp emails. this means, that if our marketing department sends out newsletter emails, the outside world will (hopefully all) recieve it, but not ourselfes. Can anything be done in order to allow a whole subdomain as it is mcsv.net for MailChimp, in order that our Exchange 2016 (on-premise) accepts it as well? Because spf or dkim does not fit in here, from what I can tell. and a single IP or ip address range for MailChimp might also not be avail? It can be found here https://mailchimp.com/about/ips/ but that's kind of very static (and rather large ranges too). 

    kind regards,

    Dieter Tontsch

    Wednesday, December 5, 2018 3:04 PM

Answers

  • Hi Dieter Tontsch,

    This tool "MailChimp" send emails to your server as an anonymous user, if you remove "ms-Exch-SMTP-Accept-Authoritative-Domain-Sender" from anonymous user permission group, I think it is a normal behavior for you can't receive emails from this tool.

    From this article, we cannot know the function of "ms-Exch-SMTP-Accept-Authoritative-Domain-Sender" is: allows access to the Receive connector by senders that have email addresses in authoritative domains that are configured for the Exchange organization. So, if you remove it, you will can't receive emails

    If you want to filter spam email, I think you should use a reliable mail filtering server or use EOP for it. 

    Regards,

    Kyle Xu


    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.

    Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.

    Thursday, December 6, 2018 8:15 AM
    Moderator

All replies

  • Hi Dieter Tontsch,

    This tool "MailChimp" send emails to your server as an anonymous user, if you remove "ms-Exch-SMTP-Accept-Authoritative-Domain-Sender" from anonymous user permission group, I think it is a normal behavior for you can't receive emails from this tool.

    From this article, we cannot know the function of "ms-Exch-SMTP-Accept-Authoritative-Domain-Sender" is: allows access to the Receive connector by senders that have email addresses in authoritative domains that are configured for the Exchange organization. So, if you remove it, you will can't receive emails

    If you want to filter spam email, I think you should use a reliable mail filtering server or use EOP for it. 

    Regards,

    Kyle Xu


    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.

    Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.

    Thursday, December 6, 2018 8:15 AM
    Moderator
  • Thank you for your detailed descriptionof all these ms-Exch-SMTP-Accept permissoins. I am aware that if I have set anonymous to false for authoritative domain sender, the mailchimp mails wont go through anymore. I just thouhgt there is a chance to allow this for some domains mx servers. 

    But for now I can live with the fact that I am using a differnt smtp recieve connector where anonymous is allowed to send as my own domain, and I am limiting acces to it for some certain ip addresses only.

    kind regards,

    Dieter Tontsch

    Friday, December 7, 2018 3:11 PM