locked
Anonymous connector vs anonymous access to mailbox RRS feed

  • Question

  • **Exchange newbie**

    I can "allow anonymous connections to an Exchange connector", but does that necessarily mean that this anonymous user has access to a user's mailbox?

    I'm (still) trying to troubleshoot an error I'm getting from an ASP.NET app.  It is throwinig an error "...Mailbox unavailable: The server response was 5.7.1 Client does not have permission to send as this sender at..."

    So could that mean that my anonymous connector is being used successfully, but that there is still something else going on?

    I was wondering as one more item I could try, is to possibly setup anonymous permissions on the user's mailbox?  That may be a security risk, but I'm grasping at straws at this point...

    Plain STMP telnet commands work fine from this server.  The above error must mean the ASP.NET is trying to send some credentials to the Exchange server?

    Essentially, I want to enable the "send as" permission on a particular mailbox to "everyone".

    Thursday, July 14, 2011 12:46 PM

Answers

  • Hi,

    "I can "allow anonymous connections to an Exchange connector", but does that necessarily mean that this anonymous user has access to a user's mailbox?"

    I think when allow anonymous connection to an Exchange connector, then anonymous users can send/receive via that connector.

    If you want to allow anonymous relay on a receive connector, then please have a look at the article beloe:

    Allow Anonymous Relay on a Receive Connector

    http://technet.microsoft.com/en-us/library/bb232021.aspx

    For "Send as", if you are using Exchange 2007 or Exchange 2010, then you can run the cmdlt below:

    Get-Mailbox | Add-Adpermission -User <UserName> -ExtendedRights "Send As"

    Regards,

    Xiu

    • Proposed as answer by Xiu Zhang Monday, July 18, 2011 6:05 AM
    • Marked as answer by Xiu Zhang Friday, July 22, 2011 7:12 AM
    Friday, July 15, 2011 6:57 AM

All replies

  • On Thu, 14 Jul 2011 12:46:12 +0000, Marco Shaw wrote:
     
    >
    >
    >**Exchange newbie**
    >
    >I can "allow anonymous connections to an Exchange connector", but does that necessarily mean that this anonymous user has access to a user's mailbox?
     
    No.
     
    >I'm (still) trying to troubleshoot an error I'm getting from an ASP.NET app. It is throwinig an error "...Mailbox unavailable: The server response was 5.7.1 Client does not have permission to send as this sender at..."
    >
    >So could that mean that my anonymous connector is being used successfully, but that there is still something else going on?
    >
    >I was wondering as one more item I could try, is to possibly setup anonymous permissions on the user's mailbox? That may be a security risk, but I'm grasping at straws at this point...
    >
    >Plain STMP telnet commands work fine from this server. The above error must mean the ASP.NET is trying to send some credentials to the Exchange server?
     
    Access to a mailbox requires authentication. Access to a mailbox isn't
    using SMTP. And ASP isn't using SMTP.
     
     
    >Essentially, I want to enable the "send as" permission on a particular mailbox to "everyone".
     
    "Send As" is an AD permission. You should be able to use ADUC to do
    that. I don't know _why_ you'd want to do that, either. Is the
    credential you use to open the mailbox the one used by the AD user
    (the owner of the mailbox)?
     
    ---
    Rich Matheisen
    MCSE+I, Exchange MVP
     

    --- Rich Matheisen MCSE+I, Exchange MVP
    Friday, July 15, 2011 2:09 AM
  • Hi,

    "I can "allow anonymous connections to an Exchange connector", but does that necessarily mean that this anonymous user has access to a user's mailbox?"

    I think when allow anonymous connection to an Exchange connector, then anonymous users can send/receive via that connector.

    If you want to allow anonymous relay on a receive connector, then please have a look at the article beloe:

    Allow Anonymous Relay on a Receive Connector

    http://technet.microsoft.com/en-us/library/bb232021.aspx

    For "Send as", if you are using Exchange 2007 or Exchange 2010, then you can run the cmdlt below:

    Get-Mailbox | Add-Adpermission -User <UserName> -ExtendedRights "Send As"

    Regards,

    Xiu

    • Proposed as answer by Xiu Zhang Monday, July 18, 2011 6:05 AM
    • Marked as answer by Xiu Zhang Friday, July 22, 2011 7:12 AM
    Friday, July 15, 2011 6:57 AM