none
External Email Relay

    Question

  • Hi,

    Running Exchane 2013.

    So we have internal email relaying working (network equipment bouncing of our exchange server) but we have a software product being hosted outside of our organization that needs to relay off our exchange server.  What are the proper steps for this?  All I can find is anonymous relaying.  I am guessing, they are going to need a domain account for this work.  Would like to get some best practice steps if possible.

    TIA

    Thursday, August 30, 2018 9:51 PM

All replies

  • your software needs to send mails only to your internal recipients or external recipients as well?

    if only internal recipients, the external software simply can send all the mails to your mx record with a mail from address a little bit different from your own address like @noreply.mydomain.com

    if you have to send mails with your mydomain.com to external recipients... things start to get a little bit tricky.. as i read your environment is not hybrid or o365 so i suggest you have to publish your smtp endpoint on your exchange to authenticate with an internal mailbox user - like you would if you have imap / pop implemented... this way you don't need to allow anonymous relaying - as you dont want your exchange to be part of a spam zombi ;-)

    anonymous relay is okay if you protect it on an ip base and only allow it from internal - if possible.


    Please remember to mark the replies as answers if they helped.

    Thursday, August 30, 2018 9:59 PM
  • Hi,

    Running Exchane 2013.

    So we have internal email relaying working (network equipment bouncing of our exchange server) but we have a software product being hosted outside of our organization that needs to relay off our exchange server.  What are the proper steps for this?  All I can find is anonymous relaying.  I am guessing, they are going to need a domain account for this work.  Would like to get some best practice steps if possible.

    TIA

    Why does it need to relay?
    Thursday, August 30, 2018 10:04 PM
  • Hi,

    Have you tried this one? 

    External SMTP Relay with Exchange Server 2016

    Thursday, August 30, 2018 11:46 PM
  • Please understand these definitions.

    Relay = Accept mail for recipients outside your Exchange organization, including the cloud if you're in hybrid.

    Submission = Accept mail for recipients inside your Exchange organization.

    In general, you don't have to do anything for submission unless you've locked down the default receive connector.  Submission is relatively benign.

    Relay is dangerous because spammers use it to send their spam off your server, causing you to be blacklisted, which is why you want to lock down relay connectors.

    I would be surprised if your software product hosted outside really needs to relay.


    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
    Celebrating 20 years of providing Exchange peer support!

    Friday, August 31, 2018 12:57 AM
    Moderator
  • Please understand these definitions.

    Relay = Accept mail for recipients outside your Exchange organization, including the cloud if you're in hybrid.

    Submission = Accept mail for recipients inside your Exchange organization.

    In general, you don't have to do anything for submission unless you've locked down the default receive connector.  Submission is relatively benign.

    Relay is dangerous because spammers use it to send their spam off your server, causing you to be blacklisted, which is why you want to lock down relay connectors.

    I would be surprised if your software product hosted outside really needs to relay.


    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
    Celebrating 20 years of providing Exchange peer support!

    Yea and if an external app needs to send as your domain to external users, you add that sending IP to your SPF record and send directly to those users, you dont relay.
    Friday, August 31, 2018 1:39 AM