none
Help with setting up authenticated external mail relay through our on-premises exchange 2013 servers RRS feed

  • Question

  • I need to configure external smtp relay with authentication on exchange 2013 server.
    I went through the article below :

    https://practical365.com/exchange-server/exchange-2016-smtp-relay-connector/

    This article explains how to setup external SMTP Relay with Exchange Server 2016 Using Authentication, but I guess it is still relevant to exchange 2013. Is that correct?

    So I tested the external relay by using the "Send-MailMessage" powershell command and using port 587 (without ssl switch as we don't have cert on that connector).
    It did not succeed without credential as expected and succeeded with credential as expected.

    On-premises exchange servers send to office 365 and then it should go out to internet. 
    How can I get confirmation that it was using “SERVERNAMEClient Frontend SERVERNAME” connector for receive.
    If I enable "RequireTLS" on this connector then are there any issues I should be aware of?

    And which send connector it is using to send out to Office 365.
    As per the article below it should be going through the send connector that is set to use "<OurDomain>-com.mail.protection.outlook.com":-
    https://docs.microsoft.com/en-us/exchange/mail-flow-best-practices/use-connectors-to-configure-mail-flow/set-up-connectors-to-route-mail

    I need to ensure that TLS 1.2 is used between on-premises exchange and office 365. Thus I need to ensure which connector it is going through.

    Thursday, April 11, 2019 8:21 PM

All replies

  • You need a certificate to do SSL.

    If you have a hybrid configuration, mail outbound to Office 365 should use the hybrid send connector.  Otherwise, it depends on how your send connectors are configured, and I can only guess at that.

    You can verify TLS by looking at he headers of a message sent over the route in question.


    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
    Celebrating 20 years of providing Exchange peer support!

    Friday, April 12, 2019 2:47 AM
    Moderator
  • Hi,

    Agree with Ed Crowley, and add more suggestions.

    What's the detailed information about your environment? Is it a hybrid environment?

    If you want to know which connector is used to receive or send messages, you can check the message tracking log:

    Get-MessageTrackingLog -MessageSubject <subject> -Sender <sender address>|select timestamp,EventID,Source,ConnectorID

    ConnectorID paramater displays the name of the source or destination Send connector or Receive connector.

    If you want to know more about message tracking log, you can check:Message tracking

    Regards,

    Lydia Zhou


    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.

    Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.

    Friday, April 12, 2019 8:21 AM
    Moderator
  • If you want to verify which connectors are being used, I typically enable logging on those connectors and then review the logs. The SMTP logs will show which connector is being used for send and receive.

    The following link describes how to enable protocol logging and the log file locations:


    Byron Wright (http://byronwright.blogspot.ca)

    Friday, April 12, 2019 9:07 PM
  • Hi,

    Is there any update on this thread?

    If you have solved your problem, don't forget to mark it as answer, this will be easy for other community members to find the useful one. Thanks for your understanding.

    Regards,

    Lydia Zhou


    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.

    Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.

    Tuesday, April 16, 2019 8:33 AM
    Moderator