Exchange 2010 Receive Connector Anonymous Users


  • I have a exchange 2010 server setup. My receive connector has anonymous users checked . From what i think someone is relaying using my server(as there are tons of emails in the queue). When i disable the anonymous users the emails stop. But then i cant send emails from my outlook, they just sit in the queue.

    Can someone explain what is going on?
    Saturday, February 20, 2010 4:24 AM

All replies

  • Is this server receiving email directly from the internet? If so, make sure your "Accepted Domains" are correctly populated.

    By default, disabling "anonymous users" on your HUB, shouldn't prevent internal users from sending emails as they do not connect to the HUB servers.

    Give me a better overview of your topology.

    Casper Pieterse, Principle Consultant - UC, Dimension Data South Africa, Microsoft Certified Master: Exchange 2007
    Saturday, February 20, 2010 1:25 PM
  • Hi Macky .

    Leme Explain to you What I understand.

    1)My receive connector has anonymous users checked . (This allows your exchange to simply accept emails from Internat  from all users as you dont know that who wil be Sending you emails   )

    A Receive connector that's configured to accept e-mail from all domains is created automatically when the Edge Transport server role is installed.

    2)From what i think someone is relaying using my server(as there are tons of emails in the queue).

    "So you can Now Understand that It is not depending on this tht some one is Relaying emails through your Server"

    Now Let us first Understand that how can someone use our server to Relay Email.

    Eg i have an Edge transport Server Deployed.Now eg I am in another company and i want to use your Edge transport Server to relay your Email than I would configure your Edge transport Server As a Smart host. and on your Edge transport Server You would Configure a Conector to accept my Emails.
    Now I would Only do the Above when I dont have my Edge Server Published Else it would be Stupidity on my behalf ..... So i assume if he is using to send emails tahn also he would be using your Edge to Receive emails.
    So Check the Accepted Domain (These are those Domains for which your Edge Receive Emails.)
    3)When i disable the anonymous users the emails stop

    Are you doing this on the Hub Receive Connectors ?

    I would Appreciate if Casper can also give his Feedback in this.

    Fazal M Khan

    Sunday, February 21, 2010 9:01 AM
  • Ok so on my hub transport receive connector when i have anonymous checked i see alot of spam going out in the queue. When i disable it i am able to send but not receive.

    I have multiple accepted domains all authoritative.

    This is a link to an on going conversation about the situation.
    Monday, February 22, 2010 9:18 PM
  • Thank you for Your Reply here macky.

    About your Hub Transport Receive connector you have anonymous checked (It has to do nothing with the SPAM going out from your Exchange server)

    You see alot of Spam going out as you can see in the Queue (Can you please check in the queue that most of the emails which are being sent are from which DOMAIN?)

    My concern is that Have you enabled SMTP Rely on your Exchange Server ?(which enables anonymous users to send email using your exchange server without having the account in your Exchange Organization)
    There are many spamers that use port scanning to list down all the exchnage servers that have SMTO relly open and than they send email using that.
    Tuesday, February 23, 2010 5:45 AM