I get this question a lot from customers and colleges.
What they want to be able to do is to allow anonymous relay of mail from, say, a multi-function printer to a user’s mailbox, using the printers scan to email function.
This used to be easy in Exchange 2003, you would go the relay server allow list, add the IP address of the MFP and away you would go.
In Exchange 2007 it is a little bit harder
The primary thing that we need to make sure we do here is to make sure that we do not allow relaying from external users.
Here is how to get it all rolling
1) Open the Exchange Management Console (you can do it through the shell but I’ll go through the GUI for now)
2) Expand Server Configuration
3) Select Hub Transport
4) Select the server that needs to allow anonymous relay (this will need to be done on all of your HT server’s that will act as an internal relay)
5) In the action pane click New Receive Connector
6) Give the new connector a meaningful name, I recommend “Internal Relay <Servername>
7) Ensure that Intended use is set to Custom
8) Click Next
9) Click the red X to remove the IP range that the wizard auto adds
10) Click Add
11) Type in the IP address of the server
12) Click OK
13) Click Next
14) Again remove the auto added address
15) Click Add
16) Add the address of all objects that need to relay. You can also use slash notation to include a subnet range
17) Click OK
18) Click Next
19) Click New
20) This will finish off the wizard. You will now have the newly named receive connector
21) Double click on this connector
22) Click on the Authentication Tab
23) Un check any selected items
24) Select Externally Secured and TLS
25) Click Permission Groups tab
26) Un check any selected items
27) Check the Exchange servers box
28) Click OK
29) Test as needed
Now to achieve the same results with the Exchange management shell we would execute the following command
New-ReceiveConnector -Name "Internal Relay <SERVERNAME>" -Custom -Server “Server Name” -AuthMechanism ExternalAuthoritative -Bindings 192.168.1.2:25 -PermissionGroups Exchangeservers -RemoteIPRanges 192.168.1.0/24
Posts
No comments:
Post a Comment