By default when you install an Exchange Server 2010 Hub Transport Server it comes with two receive connectors:
- The Default Receive Connector, which is used by other SMTP Server to send SMTP messages to this particular server. When these SMTP Servers are on the Internet, and therefore are anonymous server you have to enable the "Anonymous users" on the Permission Groups on the Default Receive Connector.
- The Client Receive Connector, which is typically used by clients (like Outlook Express) to send message to other recipients. These users are authenticated users, and the client is using port 587 by default.
There are situations where you want to enable anonymous relay on your Exchange servers, for example when you have applications that require this. It is a best practice not to change the default connectors, but create new connectors for every usage.
To create a Receive Connector that can be used by anonymous, internal clients for relaying SMTP messages follow these steps:
- In the Exchange Management Console, in the Server Configuration and Hub transport, select "New Receive Connector";
- Give the connector a meaningful name, so that its usage make sense to you and your coworkers. In this example we'll use "Relay Connector" as the name for the connector;
- Select "Custom" for the intended use for the Receive Connector;
- Add the local network settings, this is the combination of IP address and port number of the Hub Transport Server;
- Add the remote network settings. These are the servers or clients that are able to relay. Please be as restrictive as possible since all IP addresses entered here will be able to relay messages through this connector!
- Finish the wizard to create the receive connector.
To enable anonymous relay on this Reveice Connector open the Exchange Management Shell and enter the following command:
Get-ReceiveConnector "Relay Connector" | Add-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON" -ExtendedRights "Ms-Exch-SMTP-Accept-Any-Recipient"
Restart the Transport Service on the Hub Transport Server and your Receive Connector is ready for anonymous relay.