Re: Exchange 2007 - Sending to External Domains
- From: Smurfman <smurfman@xxxxxxxxxxxxxx>
- Date: Fri, 9 Feb 2007 07:27:01 -0800
Chace,
I re-read your post here...and kind of understand.
By deafult, the Exch2007 install created Receive Connectors, two of them.
1) Default EXCH2007-SERVER -
a) Configured to user (All Available) IP addresses on port 25 to receive
mail (located on the top portion of the Network Tab)
b) Configured to receive mail from remote servers with IP address
0.0.0.0-255.255.255.255 (also on the NEtwork Tab)
c) Authentication by default was TLS checked, Basic only after TLS checked,
Exchange Server auth is checked, and Integrated Windwos checked.
d) The permissions tab by default was Exchange Users, Exchange Servers, and
Legacy Exchange Servers...I have since added Anonymous to see if this would
make a change....obviously I am still missing something.
2) The other Receive connector is the one Created by default fro Client
EXCH2007-SERVER
a) Same network settings as the Default server settings, except the port is
587 instead of 25.
b) Authentication Tab - TLS, Basci after TLS, and Integrated Winodws Auth
all checked.
c) Finally the Permissions tab is Exchange Users, Exchange Servers, and
Legacy Exchange Servers.
I think the issue I am having is directly related to the External SMTP
server (the relay server using Virtual SMTP) not allowing the connection to
take place, since the Send Connector is trying to pass credenctials? Or the
receive connector is expecting credencials?
Thanks
J
"chace zhang" wrote:
Hi,.
Thank you for posting here.
Based on my research, to establish Internet mail flow through Exchange
Hosted Services or a third-Party SMTP gateway, you create a Send connector
and a Receive connector between the Hub Transport servers in the Exchange
organization and the external SMTP servers that process and route Internet
e-mail.
The following authentication methods can be used in this scenario:
Basic authentication The Exchange Hub Transport servers and the external
SMTP servers authenticate by using Basic authentication. A user name and
password is required. This authentication method is unavailable for
Exchange Hosted Services.
Externally secured: The network connection between the Hub Transport
servers and the external SMTP servers is secured by using a method that is
external to Exchange.
Before you start this procedure, verify that the following prerequisites
are met:
If you are using Basic authentication, a domain account must exist in the
Active Directory forest to use for Basic authentication. For example,
create a domain user account that has the universal principal name (UPN)
smtpgateway@xxxxxxxxxxx as the credentials that must be used for
authentication by the SMTP gateway when delivering mail to the Exchange
servers in the Contoso domain.
If you are using Basic authentication over TLS, the target server must be
configured to use an X.509 certificate that contains a fully qualified
domain name (FQDN) that is the same as the FQDN of the Receive connector.
If you are using external authentication, a trusted network connection must
exist between the Hub Transport server and the SMTP gateway server. This
connection can be an IPsec association or virtual private network (VPN).
Alternatively, the servers may reside in a trusted physically controlled
network.
To establish mail flow to and from the Internet through Exchange Hosted
Services or a third-party SMTP gateway, follow these steps:
Create a Send connector on the Hub Transport server to send e-mail to
Exchange Hosted Services or the third-party SMTP gateway.
Create a Receive connector on the Hub Transport server to receive e-mail
from Exchange Hosted Services or the third-party SMTP gateway.
Note:
This step is optional. An additional Receive connector is only required if
you are using external authentication. If Basic authentication is used, the
default Receive connector will accept e-mail submissions from the
authenticated SMTP gateway.
Configure the external SMTP gateway server to route and process e-mail to
and from your Hub Transport servers.
The following procedure establishes Internet mail between an Exchange 2007
Hub transport server in the Contoso.com Active Directory forest and an
external SMTP gateway.
Procedure
To create Internet connectors that are configured to send e-mail between an
Exchange 2007 Hub Transport server and an external SMTP gateway by using
Basic authentication
To use the Exchange Management Console to create the Send connector from
Contoso.com to the Internet through an external SMTP gateway, follow these
steps:
1.Open the Exchange Management Console. Expand Organization Configuration,
click Hub Transport, and then, in the action pane, click New Send connector.
2.On the New SMTP Send Connector wizard Introduction page, in the Name
field, type a unique name for the connector.
3.From the Select the intended use for this connector drop-down list,
select Custom, and then click Next.
4.On the Address Space page, click Add. In the Add Address Space dialog
box, type "*" for the name of the remote SMTP domain, and then click Next.
5.On the Network Settings page, only the Route all mail through the
following smart hosts: setting can be selected. Click Add.
6.In the Add Smart Host dialog box, in the IP address or Fully qualified
domain name (FQDN) field, type the IP address or FQDN of the external SMTP
gateway server, and then click OK. To specify more than one SMTP gateway as
a smart host, click Add and enter additional IP addresses or FQDNs, and
then click Next.
7.On the Smart host security settings page, select Basic Authentication or
Basic Authentication over TLS, type the user name and password that will be
used to authenticate the connection, and then click Next.
8.On the Source Server page, click Add. In the Select Hub Transport and
subscribed Edge Transport servers dialog box, select one or more Hub
Transport servers in your organization, click OK, and then click Next.
9.On the New Connector page, click New, and then on the Completion page,
click Finish.
To create Internet connectors that are configured to send e-mail between an
Exchange 2007 Hub Transport server and an external SMTP gateway by using
external authentication
Create a Send connector by using the following method:
To use the Exchange Management Console to create the Send connector from
Contoso.com to the SMTP gateway, follow these steps:
1.Open the Exchange Management Console. Expand Organization Configuration,
click Hub Transport, and then in the action pane, click New Send connector.
2.On the New SMTP Send connector wizard Introduction page, in the Name
field, type a unique name for the connector. From the Select the intended
use for this connector drop-down list, select Internal, and then click Next.
3.On the Address Space page, click Add. In the Add Address Space dialog
box, type "*", and then click Next.
4.On the Network Settings page, only the Route all mail through the
following smart hosts: setting can be selected. Click Add.
5.In the Add Smart Host dialog box, in the IP address or Fully qualified
domain name (FQDN), type the IP address or FQDN of the SMTP gateway server,
and then click OK. To specify more than SMTP gateway server as a smart
host, click Add and enter additional IP addresses or FQDNs, and then click
Next.
6.On the Smart host security settings page, select Externally Secured (for
example with IPsec), and then click Next.
7.On the Source Server page, click Add. In the Select Hub Transport and
subscribed Edge Transport servers dialog box, select one or more Hub
Transport servers in your organization, click OK, and then click Next.
8.On the New Connector page, click New, and then on the Completion page,
click Finish.
Create a new Receive connector by using following method:
To use the Exchange Management Console to create the Receive connector for
Contoso.com to receive mail from an external SMTP gateway, follow these
steps:
1.Open the Exchange Management Console. Expand Server Configuration, click
Hub Transport, and then in the action pane, click New Receive Connector.
2.On the New SMTP Receive Connector wizard Introduction page, in the Name
field, type a unique name for the connector.
3.From the Select the intended use for this connector drop-down list,
select Internal, and then click Next.
4.On the Remote Network settings page, delete the all network ranges entry,
and then click Add.
5.In the Add IP Address(es) of Remote Servers dialog box, type the IP
address of the external SMTP gateway server, click OK, and then click Next.
6.On the New Connector page, click New, and then on the Completion page,
click Finish.
7.To modify the authentication method that is used for this connector,
follow these steps:
8.In the task pane, select the Receive connector that you want to modify,
and then in the action pane, click Properties.
9.Click the Authentication tab. Clear the check boxes for Basic
Authentication and Exchange Server, select Externally Secured (for example
with IPsec), and then click OK.
To establish Internet mail flow directly through a Hub Transport server,
you create a Send connector that routes e-mail to the Internet. Also, you
modify the configuration of the default Receive connector to accept e-mail
from the Internet. In this scenario, the Exchange 2007 Hub Transport server
can be reached directly through the Internet. We don't recommend this
topology because it increases security risks by exposing to the Internet
the Exchange 2007 server and all roles installed on that server. We
recommend that you implement a perimeter network-based SMTP gateway, such
as the Edge Transport server, instead.
To establish mail flow to and from the Internet through a Hub Transport
server, follow these steps:
1.Create a Send connector on the Hub Transport server to send e-mail to the
Internet.
2.Modify the default Receive connector to allow anonymous connections.
3.Register MX resource records for all accepted domains in a public domain
name system (DNS) server.
Note:
Consult the documentation of your DNS provider for information about how to
register MX records for your domain.
4.Configure network gateways to route SMTP traffic to and from the Hub
Transport server.
The following procedure establishes mail flow directly between an Exchange
2007 Hub Transport server in the Contoso.com Active Directory forest and
the Internet.
To create a Send connector on a Hub Transport server that is configured to
send e-mail directly to the Internet
To use the Exchange Management Console to create the Send connector from
Contoso.com to the Internet, follow these steps:
1.Open the Exchange Management Console. Expand Organization Configuration,
click Hub Transport, and then in the action pane, click New Send connector.
2.On the New SMTP Send connector wizard Introduction page, in the Name
field, type a unique name for the connector. From the Select the intended
use for this connector drop-down list, select Internet, and then click Next.
3.On the Address Space page, click Add. In the Add Address Space dialog
box, type "*", and then click Next.
4.On the Network Settings page, select Use Domain Name System (DNS) to
route mail automatically. Select the check box to Use External DNS Lookup
settings. Click Next.
5.On the Source Server page, click Add. In the Select Hub Transport and
subscribed Edge Transport servers dialog box, select one or more Hub
Transport servers in your organization, click OK, and then click Next.
6.On the New Connector page, click New, and then on the Completion page,
click Finish.
To modify the configuration of the default Receive connector on a Hub
Transport server to receive e-mail directly from the Internet
To use the Exchange Management Console to modify the default Receive
connector for Contoso.com to accept anonymous e-mail from the Internet,
follow these steps:
- Follow-Ups:
- Re: Exchange 2007 - Sending to External Domains
- From: Smurfman
- Re: Exchange 2007 - Sending to External Domains
- From: Smurfman
- Re: Exchange 2007 - Sending to External Domains
- References:
- Exchange 2007 - Sending to External Domains
- From: Smurfman
- Re: Exchange 2007 - Sending to External Domains
- From: Bharat Suneja [MVP]
- Re: Exchange 2007 - Sending to External Domains
- From: Smurfman
- Re: Exchange 2007 - Sending to External Domains
- From: chace zhang
- Exchange 2007 - Sending to External Domains
- Prev by Date: Re: Exchange 2007 - Sending to External Domains
- Next by Date: Re: Exchange 2007 - Sending to External Domains
- Previous by thread: Re: Exchange 2007 - Sending to External Domains
- Next by thread: Re: Exchange 2007 - Sending to External Domains
- Index(es):
Relevant Pages
|
