Home » Exchange Server 2016 » Configuring Receive Connector in Exchange 2016

Translate:

Archives

Configuring Receive Connector in Exchange 2016

Exchange Server 2016 use Receive Connectors to control Inbound SMTP connections from :

 

      • Messaging Servers that are External to Exchange Organization.
      • Services in the Transport Pipeline on the local or on Remote Exchange Servers.
      • Email Clients that need to use Authenticated SMTP to Send messages.

 

A Receive connector listens for inbound connections that match the configuration settings of the connector. Each Receive connector on the Exchange server uses a unique combination of local IP address bindings, TCP ports, and remote IP address ranges that define if and how connections from SMTP clients or servers are accepted.

Although the default Receive connectors are adequate in most cases, you can create custom Receive connectors for specific scenarios. For example:

 

      • To apply special properties to an email source, for example, a larger maximum message size, more recipients per message or more simultaneous inbound connections.
      • To accept encrypted mail by using a specific TLS certificate.

 

 

On Mailbox servers, you can create and manage Receive connectors in the Exchange admin center (EAC) or in the Exchange Management Shell. On Edge Transport servers, you can only use the Exchange Management Shell.

 

 

Receive connector changes in Exchange 2016

 

These are the notable changes to Receive connectors in Exchange 2016 compared to Exchange 2010:

      • The TlsCertificateName parameter allows you to specify the certificate issuer and the certificate subject. This helps minimize the risk of fraudulent certificates.
      • The TransportRole parameter allows you to distinguish between frontend (Client Access) and backend connectors on Mailbox servers.

 

 

Configuring Receive Connector in Exchange 2016

 

Login to EAC (Exchange Admin Center)

 

Click Mail Flow -> Receive Connector  -> Select the Server (as it’s coexistence I’ve selected Exch2016)

 

RCEXCH2016-1

 

 

Here you can view default Receive Connectors list

Select the EXCH2016

 

RCEXCH2016-2

 

Click Add+

 

RCEXCH2016-3

 

Type the Name for the New Receive Connector and select the Server

 

Role : Choose “Frontend Transport”

 

Type : “Custom (For example, to allow the application Relay” as shown below:

 

RCEXCH2016-4

 

Click Next

 

Now Under Network Adapter Bindings, “DO NOT Change anything leave it as it is”

 

Click Next

 

RCEXCH2016-5

 

Remote Network Settings:

 

RCEXCH2016-6

 

Take off the full range, in case if you assign the IP address  without removing the full range you will get error message that IP Conflict with local IP address.

 

So it would be good if you remove the full range and assign the IP address.

 

RCEXCH2016-7

 

Click Save.

 

RCEXCH2016-8

 

Click Finish.

 

RCEXCH2016-9

 

Now select the Receive Connector that you have configured

 

Click Edit

 

General

Security

Scoping

 

General

 

RCEXCH2016-10

 

Security

 

Security ->  “Choose Anonymous Users” ->  Under Permissions Group

 

RCEXCH2016-11

 

RCEXCH2016-12

 

Click Save.

 

Using Management Shell

 

Creating Receive Connector using cmdlts

 

Command :

 

New-Receiveconnector -Name “Capsicum Network” -RemoteIPRange (“192.168.10.131″,”192.168.10.132”) -TransportRole “FrontendTransport” -Bindings (“0.0.0.0:25”) -usage “Custom” -Server “EXCH2016”

 

RCEXCH2016-13

 

After creating the connector assigning permissions using Shell:

 

Assigning permissions:

 

Command :

 

Set-ReceiveConnector -identity “EXCH2016\CapsicumGraphics” -PermissionGroups “AnonymousUsers”

 

RCEXCH2016-14

 

Enabling for Open Relay

 

Command :

 

Get-ReceiveConnector “CapsicumGraphics” | Add-ADPermission -User “NT Authority\ANONYMOUS LOGON” -ExtendedRights “Ms-Exch-SMTP-Accept-Any-Recipient”

 

RCEXCH2016-15

 

For Troubleshooting we need to enable Logging in Relay Connector for Analyzing the logs.

 

Note: Do not assign the permissions to Default Receive Connector at any cost, because the server will become open relay and spammer will start hacking the server.

 

For More Info : Permissions on Receive Connector

 

Praveen Kumar

MCTS, MCITP | Exchange Server

Publisher @ Techrid.com

 


Leave a comment

Translate »