Exchange Server 2016 use Receive Connectors to control Inbound SMTP connections from :
- Messaging Servers that are External to Exchange Organization.
- Services in the Transport Pipeline on the local or on Remote Exchange Servers.
- Email Clients that need to use Authenticated SMTP to Send messages.
A Receive connector listens for inbound connections that match the configuration settings of the connector. Each Receive connector on the Exchange server uses a unique combination of local IP address bindings, TCP ports, and remote IP address ranges that define if and how connections from SMTP clients or servers are accepted.
Although the default Receive connectors are adequate in most cases, you can create custom Receive connectors for specific scenarios. For example:
- To apply special properties to an email source, for example, a larger maximum message size, more recipients per message or more simultaneous inbound connections.
- To accept encrypted mail by using a specific TLS certificate.
On Mailbox servers, you can create and manage Receive connectors in the Exchange admin center (EAC) or in the Exchange Management Shell. On Edge Transport servers, you can only use the Exchange Management Shell.
Receive connector changes in Exchange 2016
These are the notable changes to Receive connectors in Exchange 2016 compared to Exchange 2010:
- The TlsCertificateName parameter allows you to specify the certificate issuer and the certificate subject. This helps minimize the risk of fraudulent certificates.
- The TransportRole parameter allows you to distinguish between frontend (Client Access) and backend connectors on Mailbox servers.
Configuring Receive Connector in Exchange 2016
Login to EAC (Exchange Admin Center)
Click Mail Flow -> Receive Connector -> Select the Server (as it’s coexistence I’ve selected Exch2016)
Here you can view default Receive Connectors list
Select the EXCH2016
Click Add “+”
Type the Name for the New Receive Connector and select the Server
Role : Choose “Frontend Transport”
Type : “Custom (For example, to allow the application Relay” as shown below:
Now Under Network Adapter Bindings, “DO NOT Change anything leave it as it is”
Remote Network Settings:
Take off the full range, in case if you assign the IP address without removing the full range you will get error message that IP Conflict with local IP address.
So it would be good if you remove the full range and assign the IP address.
Now select the Receive Connector that you have configured
Security -> “Choose Anonymous Users” -> Under Permissions Group
Using Management Shell
Creating Receive Connector using cmdlts
New-Receiveconnector -Name “Capsicum Network” -RemoteIPRange (“192.168.10.131″,”192.168.10.132”) -TransportRole “FrontendTransport” -Bindings (“0.0.0.0:25”) -usage “Custom” -Server “EXCH2016”
After creating the connector assigning permissions using Shell:
Set-ReceiveConnector -identity “EXCH2016\CapsicumGraphics” -PermissionGroups “AnonymousUsers”
Enabling for Open Relay
Get-ReceiveConnector “CapsicumGraphics” | Add-ADPermission -User “NT Authority\ANONYMOUS LOGON” -ExtendedRights “Ms-Exch-SMTP-Accept-Any-Recipient”
For Troubleshooting we need to enable Logging in Relay Connector for Analyzing the logs.
Note: Do not assign the permissions to Default Receive Connector at any cost, because the server will become open relay and spammer will start hacking the server.
For More Info : Permissions on Receive Connector
MCTS, MCITP | Exchange Server
Publisher @ Techrid.com