1) Create the connector
In exchange management console. expand Server Configuration, click Hub Transport. On the right, select the hub transport server that will relay. In the Action pain, click "New Receive Connector". Give it a name, something intuitive preferable. "Anonymous Relay" is good one :) Click Next.
You can leave the next screen alone, unless you plan to use a different IP address for this relay.
Next you need to specify what IP addresses will be allowed to relay through this connector.
Select the default range listed and click Edit. If you are using a single IP address, enter the same address in the start address and end address.
Click OK and then Next. Click New and then Finish to complete this process.2) The next step actually enables the anonymous relay.
Right-click the new receieve connector, and select properties. One the Authentication Tab remove all the existing ticks and place a tick in the "Externally Secured (for example IPsec)" box. On the Permission group Tab, select Anonymous and Exchange Servers only. Click OK.
Close the exchange management console and open the exchange management shell.
type in the following :
Get-ReceiveConnector "Receive Connector Name" | Add-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON" -ExtendedRights "Ms-Exch-SMTP-Accept-Any-Recipient"
That's it. The ip addresses you specified in the receive connector will be able to relay to any domain.
Posts
