I often have to configure SBS 2008 (Exchange 2007) to allow mail to relay from devices like APC UPS’s, network switches, copiers and other devices or programs on the local SBS SMTP server. This is not always suggested as if you get a virus on the network or bot, it can start sending all kinds of mail via the Exchange server if it uses the IP’s you allow which can lead to other issues. But sometimes you have no choice, and this is for those no choice situations.
First, open up the Exchange Management Console, and navigate to Server Configuration, then Hub transport. You should see three connectors by default. They are:
Default, Windows SBS Fax Sharepoint Receive, and Windows SBS receive as shown below
We are going to create another connector and configure it, and do it all by the powershell.
Open up the Exchange Shell (Powershell) and type in the following command:
New-ReceiveConnector -Name RelayConnector1 -usage Custom -Bindings 192.168.1.2:25 -fqdn server.domain.com -RemoteIPRanges 192.168.1.100 -server SBSESERVERNAME -permissiongroups AnonymousUsers
Where the Bindings IP is your SBS Server IP followed by :25 (PORT 25), the fqdn is the FQDN of your Exchange Server and the RemoteIPRanges is the IP of the device you want to allow relaying to.
Next, we will assign Anonymous permissions to the connector by typing in
Get-ReceiveConnector RelayConnector1 | Add-ADPermission -User “NT AUTHORITY\ANONYMOUS LOGON” -ExtendedRights “ms-Exch-SMTP-Accept-Any-Recipient”
I suggest to also bypass the Anti-Spam filter for this, so let’s also execute the following command:
Get-ReceiveConnector RelayConnector1 | Add-ADPermission -User “NT AUTHORITY\ANONYMOUS LOGON” -ExtendedRights “ms-Exch-Bypass-Anti-Spam”
That should take care of it.
If you ever need to add additional IP’s to allow to relay, simply open up the new connector you made in the Exchange Management Console and add the IP under the Remote IP Address’s section.
Thanks, Lyle. I usually have to reinvent the wheel every time that I have to figure out how to allow a MFP or UPS relay through SBS 2008. This will save me lots of time.