Setting Internal Open Relay Exchange 2010

Setting Internal Open Relay Exchange 2010

I came across an issue recently at a client’s site. I replaced the company’s old SBS 2003 server with a new SBS 2011 server. This server has “Exchange 2010” within it. Everything seemed fine. The client had a program called “Encore Live”. It’s a system for an estate agency, a database that stores all the properties.
Unlike most programs that email out using “Outlook”, Encore wants you to add the SMTP server details within each client. With 2003 we could “authenticate” to the server using the user name and password. Not with Exchange 2010!
Encore support leveled the issue straight back at me, thankyou Encore! You’d think that they would have a crib sheet as it is “their product” that needs to integrate with Exchange 2010. They even said that Exchange Server was the problem.

So here’s the solution.
This will allow your internal network to send email out through Exchange 2010 and to external email addresses, without a username, but only as one of your email addresses.

(firstly add an additional IP address for the server under the Local Area Connection, Advanced. You’ll need the server to listen for SMTP on an address other than the main IP address you set the server up with)

1. Fire up Exchange Management Console on the server SBS2011 or Exchange 2010 Server. Click Server Configuration – then Hub Transport – New Receive Connector. Choose Custom on the wizard.

2. Name the connector something like “RelayConnector”.

3. Under network, you could leave it as I have to receive mail “on all available”. Or you could type the address you created at the start of this jop. The next bit is VERY important. You do not want to make you server an OPEN RELAY to everything. If it was just one IP address you needed, add it here. I need all the “DHCP” addresses as I have serverl PCs needing this, so I added the whole LOCAL address range 10.0.0.0/24.

4. Add the tick Externally Secured to allow your internal IP address/es open access

5. On permission groups, add Exchange servers and Anonymous. Don’t know why, it just needs it!

6. I used 10.0.0.2 for the second IP address. Simply tell the Encore clients that address to send email – no need for usernames or passwords. The same could be true with a photocopier or whatever device you need to send email. This solution will allow these devices to send out email to the internet.

About mclark

20 years, Computer Engineer. Bsc Hons Computer Science, Durham Uni.
This entry was posted in PC Support, SBS 2011. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.