With SMTP Connectors, you can control the behavior of the SMTP server. There are two types of SMTP Connectors:
- SMTP Receive Connectors: Control how the SMTP Server receives messages over SMTP. In other words, how it handles SMTP client connections.
- SMTP Send Connectors: Control how the SMTP Server sends messages over SMTP. In other words, how it handles connections to other SMTP servers.
SMTP Receive Connectors
A server can have zero or more SMTP Receive Connectors, or Receive Connectors for short. You can use the Exchange Management Shell to see all the Receive Connectors, by using the following commands:
get-receiveconnector
If you want to see all the properties on those connectors, run the following command:
get-receiveconnector | fl
Every Receive Connector has a fixed set of properties. One such a property is 'Bindings'. This property is used to tell the server on what IP addresses and which TCP ports to listen for incoming client connections. The type of this property is a list of type IPBinding: MultiValuedProperty
If you create a Receive Connector, you have to specify some properties. Those mandatory properties are: Name, Type, Bindings and RemoteIPRanges. To create an Receive Connector on an Exchange 2007 SMTP server to accept email from the Internet, the typical command would be:
'Name' helps to identify the Receive Connector. 'Type' is used by 'Agents' (software that extends the functionality of the SMTP server, such as the Anti Spam Agent) to determine whether they should or should not act upon a message that comes in from this connector. 'Bindings' was explained above. 'RemoteIPRanges' determines the IP ranges (networks) that can connect to this Receive Connector. The following command would show you all the settings on this Receive Connector:new-receiveconnector -Name 'Receive from Internet'-Type FromInternet -Bindings 0.0.0.0:25 -RemoteIPRanges 0.0.0.0- 255.255.255.255
'Name' helps to identify the Receive Connector. 'Type' is used by 'Agents' (software that extends the functionality of the SMTP server, such as the Anti Spam Agent) to determine whether they should or should not act upon a message that comes in from this connector. 'Bindings' was explained above. 'RemoteIPRanges' determines the IP ranges (networks) that can connect to this Receive Connector. The following command would show you all the settings on this Receive Connector:
get-receiveconnector 'Receive from Internet' | fl
You will see many properties, one of them being:
MaxMessageSize : 10Mb
By default, all properies have values that should be safe to receive messages from the Internet. To change the value of MaxMessageSize from 10Mb to 25Mb, you would use the following command:
set-receiveconnector 'Receive from Internet' -MaxMessageSize 25Mb
If the Exchange Server 2007 SMTP Server is configured as the Edge Transport Server role (the SMTP server that is directly connected to the Internet), you would typically configure 2 Receive Connectors: 1 to receive messages from the Internet (to be delivered to your organization), and one to receive messages from your organization (to be delivered to the Internet). The only information you would really need is the IP address range for the SMTP servers in your organization. (That's it.) Suppose all the SMTP servers in your own organization would all be in the following subnet: 192.168.0.0(255.255.0.0). In that case, both receive connectors can be created with the following 2 commands:
new-receiveconnector -Name 'Receive from Internet'-Type FromInternet -Bindings 0.0.0.0:25 -RemoteIPRanges 0.0.0.0- 255.255.255.255new-receiveconnector -Name 'Receive from Organization'-Type FromEnterprise -Bindings 0.0.0.0:25 -RemoteIPRanges 192.168.0.0(255.255.0.0) -RelayControl Open
If a connection comes in on that server on 0.0.0.0:25, the SMTP server checks the remote IP address. If it is in 192.168.0.0(255.255.0.0), the connection gets served by the 2nd receive connector; the one with Name 'Receive from Organization'. The additional property 'RelayControl' is set to Open, which allows any computer in the network 192.168.0.0(255.255.0.0) to relay through the SMTP server. All other connections get served by the first Receive Connector, which doesn't allow relay. That Receive connector will only accept email messages to the Authoritative (or local) domains and Non-Authoritative (or remote) domains. In Beta 1, those domains have to be specified in the following file:
C:\Program Files\Microsoft\Exchange Server\TransportRoles\Shared\domains.config
If the Exchange Server 2007 SMTP Server is configured as the BridgeHead role (the SMTP server handles email traffic within your organization), a single Receive Connector gets created during setup. That Receive Connector should have all the settings such that email within a single Exchange Server 2007 only domain should flow securely.
2 comments:
Great post! You may want to follow up on this topic!?!
kohout insurance
Hello. And Bye.
Post a Comment