My best practice is to create another custom receive connector for anonymous users instead of using the default one, where you can limit by source IP address who will be able to anonymously relay emails. To do so you will have to grant anonymous connections extended right to accept any recipient email address (for example we have created new receive connector "AnoRel") :
Get-ReceiveConnector "AnoRel" | Add-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON" -ExtendedRights "Ms-Exch-SMTP-Accept-Any-Recipient"
More on this topic on http://technet.microsoft.com/en-us/library/bb232021.aspx
Get-ReceiveConnector "AnoRel" | Add-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON" -ExtendedRights "Ms-Exch-SMTP-Accept-Any-Recipient"
More on this topic on http://technet.microsoft.com/en-us/library/bb232021.aspx
No comments:
Post a Comment