Add an Exchange 2010 Receive Connector to Use a Smart Host

Having your email collected using a perimeter server and forwarded to your local network exchange server?

Did you get this error yet when sending to your exchange domain?

Reason: Remote SMTP Server Returned: 550 5.7.1 Unable to relay

Then, try adding a Receive Connector like this.

To permit a non-Exchange server to relay mail to your internal exchange server, create a new Receive Connector on the Hub Transport server.

  • Launch the Exchange Management Console, expand +”Server Configuration” and select “Hub Transport.”  Click Add new receive connector.
  • in the wizard dialog, under “Name:” enter the a descriptive name, like RelayFromPerimMail, and for Intended use, select “Custom” and click Next.
  • Enter the FQDN response from the exchange server to any ELLO or EHLO from the perimeter relay server: such as ExchMail.YourDomain.com (rather than .lan or .local). Next.
  • Delete the 0.0.0.0-255.255.225.0 network setting offered.
  • Click +Add, select IP Address. Enter the IP address of the perimeter server that is relaying mail to this exchange server.  Click OK, click Next, click New, and click Finish.
  • Your Receive Connector is created but it is not ready to allow the perimeter server to relay incoming mail to the exchange server.  You must finish configuration as follows:
  • Return to the Exchange Management Console and right click this new Receive Connector and select Properties.  Select the “Permission Groups” tab and check the box next to “Exchange servers.” Then, select the “Authentication” tab, leave the check in the checkbox next to Transport Layer Security (TLS) and also check the checkbox next to “Externally Secured” and apply these changes.
  • Now, test everything by sending a test email from gmail, yahoo or hotmail, to your local email address on the exchange server.  See if it arrives using your OWA interface.

Note:  Since the remote IP address (or range) has been restricted to the single IP address of the perimeter server, then any other servers trying to connect from a different IP addresses still will NOT be able to relay through the Exchange Server (which is as it is intended).  In other words, relay will be denied from any other IP address not included in the remote IP address/range on the Receive Connector.  If necessary, you can later try to add more IP addresses, IP ranges, or subnets to this receive connector, or possibly even add multiple IP addresses, but you may need to script this latter action.

Print Friendly, PDF & Email