1

I have set up a Exchange 2013 server on my Windows Domain network to receive and send mail both internally and externally. After a rejection by Google to receive email from my server (the reason was due to a likely hood of being spam), I checked blacklists (using mxtoolbox) and found that I was on 4 blacklists. A majority of them referenced my Exchange server as possibly being an open relay server.

How do I allow my Exchange 2013 server to accept email from all people who want to send to me without being an open relay server? I checked for tutorials and Microsoft's knowledge base, but couldn't find much. I saw that it was recommended to change settings on Receive connector, but no external senders were able to send mail to my organization.

My Setup

  • A static IP from Comcast Business (IPv4)
  • Static IP assigned to exchange server (2013) (192.168.1.30).
  • The Exchange Server's connectors all have default settings for the most part.
  • McAfee for Exchange Server 2013 (it was recently installed).
  • Domain stuck in queue in Exchange Toolbox Queue Tool.

EDIT 8/19: What I have done now is simply removed all of the receive connectors to start fresh. If I wanted to make the receive connectors I need manually, how would that work?

Kevin
  • 145
  • 3
  • 13

1 Answers1

0

On your receive connector be sure to check that right: ms-Exch-SMTP-Accept-Any-Recipient

Removing that right will make your server answer an 550 5.7.1 Unable to relay error to remote host that want to send to a email not in your enterprise.

Some admin do make multiple receive connector, and open that right to allow some device to send to external address, thus it can have some use to add that permission, but not on your main receive connector.

yagmoth555
  • 16,758
  • 4
  • 29
  • 50
  • Where would this be in Exchange 2013? I could not find this under Receive Connectors. – Kevin Aug 19 '15 at 02:52
  • @Kevin Try in powershell you will find more info, with the cmdlet "Get-ReceiveConnector "Receive Connector" | Format-List" – yagmoth555 Aug 19 '15 at 02:54
  • I have multiple receive connectors in the EAC. Which one does this get applied to? I think I"m confused haha – Kevin Aug 19 '15 at 03:04
  • I'm using the connectors that were created by default when I set up the server. My queue (in the Exchange Toolbox) shows a lot of domains that I believe should be there (I think it's sending out spam). – Kevin Aug 19 '15 at 03:21
  • *shouldn't be there – Kevin Aug 19 '15 at 03:27
  • @Kevin Check your receive connector the one that got a unrestricted ip list, like 0.0.0.0 255.255.255.255 and it got anonymous in the tab. The right I told for anonymous must be off, even if anonymous is checked in the tab – yagmoth555 Aug 19 '15 at 17:57