I'm towards the end of my Exchange 2003 to 2010 migration but before I can decommission 2003 I need to make sure our printers which use the scan to e-mail function work with 2010.
I've read through various post online, TechNet, etc. on how to create and configure a Receive Connector for Relay using both authenticated and anonymous options and still nothing works.
The printer that I'm trying to configure is a Kyocera KM-3050 which works fine with my 2003 settings but not 2010.
Anyone else have any ideas on why this would be the case? Is it because I still have the routing group connectors configured for both servers to talk to each other? I have moved PF to 2010 and deleted the PF database on 2003 but I have not deleted the Mailbox store or RUS yet.
All mail flow goes through 2010 both internal and external and all user mailboxes are on 2010 now.
I had a similar situation while migrating to Exchange 2007 for our internal mail relay. I used a DNS entry called mail.domain.org that pointed to an Exchange 2003 server. However, when I changed this DNS entry to point to an Exchange 2007 HT server some senders had problems.
I ended up taking a few steps to fully resolve the problem. 1) I created a new and dedicated receive connector. I added a new IP to the NIC and bound that IP to my new receive connector. This step is not required but I wanted to separate receive connector rather than messing with the default receive connector. 2) Get-ReceiveConnector -Identity "HubTransportServerName\New Receive Connector Name" | Add-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON" -ExtendedRights "ms-Exch-SMTP-Accept-Any-Recipient" -verbose
Those two steps resolved all but a single problem. Our communication team would send out periodic management updates. These emails have graphics. Exchange 2003 didn't care about the source of the email and passed it successfully to our Exchange 2007 servers. Our Exchange 2007 completely trusted any messages from our Exchange 2003 and the emails would be delivered successfully with all graphics included. However, when I changed the DNS entry for mail.domain.org to point directly to the Exchange 2007 HT server the graphics were removed from email sunless the Outlook client explicitly said to download the pictures. To resolve that issue (step 3) I had to configure the new connector permission group as "Exchange servers" and the authentication as TLS and Externally secured. Keep in mind that step 3 was only necessary to change the SCL to -1 so the graphics would be displayed automatically even though the email were delivered.
Here is the drawback of my configuration. I have essentially created an open internal relay so anyone on our network can deliver messages through that receive connector. If we have any internal rougeware that finds that receive connector then we take the risk of spamming the world. In my situation I have no choice because we an application that is installed on laptops that need to send out messages via mail.domain.org. Because the IPs change I have no way limit which IPs need to use mail.domain.org.
I know it was a bit lengthy but I wanted to explain how I resolved the problem and why I had to take the steps I did.
Let me know if that helps. Of course you will be doing a lot of testing before you make the change.
Rusty, thanks for the info. I've seen this command before and I've added it but before this command was used when the permissions for "Anonymous" was also used. This time I tried it the way you said and it still did not work when I tested this within the printer's settings.
But, I also tried this...I turned off the printer's authentication method and the test was successful using the Relay Connector settings, so it could be that the original receive connector we created for this would work without the dedicated IP, etc. of the new connector but I would have to turn off the authentication on the printer to work with Exchange 2010.
I'm going to test this out to see if the printers work after turning this off and go from there.
I just figured it out...it was the actual printer not Exchange 2010. I decided to turn off the printer's built-in settings for authentication and used the Exchange 2010 already configured internal connector and it worked like a charm!
Since Exchange 2010 automatically allows internal communication based on the accepted domain and e-mail address policies, I didn't have to create a relay connector. Although, I did create a Custom Receive Connector for internal SMTP use by our printers, web servers, etc. the other stuff didn't apply in my case.
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Printable Version
All Forums >> [Microsoft Exchange 2010] >> Migration >> SMTP Relay Problems 
SMTP Relay Problems - 
New Messages
No New Messages
Hot Topic w/ New Messages
Hot Topic w/o New Messages
Locked w/ New Messages
Locked w/o New Messages
Post New Thread
