[<< Full list of Exchange Server & Outlook tips.]
 
 
Exchange Server 2010: Configure Exchange Server to Permit Anonymous Relay from a Specific IP Address
 
This feature is useful (as an example) if you want to allow a device on your network such as a printer sitting at 192.168.0.25 to send notifications through your Exchange Server at 192.168.0.10.  Or, you might want to configure relay so that your outsourced spam filtering service can send messages through your Exchange Server.
 
Set up a new Receive Connector on the Hub Server to allow relaying.

1. Expand Server Configuration from the Exchange Management Console
    
2. Choose Hub Transport from the server roles list.
    
3. In the Details Pane choose the appropriate hub transport server.
    
4. In the Properties Pane, right click in the Receive Connectors tab and choose New Receive Connector.
    
5. Give the connector a friendly name such as Printer Relay, select the intended use (internal, Internet, etc) and choose Next.
    
6. In the Local Network page: If you haven’t made any customization to the IP settings of the Hub Server, keep the defaults. Otherwise, use the settings appropriate for your Exchange Server.
    
7. Click New and then Finish on the Completion page.
    
8. Open the newly created connector in the bottom, Properties Pane and go into the Network tab.
    
9. Remove the default entry from the Remote Servers section, and then add the IP address or range from which you want to permit relay.  In our printer example, this would be 192.168.0.25.
    
10. In the Permission Groups tab, select Anonymous users and click OK.

Having completed the previous steps, you now need to set permissions on the connector using the Exchange Management Shell.

1. Open the Exchange Management Shell from Start -> Programs -> Microsoft Exchange Server -> Exchange Management Shell.
    
2. Type the following command, all on one line, replacing <ConnectorName> with the friendly name of the connector that you just created:
   Get-ReceiveConnector "<ConnectorName>" | Add-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON" -ExtendedRights "ms-Exch-SMTP-Accept-Any-Recipient"
    
   In our printer example, replace <ConnectorName> with Printer Relay:
   Get-ReceiveConnector "Printer Relay" | Add-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON" -ExtendedRights "ms-Exch-SMTP-Accept-Any-Recipient"
    
3. You should see the results screen indicating success.

Your printer (or whatever is at the IP address/range you've configured) should now be able to relay through your Exchange Server.