Microsoft Exchange Server 2010 : Configuring Hub Transport Servers (part 1)

8/5/2014 4:23:18 AM

Out of the box, Exchange Server 2010 will neither send email outside the organization nor receive email from outside. This is a big change from Exchange Server 2003, where outbound email just worked out of the box and inbound email would work if you got your DNS MX records right.

Many small and medium-sized businesses route their email directly to a single Exchange server or to a single dedicated Hub Transport server. Although this might not be the best approach for an organization with thousands of mailboxes, it works well for small businesses (fewer than 500 users). Figure 1 shows an organization that is using this simple configuration.

Figure 1. Combined function server and Internet mail

For the Exchange combined function server shown in Figure 1, your public MX record would need to point to a single Internet-facing host (such as mail1.somorita.com shown in the figure), and the SPF record for your domain would need to indicate the correct public-facing IP address as being authorized to send mail for your domain.

You should two steps to allow this organization to send mail to and from the Internet. First, you must configure the server to accept anonymous connections from the Internet; second, you must configure the server to know how to send mail to the Internet.

1. Configuring the Default Receive Connector

An Exchange 2010 Hub Transport server has two receive connectors (Client and Default). You can think of the receive connector as being something similar to the Exchange 2003 SMTP virtual servers except the SMTP services in Exchange 2010 are handled by the Microsoft Exchange Transport service (MSExchangeTransport) rather than the IIS SMTP service.

The Client receive connector is intended to be used by POP3 or IMAP clients; it listens on TCP port 587 and allows only Exchange-enabled users to authenticate (yes, they must provide credentials) to use this connector.

The Default receive connector is intended for use by other SMTP servers, but out of the box it will not accept connections from any SMTP client or other server that does not provide credentials. You can find the Default receive connector for each Hub Transport by using the EMC to navigate to Server Configuration Hub Transport, select the appropriate server in the details pane (the middle pane), and then select the receive connector in the work pane. Right-click on the receive connector and choose Properties.

On the Permission Groups tab (shown in Figure 2), you can see who is allowed to connect to this particular receive connector. The Anonymous Users check box is cleared by default and thus will only allow authenticated connections.

Figure 2. Configuring the receive connector

For your Hub Transport server to accept mail from the outside world or from a third-party message hygiene system, you must check the Anonymous Users check box.

The General tab (shown in Figure 3) for the Default receive connector has some additional options you might want to consider setting. These include the protocol logging level (either None or Verbose), the fully qualified domain name that remote clients will see when connecting, and the maximum message size.

There are few items that we feel are noteworthy on the General tab. The first, and probably the most useful, is the protocol logging level. Sooner or later, you will have to diagnose a problem when receiving inbound email from the outside. You will have to enable protocol logging on each Hub Transport server that receives inbound SMTP mail from outside your organization. You can view each Hub Transport server's receive logging feature using the Get-TransportServer cmdlet; here is an example for server HNLEX05:

Get-TransportServer HNLEX05 | FL *receiveprotocol*

ReceiveProtocolLogMaxAge : 30.00:00:00
ReceiveProtocolLogMaxDirectorySize : 250 MB (262,144,000 bytes)
ReceiveProtocolLogMaxFileSize : 10 MB (10,485,760 bytes)
ReceiveProtocolLogPath : C:\Program Files\Microsoft
\Exchange Server\V14\TransportRoles\Logs\ProtocolLog\SmtpReceive

Figure 3. General tab for the Default receive connector

A maximum of 250 MB worth of logs are kept and the log file sizes are no more than 10 MB. The receive log files are stored in the C:\Program Files\Microsoft\Exchange Server\V14\TransportRoles\Logs\ProtocolLog\SmtpReceive folder, though you can change any of these using the Set-TransportServer cmdlet.

Next is the FQDN that will be returned when clients connect to this server. Note in Figure 3 that this is currently hnlcf01.ithicos.local; while this should not cause any sort of mail delivery issues for you, it does expose your internal server name and internal domain name. Here is an example of the banner that is presented to a client when it connects to an Exchange server:

220 HNLCF01.ithicos.local Microsoft ESMTP MAIL Service ready at Sun,
18 Oct 2009 00:18:10 -0700

The third feature that is interesting on this page is the maximum message size that the receive connector will support. The default is 10 MB, which is the same as the global message size limit.

  •  Microsoft Exchange Server 2010 : Configuring Anti-Spam and Message Filtering Options (part 4) - Preventing Internal Servers from Being Filtered
  •  Microsoft Exchange Server 2010 : Configuring Anti-Spam and Message Filtering Options (part 3) - Defining Block List Exceptions and Global Allow/Block Lists
  •  Microsoft Exchange Server 2010 : Configuring Anti-Spam and Message Filtering Options (part 2) - Filtering Connections with IP Block Lists
  •  Microsoft Exchange Server 2010 : Configuring Anti-Spam and Message Filtering Options (part 1) - Filtering Spam and Other Unwanted E-Mail by Sender, Filtering Spam and Other Unwanted E-Mail by Recipien
  •  Microsoft Exchange Server 2010 : Creating and Managing Remote Domains (part 3) - Configuring Messaging Options for Remote Domains , Removing Remote Domains
  •  Microsoft Exchange Server 2010 : Creating and Managing Remote Domains (part 2) - Creating Remote Domains
  •  Microsoft Exchange Server 2010 : Creating and Managing Remote Domains (part 1) - Viewing Remote Domains
  •  Microsoft Exchange Server 2010 : Creating and Managing E-Mail Address Policies (part 3) - Editing and Applying E-Mail Address Policies , Removing E-Mail Address Policies
  •  Microsoft Exchange Server 2010 : Creating and Managing E-Mail Address Policies (part 2) - Creating E-Mail Address Policies
  •  Microsoft Exchange Server 2010 : Creating and Managing E-Mail Address Policies (part 1) - Viewing E-Mail Address Policies
    Top 10
    Free Mobile And Desktop Apps For Accessing Restricted Websites
    MASERATI QUATTROPORTE; DIESEL : Lure of Italian limos
    TOYOTA CAMRY 2; 2.5 : Camry now more comely
    KIA SORENTO 2.2CRDi : Fuel-sipping slugger
    How To Setup, Password Protect & Encrypt Wireless Internet Connection
    Emulate And Run iPad Apps On Windows, Mac OS X & Linux With iPadian
    Backup & Restore Game Progress From Any Game With SaveGameProgress
    Generate A Facebook Timeline Cover Using A Free App
    New App for Women ‘Remix’ Offers Fashion Advice & Style Tips
    SG50 Ferrari F12berlinetta : Prancing Horse for Lion City's 50th
    Popular Tags
    Video Tutorail Microsoft Access Microsoft Excel Microsoft OneNote Microsoft PowerPoint Microsoft Project Microsoft Visio Microsoft Word Active Directory Exchange Server Sharepoint Sql Server Windows Server 2008 Windows Server 2012 Windows 7 Windows 8 Adobe Flash Professional Dreamweaver Adobe Illustrator Adobe Photoshop CorelDRAW X5 CorelDraw 10 windows Phone 7 windows Phone 8 Iphone