Select Page

SMTP Relay and Exchange InternalSMTPServers

SMTP Relay and Exchange InternalSMTPServers
Advertisement

Quick Introduction

In this post, I will be talking about SMTP Relay and Exchange InternalSMTPServers, and show you what can go wrong when you plan your antispam solution. Things can be tricky if you have an SMTP relay servers sitting in front of your Exchange servers, and you enabled Sender ID filter on Exchange HUB servers.

I will start by explaining the problem, and then walk you through the solution. Let us consider that your setup is like the following figure.

Exchange InternalSMTPServers

Your incoming emails are passing through smart hosts or SMTP relay servers  antispam servers]. After the message is inspected, it will be delivered to your internal transport hub Exchange servers.

Now suppose that you want to implement some of the built in Exchange transport antispam features on your internal Exchange servers, like Sender ID filter for example. To do so, you enabled such filter, and suddenly, you will see a lot of block connections perhaps.

SMTP Relay and Exchange InternalSMTP Servers

When an RFC-compliant SMTP server receives a message, the server updates the message’s Received Header with the domain name and IP address of the sender. Therefore, for each SMTP server that is between the originating sender and the Hub Transport server, the SMTP server adds an additional Received header entry.

This means that your SPF check will fail because the IP addresses of your SMPT Relay servers will be included in the message headers of the received message.

Again, SMTP Relay and Exchange InternalSMTPServers can become really tricky. To overcome this problem, you can use the Set-TransportConfig, command to add the list of your SMTP antispam servers [SMTP Relay Servers] to be ignored by the Sender ID agent, so that the SPF check will not fail.

Say that we have two antispam servers sitting in front of our Exchange Transport servers, and their IPs are 10.0.1.10 and 10.0.1.11, the command that we should use will be:

Extra Reading

About The Author

Ammar Hasayen

Ammar is a digital transformer, cloud architect, public speaker and blogger. He is considered a trusted advisory with the ability to quickly navigate complex multi-cultural organizations and continuously improve and motivate cross-functional teams to achieve higher productivity, collaboration, revenue gain and cross-group knowledge sharing. His contributions to the tech community helped him get awarded the Microsoft Most Valuable Professional. Ammar appears in a lot of global conferences, and he has many publications about digital transformation and next generation technologies.

1 Comment

  1. pawan kaushik vastu expert

    It’s really a nice and useful piece of info. I am glad that you simply shared this helpful info with us. Please keep us informed like this. Thank you for sharing.

    Reply

Leave a reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Hi, I’m Ammar Hasayen

Ammar-New-MVP

About Me

Cloud Architect | Cybersecurity | CISSP | Microsoft MVP | Pluralsight Author | Book Author | International Speaker | World Explorer | @ammarhasayen

 

LinkedIn Profile

My Pluralsight Course

Speaking at Microsoft Ignite Dubai

Ammar Hasayen Speaker Ignite

Pin It on Pinterest