Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

HubTransport Role Send\Recieve Connectors HELP!!!!!! Exchange 2007

Status
Not open for further replies.
Wizard07

Wizard07

Technical User
Oct 25, 2007
12
AU
ANY one that can help pleaseee!!!!!

We are currently migrating to exchange 2007.

Setup:

1 * DC
1 * EXCH 2003
1 * EXCH 2007 - CAS\HUB\MAIL

SO currently both exchange boxes are running. All incoming mail comes through the EXCH 2003 box and work fine. Clients also pop email from this.

Now we changed it so all mail goes to the exchange 2007 box and i have set up the send connectors to route * all mail through dns from that connector.

Now this is where we have a problem on the default (servername) Recieve connector we could not get mail from domains outside or company until i selected. Permission groups TAB and than annonomous users. which is fine.

But now users who use pop3 to that server can put any name in the from field (even if they dont exist and our exchange server will allow it to go through. Also they can send on behalf of any user even if they dont have persmission to its like exchnage is not requiring authentication before sending.

Another problem from this is that any user can open a telnet session to our external name of our mail server mail.mydomain.com and also send email from any user exisitent or not. using the simple commands mail from rcpto etc.

Can anybody help me i can seem to sort this out....

 
Sort by date Sort by votes
Look at the SMTP connector on the 2003 box and you'll find it probably has a smarthost. That's your problem.

If not check the admin permissions.
 
Upvote 0 Downvote
I checked the 2003 machine. there is no smart hosts. Permissions are fine.

If the user is on the local network and they try and send a message on behalf of another user they get NDR reply do not have permission. That's a good thing we want that.

As soon as we set the same account up on a pop client of the network we can send from whoever we want any domain to any users at any email host and our exchange server is more than happy to forward it out. We deleted the send connector on the 2007 and box. but it forwards it out through the 2003 box ( the 2003 box must trust any coming from the 2007) if we test the user account on the 2003 box and try to do the same thing. they get the correct NDR messages. You do not have permission. So its definitely 2007 related.

I'm not sure if you know this but is there some sort of open relay relationship with the EAP and authoritative domains ??

Thanks for your help Zelandakh.. this one is a killer
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

PatrickRoggers
  • Locked
  • Helpful tip
Safest Way to Import PST file into Exchange Online
Replies
0
Views
2K
PatrickRoggers
PatrickRoggers
T
  • Locked
  • Question
How to use third party mail security gateway to scan internal/inter-domain mails in Exchange On-Premise?
Replies
3
Views
2K
DrB0b
DrB0b
ComputersUnlimited
  • Locked
  • Question
Migrating to Exchange 2019
Replies
0
Views
2K
ComputersUnlimited
ComputersUnlimited
Satishkumar007
  • Locked
  • Question
Help needed to recover after complete site failure
Replies
0
Views
2K
Satishkumar007
Satishkumar007
Brent Fletcher
  • Locked
  • Question
Exchange rule to remove "✉" icon when it appears in a subject title from a supplier
Replies
0
Views
2K
Brent Fletcher
Brent Fletcher

Part and Inventory Search

Sponsor

Back
Top