Duly checked the receive connectors within the Exchange Management GUI and everything looked okay but still the server wasn't able to relay. On launching the Exchange Management Powershell console we ran the command:
Get-ReceiveConnector "Receive Connector" | Get-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON"
And noticed that instead of there being rights for "ms-Exch-SMTP-Accept-Any-Recipient", there were rights for "ms-Exch-SMTP-Accept-Any-Sender"
We issued the command:
Get-ReceiveConnector "Receive Connector" | Add-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON" -ExtendedRights "ms-Exch-SMTP-Accept-Any-Recipient"
And the server was able to relay messages once again. We haven't been able to determine, who or what changed the permissions on the connector but they'd been modified and the above command resolved our issue.
If you are trying to send notifications via your Exchange with an Anonymous connector ensure the following has extended rights:
NT AUTHORITY\Anonymous Logon {ms-Exch-SMTP-Submit}
NT AUTHORITY\Anonymous Logon {ms-Exch-Accept-Headers-Routing}
NT AUTHORITY\Anonymous Logon {ms-Exch-Bypass-Anti-Spam}
NT AUTHORITY\Anonymous Logon {ms-Exch-SMTP-Accept-Any-Recipient}
No comments:
Post a Comment