How to Create SMTP Relay in Exchange Server 2016 and 2019?

Extreme Close-up Photo of Codes on Screen

In older versions of Exchange Server, like 2007 and 2010, the Hub Transport Service is used to take care of anything related to SMTP. In newer versions of Exchange Server (2016 and 2019), there are two services for this purpose.

  • Front-End Transport Service: This is the service that other SMTP hosts used to connect to, when delivering emails to the Exchange Server. This service listens on the port 25. It can be easily identified with the name – Default Frontend \name of=”” server=”” /name .
  • Hub Transport Service: This is the back-end service which is used by the Front-End Transport and other Exchange Server Hub Transport services. The service listens on port 2525. It can be identified as Default /name of=”” server=”” /name>in the Exchange Admin Center (EAC).

How to View the Connectors?

To view the connectors, follow these steps:

  • Open the Exchange Admin Center (EAC).
  • Click on Mail Flow.
  • Click on Receive Connectors.

Here you can find the mentioned receive connectors.

Exchange admin center

If there are connectors already created, you can still create new ones to allow other devices to send emails, like server notifications. You can also create connectors to allow other servers to relay through the local Exchange Server, like in a hybrid setup or other external devices.

How to Create Relay Connectors?

Before starting, you must be careful to not open the transport service to anyone outside as it could be easily spammed and abused by non-invited guests. So, when setting up new connectors, make sure that you limit its use to either an IP range or particular IP addresses. If this is not set, you will end up with ‘Open Relay’, where anyone can send emails from. Your public IP address could be blacklisted and abused. So, you need to be careful when setting this up.

You can create a relay connection in two different ways.

  • You can create a connector which will be on the Front-End Transport. It can be restricted to IP addresses where any sending host will be treated as anonymous, and the anti-spam and message restrictions apply.
  • You can create a connector on the Front-End transport, with the same restriction. However, you can add the Exchange Servers and externally secured authentication mechanisms in the connector. In this type of connector, the sending host is considered as authenticated and legit. So, emails are exempted from anti-spam and message size limitations.

Use PowerShell to Create Connectors

To create a receive connector using the Exchange Management Shell (EMS), you can use the New-ReceiveConnector command as given below.

New-ReceiveConnector -Name \relay name=””-Server \server name=”” -TransportRole FrontendTransport -Custom -Bindings 0.0.0.0:25 -RemoteIpRanges /remote ip=”” /remote>

machine SRV01

The next step is to set the permission groups and authentication mechanisms. For this, use the Set-ReceiveConnector PowerShell command as given below.

Set-ReceiveConnector ” \server name=”” \relay name=”” -authmechanism=”” externalauthoritative=”” -permissiongroups=”” exchangeservers<=”” relay=””

machine SRV02

Once this is done, you can verify the connector settings by using the Get-ReceiveConnector PowerShell command (as given below). This will give all the details of the created connector.

Get-ReceiveConnector -Identity \relay name=”” | FL

machine SRV03


Use Exchange Admin Center (EAC)

You can also use the Exchange Admin Center (EAC) to create connectors. Follow these steps:

  • Open the Exchange Admin Center (EAC), log in without administrative user, and click on mail flow from the left pane.

    Exchange admin center office 365
  • Click on Receive Connectors.


  • Click on the plus (+) button to create a new connector.
  • Enter the name of the connector.
  • Tick Frontend Transport and click Next.

    relay_02
  • Click Next
  • You can leave the bindings as it is. It can automatically pass through any adapter of the server.

    network adapter
  • Click Next, Now, enter the subnet or IP addresses to accept connections from. You need to put in the remote addresses in this screen.

    IP Address
  • Click Finish, Once the connector is created, highlight the connector and click on the edit

  • Click on the security tab and select the Exchange Server and Externally Secured (for example, with IPsec). This is to match the example we did. However, depending on the connector’s requirements, these can be changed.

    security
  • Once ready, click on the Save

Conclusion

Above, we have discussed how to create connectors using PowerShell and the Exchange Admin Center (EAC). Since you are playing with the server’s configuration, you must ensure that no configuration would cause issues with communication between Exchange Servers, and internal mail flow.

Once you have created SMTP relay connectors, you need to create user profiles and mailboxes on the new Exchange Server. Also, you need to grant access to users to sign in and use their email account for sending and receiving messages. To move mailboxes to the new server quickly, you can use an EDB converter software, such as Stellar Converter for EDB.

Using this software, you can open any version of EDB database and of any size. You can browse through the database and granularly export the data to PST and other formats. You can also export EDB data directly to a new Exchange live database or migrate to Office 365. The application is not limited to user mailboxes but can also export archives, shared mailboxes, disabled mailboxes, and public folders.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top