Category Archives: Exchange 2010

Exchange 2007/2010 Internal Relay Receive Connector Does Not Relay

So you’re working with Exchange 2007/2010 and you’ve got the need to allow some internal applications, PCs, or servers to relay mail through the Exchange server, but it doesn’t seem to be working even though you’ve got the receive connector created with the right properties:

  1. Connector type: Custom
  2. Authentication: TLS, Externally Secured
  3. Permission Groups: Anonymous
  4. Network: IP addresses listed of the servers/PCs you want to be able to relay from

You need to do one last step to allow anonymous logon/relay, but it needs to be done with the Exchange Management Shell (EMS).

Let’s say your connector is named Internal Relay. Run the following command in EMS: Get-ReceiveConnector “Internal Relay” | Add-ADPermission -User “NT AUTHORITY\ANONYMOUS LOGON” -ExtendedRights “Ms-Exch-SMTP-Accept-Any-Recipient”

That should do it. Test relay and you should see that it is successful.

Merge private key with certificate using OpenSSL

I had an issue where I needed to replace the current SSL certificate on Exchange 2010 with the same certificate that had additional SAN names added.  Unfortunately, the certificate I was provided was not signed by the provider’s (GoDaddy in this case) private key so the certificate could not be directly imported.  I used OpenSSL to sign the certificate with the provided private key and was able to import the certificate into Exchange successfully after creating a temporary certificate to assign the services while I removed the existing certificate to import the newly created one.

Using OpenSSL, run the following command to sign the certificate with the provided private key:

openssl pkcs12 -export -in -inkey server.mydomain.key -out mycertificate.pfx