When trying to enable an IP to ‘Relay’ though my Exchange server, I found I was unable to select ‘Frontend TransportConnector’.
Solution
Apparently this is a a bug first seen in CU2, the only current fix is to either create the connector as a Hub Transport connector, then convert it using PowerShell, or create the connector in the Exchange Management Shell, which is what I did.
1. Connect to the Exchange admin center > Mail flow > receive connectors > Add.
2. Give the connector a name (take note of it, you will need it in a minute) > Select ‘Frontend Transport’ > Custom > Next.
3. Accept the default of TCP Port 25 (SMTP) > Next.
4. REMOVE the 0.0.0.0-255.255.255.255 range. (WARNING: If you do not do this you will become an open relay).
5. Add in the IP address of the host (from which you want to allow relaying) > Save.
6. Open the properties of the connector you just created > Security > Under Authentication select ‘Externally Secured (for example with IPSEC) > Under Permission groups, select ‘Exchange servers’ and ‘Anonymous users’ > Save.
7. At this point, you may find that when you test from the host you get the following error;
421 4.4.1 Connection timed out
I would suggest you change some parameters of the receive connector. Execute the following PowerShell command;
8. Restart the Microsoft Exchange Transport Service on the Exchange server.
[box]Restart-Service MSExchangeTransport[/box]
Exchange 2013 – Test Email Relaying from your ‘Allowed IP’
1. Go to the machine you have allowed relaying from, and attempt to ‘relay’ mail. In the example below I’m attempting to send an email to test@relay.com. In the first example we cannot relay, so something has been misconfigured.
2. However this time we CAN relay so our connector is configured properly.
Related Articles, References, Credits, or External Links