Send emails using SMTP relay in Exchange Server | Open relay and Anonymous relay in Exchange Server

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
hi guys i hope you all are doing well and welcome to the next video of this entire series of exchange server 2019 in the last video we talked about message tracking logs we discussed how to search message tracking logs and how to analyze them in this particular video we will be talking about open relay and anonymous relay or smtp relay we will discuss what is the difference between open relay and anonymous relay how to set up anonymous relay in exchange server and how to relay emails using anonymous relay in your exchange organization if your exchange server is configured properly then exchange server will accept only those emails those are sent to the recipients who are available in your exchange organization and if an email is sent to the user who doesn't belong to your organization that email will be rejected but just assume that what if someone from internet a random user from internet connects to your exchange server and sends an email to a user who doesn't belong to your organization do you think this is possible yes this is possible if your exchange server is configured for open relay anyone from internet can connect to your exchange server and can send email to anyone on the internet using the mx record of your exchange server i will show you this practically how someone can connect to your exchange server you should never configure your exchange server for open relay because anyone from outside your organization can connect to your exchange server and can send emails to the users who do not even belong to your organization spammers can use your exchange server to send spam emails or malicious emails or even malware to the users using your exchange server and this can lead to a blacklist of your exchange server ip address and the recipient email servers will start rejecting the emails those are sent from your exchange server now let's talk about anonymous relay or smtp relay in exchange server anonymous relay allows you to send emails from a website an application or a device like a printer or scanner let's assume you have a printer application in your on-premise exchange organization and you want to send emails or you want to relay emails to the internal users or to the internet using this printer application we do not want to let anyone else to send emails to someone using our exchange server so we will allow only this printer application to connect to the exchange server and to send emails to the recipients you can send emails to the internal users or even to the external users from this application not only printer application you can even use a script that connects to your exchange server and it sends email to the recipients now how does this work in exchange server we create a receive connector and in receive connector we specify the ip address of the machine where this application is hosted or sometimes we use the ip address of the application itself this completely depends what type of application you are using to relay emails so this way we allow only certain applications to send emails to the users using your exchange server and apart from these applications no one else will be able to connect to our exchange organization to send spam or malicious emails so let's move towards our lab and let me show you practically how you can configure exchange server for an anonymous relay you should always check that your exchange server should not be configured for open relay and to verify this you can go to remote connectivity analyzer tool go to exchange server inbound smtp email and here run this test and once this test is completed click expand all and go at the bottom here you will see the open relay test passed this mx is not an open relay so that means my exchange server is not configured for open relay so this is how you can verify if your exchange server is configured for open relay or not now let me try to connect to my exchange server and let's see if i can send email to someone using this exchange server so currently i am on a client machine and let me maximize this so now i will do telnet and i will try to connect to mx record of my exchange server i am connected let's send one request to this exchange server so i have initiated this session now let's try to send one email let's send it let's use one random email address mail from it says sender okay now let's add one recipient let's use again a random email address let's say random domain dot com now i should get an error so it says that the user to whom i'm sending this email this domain doesn't belong to the accepted domains of my exchange server so that means my exchange server is not configured for either open relay or anonymous relay external users can connect to my exchange server but they cannot use my exchange server mx record to send emails to someone or to relay emails so i will leave this window open and let's configure our exchange server for anonymous for relay let's go to exchange server to setup anonymous relay you will go to mail flow and then go to receive connectives and here we will create one receive connector click on plus and give it a name for example smtp relay select front end transport and then select custom go next no changes are required here go next under remote network settings you will add the ip address of the machine or the application that is allowed to relay emails using mx record of your exchange server now if i leave this setting as it is if i do not remove these ip addresses from here in that case my exchange server will be configured for open relay if i leave this setting and if i enable this connector in that case my exchange server will be configured for open relay that means anyone from outside my organization can connect to my exchange server mx record and they can send emails to anyone out there so make sure here you are adding only the ip address that is allowed to relay emails using the mx record of your exchange server so i will use the ip address of my client machine because i'll use this machine to relay emails so the ip address is 1.38 so i will remove this and i'll click plus and here i will add the ip address of the client machine that i'll use to relay emails once you have added the ip address click save and then click finish so this receive connector is created now we will go to exchange management shell and we will assign anonymous permission on this connector so here we will run these commands one by one to assign anonymous permission on the connector and to externally secure the receive connector that we just created for smtp relay these commands are available on microsoft article as well you can look for allow anonymous relay in exchange server go to this article and you can find these powershell commands in this article so these are the commands these are the three commands that you need to run and this one so i have already copied these commands here so let's run these commands one by one that's it now let's go to client machine let me close this window so let's open a new window and let's try to connect to mx record of my exchange server on port 25 so this session is initiated let's send one email mail from let's say abc at domain.com recipient will be xyz at randomdomain.com now you can see it says recipient okay though this domain doesn't belong to the accepted domains of my exchange organization i can still use this domain to send emails to anyone on the internet using the mx record of this section server now if i try to connect to the same exchange server from a different machine let's say from the host machine i should not be able to connect mail from let's say abc at randomdomain.com sender okay recipient to xyz at randomdomains.com now i should get an error so here you can see it says unable to relay recipient in non-accepted domain because this machine is not allowed to connect to my exchange server and to relay emails so that is the reason i'm not able to connect from here let's go to client machine and let's send one email so next we will type data and here we will type subject let's say test email enter and this is a test email that's it the email is sent now let's see how to use an application or a script to relay emails from your exchange server i will be using this script to relay emails in this particular script or command i'm using from address that belongs to one of the accepted domains in my exchange server i'm going to send this email to an external user if you want to send emails to multiple users in that case you can use this syntax here you can add multiple users either you can add internal or external users as per your requirement and if your requirement is to send emails to multiple users in that case you can create a distribution group or distribution list you can add internal and external users within that distribution list and you can simply type the email address of the distribution list in to field next i am using a subject body of the email and i will be using delivery notification option and this option will give me a notification on this particular email address whether the email delivery was success or it was failed and finally i am using the mx record of my exchange server so this particular script will connect to the mx record of my exchange server and this will relay the emails so let's copy this and let's go to powershell and let's run this script so the script is completed let's go to the gmail user here we can see we have received the email and if we check the email header of this email so here we can see this email was sent from the client machine this is the host name of the machine and this is the fully qualified domain name of my exchange server and from that this email was delivered to the google server so this is how you can relay emails in exchange server in the next video we will be talking about client access services we will discuss what are client access services and we will publish our exchange services to the internet so that users can access these services from external network so that is all for now i will see you all in the next video thank you guys thank you for your time take care
Info
Channel: Office365Concepts
Views: 27,743
Rating: undefined out of 5
Keywords: what is smtp relay, what is open relay, what is anonymous relay, open relay and anonymous relay, open relay and smtp relay, how to relay emails in exchange server, how to use smtp relay, how to set up smtp relay, what is relay emails, relay emails from exchange server, what is smart host, filtering server, what is direct send, what is client submission, send emails from application, what is telnet, how to send email from telnet, how to do telnet, telnet in exchange server
Id: su_mkP6TMKE
Channel Id: undefined
Length: 14min 50sec (890 seconds)
Published: Thu Apr 21 2022
Related Videos
How to relay emails from application using Office 365 | Client Submission, Direct Send, Smtp Relay
Office365Concepts
64K
How to Configure SMTP Anonymous Relay | Say No To Open Relay
Techi Jack
651
Cutover migration | Migrate onpremise Exchange mailboxes to Office 365 using Cutover migration
Office365Concepts
30K
Configuring SMTP Relay
NextDoorNetAdmin
707
Introduction to SMTP Relay for Servers
Eli the Computer Guy
101K
How to Configure DAG in Exchange Server 2019 / 2016 - High availability and Disaster Recovery Demo
ITProGuide
68K
Exchange Server 2016 Mx Record Setup
Techi Jack
40K
Connectors in Exchange online
Intune Guru
5.7K
How to setup an SMTP Relay in Office 365 | Email scanned documents directly from printer
ITPro
28K
How to configure Send connector in Exchange Server 2019 | Step by Step | Three Methods | video 2
ITProGuide
26K
Configure external inbound and outbound email flow in Exchange Server 2019 organization
Office365Concepts
26K
SendGrid.com SMTP Email Relay
JoeWaZoo1
1.7K
Office 365 SMTP Relay Using IIS
LiftOff 365 U
54K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.