Exchange 2010 Gotcha - #2

Incoming e-mail CAN'T come in!

This issue is not exclusive to Exchange 2010 - it also exists in Exchange 2007.

The default receive connector created by the Exchange setup process does not include permissions to include "Anonymous users" on the default server permission group. Microsoft assumes that you will be using their Edge Server product (which isn't Anonymous, but Authenticated).

Of course, most people (? - at least my customers!) will not be using the Microsft Edge Server product, but some other gateway e-mail product.

Therefore, you will need to set the "Anonymous users" permission on the default server permission group.

Otherwise - incoming Internet e-mail will bounce!

Until next time...

If there are things you would like to see written about, please let me know.

[Edit on April 15, 2010 to spell "Authenticated" correctly.]

Published Wednesday, April 14, 2010 3:42 PM by michael

Comments

Thursday, April 15, 2010 2:27 PM by AD Goodies 4/15/2010 - The Experts Community

# AD Goodies 4/15/2010 - The Experts Community

Pingback from  AD Goodies 4/15/2010 - The Experts Community

Thursday, April 22, 2010 6:05 AM by jgurtz

# re: Exchange 2010 Gotcha - #2

One wonders what it would take to gain "Authenticated" status.  Also, what does "Authenticated" mean in the context of Exchange?

 Other than overcoming this gotcha I can't think of a reason why Authenticated status would be more desirable in the context of a mail gateway but it would be neat if 3rd party products could gain the token and remove one headache from the pile.

Thursday, April 22, 2010 7:30 AM by michael

# re: Exchange 2010 Gotcha - #2

"Authenticated" means that Exchange can establish, with a high degree of assurance, WHO the sender is. TLS is another means of acquring the "Authenticated" token, which is completely available to third-party products.

[Note: I am not aware of the specific implementation that Edge and HT use to establish AUTH between themselves. I know that a token and a certificate are exchanged during the EdgeSync process, but how those are used is beyond my current understanding.]