Tuesday, July 13, 2010

allowing anonymous sending on SBS 2008 (for scan to email copiers or other devices)

I had put an SBS 2008 box in place for a client. I had to alter settings as the old mail server had allowed anonymous sending on the LAN. I tried a bunch of differnet credential combinations and ports and SSL options and none of them worked. Then I found this post, which walked me through created a receive connector that allowed anonymous senders on the IP addresses you specify.

The short version of the article.

Go to EMC.
Go to Server Configuration -> Hub Transport
Highlight your server in the top middle field and choose new receive connector on the right side
Call the connector "copier" without quotes and type is custom
Note sure if this is necessary, but add the internal FQDN in the bottom box such as contoso1.contoso.local
Leave the local network settings alone
In remote network settings, remove the existing content. Add a single entry for the IP address of the copier like
Hit NEW.
Now, right click on the connector you just created and clear all check boxes on the authentication tab.
On the permission groups tab, check the box for anonymous users.

Then open the Exchange PowerShell and run this command:

Get-ReceiveConnector "copier" | Add-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON" -ExtendedRights "ms-Exch-SMTP-Accept-Any-Recipient"

On your copier, you can now send over port 25 without SSL and without the need for sending credentials either.

No comments: