FAQ: Configuring Exchange 2019/2016/2013 Relay Settings for Exchange Connector

Exchange Connector delivers mail to Exchange Server using the SMTP protocol, and therefore requires relay permissions to the server in order to be able to deliver mail. The SMTP server also needs to have anonymous access enabled (this is the default setting for mail servers and is safe, because only a specific list of computers will be allowed to relay). To configure the authentication and relay settings for compatibility with Exchange Connector, a Receive Connector will need to be created in Exchange.

Multi-role Exchange 2013 servers are recommended as per Microsoft recommendations. Creating a new Receive Connector for use with Exchange Connector is recommended. The simplest approach is to use a port number other than 587 or 25. If port 587 or 25 are used, the default Receive Connectors will need to be modified to ensure they do not conflict with the new Receive Connector that is created. Care needs to be taken with the default configuration in recent versions of Windows and Exchange 2013 with respect to setting listening IP addresses, especially if the name localhost is used as the server name, as the default IPv6 settings cause localhost to resolve to ::1 and not 127.0.0.1. In most cases, it is recommended to use the fully-qualified DNS name of the server (e.g. server.mydomain.local), and check the exact IP address it resolves to when the ping command is used from the server itself.

To avoid creating an open relay configuration, it is necessary to ensure that the receive connector used by Exchange Connector is not externally accessible. If the built-in receive connectors must allow external connections, create a new receive connector which only allows connections from local IP addresses (see below).

Configuring Exchange Server

From the Exchange Control Panel website, select Mail Flow on the left and Receive Connectors at the top. If you will only be receiving mail through Exchange Connector, the configuration can be simplified by disabling the built-in receive connectors. Click the Plus icon to create a new Receive Connector.

On the General section of the Receive Connector, provide a name for the Receive Connector, for example QSS Exchange Connector. Also note the setting Maximum receive message size. To prevent delivery problems, the maximum message size should be set 20% larger than the maximum message size supported by the POP3 server, to take into account rounding and calculation differences and inconsistencies.

The Remote network settings section must contain the IP address of the machine on which Exchange Connector is installed, even if this is the same machine on which Exchange is installed. If you are using the localhost alias as the server name, be sure to include the loopback addresses (127.0.0.1 and ::1) in the range.

The Network adapter bindings section specifies the IP addresses which the receive connector listens on. For simplicity, it is recommended that this is set to all available IP addresses, especially if using a port other than 25 or 587. The port number does not matter as this receive connector will not be used to retrieve external mail.

On the Security tab, in the Authentication section, deselect all authentication mechanisms except "Externally Secured (for example, with IPsec).

In the Permission groups section, select "Exchange servers" and "Exchange users". If Exchange Connector is installed on a machine other than the Exchange server, also select "Anonymous users".

Click OK to save the Receive Connector settings.

Configuring Exchange Connector

Exchange Connector must be configured to use the appropriate server name or IP address, and port number, of the configured Receive Connector. These settings are located in the Options dialog in the Delivery section, shown below.

If the Test button indicates that the relay settings are invalid after performing the above configuration, verify with the ping command that the IP address which the server name resolves to is allowed in the Network settings of the Receive Connector. If localhost is used, make sure the loopback addresses (127.0.0.1 and ::1) are in the IP address range. Also verify that the port number is correct.

If clicking the Test button does not indicate a successful connection, Exchange Connector will be unable to deliver any mail to Exchange. Repeat the above steps under "Configuring Exchange Server" to ensure that the Receive Connector is correctly set up.