I'm having some doubts on the receiver connector configure in our Exchange 2010, which the default receiver connector is configured to allow "Anonymous user" to connect.
We have mail gateway sitting in the DMZ zone, have 2 Exchange servers running under DAG and have no Edge transport role.
Few questions I have are:
1. Our mail gateway is connecting thru port 25, means it is connect to this default receiver connector right?
2. Do the "Anonymous user" required and why? Do mail gateways normally authenticate themselves (I can't find such settings in ours)?
3. "Anonymous user" has permission of "ms-Exch-SMTP-Accept-Any-Sender". Not sure who granted it, should it be removed or it is required in order to receive emails from external domains (from our mail gateway)?
Asking so because this connector is meant for internal relay as well. So if
"anonymous user" has this permission, anyone can send as anybody, isn't this a risk to security?
Any help are greatly appreciated!
Best Answer
To accept email from the internet then you have anonymous enabled. Therefore the settings you are seeing are correct. You would need to check whether the appliance can send email to your server via authentication to decide whether to change it. If it isn't able to authenticate, then you will have to leave anonymous enabled.
However, if the Exchange server cannot be seen from the outside world, I wouldn't worry about it. Furthermore, if you have things internally sending email - such as printers, scanners etc, they would normally not need to authenticate if sending email to an internal recipient. Authentication is normally only used for relaying.
Therefore having anonymous is normal and to be expected.
The second permission is the default. It allows a printer for example to send as printer@example.com and for it to be accepted by the server. Some will remove the permission, which is a crude way of stopping spoofing. However it is only effective on an external facing system. If you have a gateway in front then its effectiveness would be limited. The email has been accepted and would then bounce, so you are wasting bandwidth. Spoofing control should really be done at the point of delivery.