I have implemented a new Exchange 2007 server running on Server 2008 in our domain. We previously used Exchange 2003 running on Server 2003 and I had locked the Default SMTP Connector down so that it would only accept message from a range of IP addresses provided by MX Logic. For those who don't know, MX Logic provides spam filtering services, like Postini.
I have added the MX Logic IP addresses to the IP Allow List under Server Configuration > Hub Transport. My question is, how do I tell the Exchange server to deny messages from all other IP addresses that are not explicitly defined in the IP Allow List?
If it matters, this server is the Client Access Server and Hub Transport server. We do not have an Edge Transport server in the organization.
Best Answer
I think I went the wrong way with the previous answer.
Setup a receive connector on your Hub that allows anonymous connection (presumable this is done if you are receiving mail though MX Logic). If you are using only one receive connector, then you will need to create a new one - one which allows anonymous users and the other which does not.
On the properties of that anonymous receive connector, go to the Network tab and edit the field "Receive mail from remote servers that have these IP addresses:".
Add only MX Logic IPs in there, and possibly any boxes on your local network that need to send SMTP with unauthenticated connections.