question

NurHossain-3648 avatar image
0 Votes"
NurHossain-3648 asked LydiaZhou-MSFT commented

Mail from internal application still not being relayed to recipients of distribution group

But if I changed the delivery management setting from "Only senders inside my organization" to "Senders inside and outside of my organization" and I was then able to telnet to exchange from the application server in question and send the email to the distribution group in question and I see it went out to all of the recipients in the DG.

Although it is working in this way, it's not ideal, as now anyone from the outside can also send email to that DG.

So what is the better solution to this problem? Adding the Exchange server permission to the SMTP Relay receive connector.

office-exchange-server-administrationoffice-exchange-online-itprooffice-exchange-server-connectivityoffice-exchange-server-itpro
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Is there any way to allow DG to receive mail from Application Server (Anonymous Relay) without allowing "Senders inside and outside of my organization"?

Thank You

0 Votes 0 ·
LydiaZhou-MSFT avatar image
0 Votes"
LydiaZhou-MSFT answered LydiaZhou-MSFT commented

Except solutions provided by michev, there is another workaround for you.

Do you mean you want to set that DG can only receive messages from internal users and the application server?
If so, we can create a mail flow rule to block external messages sent to this DG, except the sender address used by your application. However, please pay attention that, if an external message sent to this DG and other internal users are added as recipients, other internal users won't receive this message as well.

You can create the rule like this:
Apply this rule if "the sender is outside the organization" and "The message To or Cc box contains DG", reject the message and include an explanation. Except the sender is the application address.

20774-546.png



If the response is helpful, please click "Accept Answer" and upvote it.


546.png (19.5 KiB)
· 3
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Based on my knowledge, if you don't want to use "Senders inside and outside of my organization", you have to configure the specific receive connector as externally secured for anonymous relay. It's mentioned by michev, and you can check this for more details: Configure the connections as externally secured.


If the response is helpful, please click "Accept Answer" and upvote it.


0 Votes 0 ·

Is there any update on this thread?
Does configuring the specific receive connector as externally secured work for you? Please let us know if you would like further assistance.


If the response is helpful, please click "Accept Answer" and upvote it.


0 Votes 0 ·

Just checking in to see if above information was helpful. If you have solved your problem, could you share with us? Maybe it will help more people with similar problems.


If the response is helpful, please click "Accept Answer" and upvote it.

0 Votes 0 ·
michev avatar image
0 Votes"
michev answered

To be considered "internal", the application either must use an Exchange account, or you can add the externally secured flag, as detailed for example here: https://docs.microsoft.com/en-us/exchange/mail-flow/connectors/allow-anonymous-relay?view=exchserver-2019

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

drpollard626 avatar image
0 Votes"
drpollard626 answered LydiaZhou-MSFT commented

I'm wondering are you by chance hybrid or Cloud Only implementation? I have seen that the hybrid configuration wizard is ran and each environment sees the other as external in hybrid.

· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Not Hybrid or cloud, Microsoft exchange 2016 in On-premises

0 Votes 0 ·

@NurHossain-3648
Does it work after adding the Exchange servers permission group and the Externally secured authentication mechanism to the specific Receive connector?


If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

0 Votes 0 ·