c




  




 


× The scenario when there is no Edge server (Internet-facing Hub Transport server) requires one
of the following actions:
1.odify the default Receive connector to allow anonymous connections 
http://technet.microsoft.com/en-us/library/bb738138.aspx

á.Configure Receive connector (to receive messages from all remote IP addresses
through port á )
http://technet.microsoft.com/en-us/library/bb1á 1
.aspx
odifying the Default Receive connector to allow anonymous access (item 1, above) seems to be
the recommended approach.
The downsides of this approach are:
1.The usage of the default Receive connector is internal - this connector only accepts
mail from other Exchange servers that are part of the same Exchange organization. By
default, this connector doesn't accept anonymous submissions. ixing internal traffic
with external one doesn͛t seem a good idea.
á.-ou cannot modify the FQDN (it is using by default the internal Exchange server name)
of the Default Exchange Receive connector.
3.The external DNS records (forward and reverse) are using the Exchange Server public
name ʹ ex. ͞mail.yourexternaldomain.com͟. External mail servers are establishing a
session to ͞mail.yourexternaldomain.com͟, and are getting a response from
͞exchange.internalADdomain.com͟?!?
.Finally, it is not a good idea to expose your AD and Exchange internal name to the
Internet.


This leads us to the second approach ʹ Configuring a default Internet Receive connector. This
seems like a better option, from a design and security point of view. However, there are a
couple of considerations, which I would like to put for a discussion here:
1.-ou have to modify first, the Default Receive connector, and change its remote IP
address ranges. Otherwise you will get an error, when creating the Default Internet
Receive connector = ͞A receive connector must have a unique combination of a local IP
 address, port bindings, and remote IP address ranges͟. The easy way to do this is to
change the scope to the local subnet(s), and set the default connector to all IPs. The
more difficult approach is the way this is done in SBS á8, which is a weird approach
according to me. I would be happy to hear your opinion here.
á.Should we keep the local IP address of the connector to:
×All Available IPv (which again seems the recommended approach):
http://technet.microsoft.com/en-us/library/bb1á 1
.aspx
×or specify a single IP