9. Viewing and Managing Receive Connectors
To view all available Receive connectors for a server, do one of the following in the Exchange Management Console:
-
On a Hub Transport server, expand the Server Configuration node and
then click the server you want to work with in the main pane.
-
On an Edge Transport server, select Edge Transport and then click the server you want to work with.
On the Receive Connectors tab in the details pane, Receive connectors are listed by name and status. You can now
-
Change a connector's properties
To change a connector's properties, right-click the connector, and then
select Properties. Use the Properties dialog box to manage the
connector's properties.
-
Enable a connector To enable a connector, right-click it, and then select Enable.
-
Disable a connector To disable a connector, right-click it, and then select Disable.
-
Remove a connector To remove a connector, right-click it, and then select Remove.
When configuring Receive connector properties, you can specify the
security mechanisms that can be used for incoming connections on the
Authentication tab. Use any combination of the following:
-
Transport Layer Security Allows encrypted authentications with TLS for servers with smart cards or X.509 certificates.
-
Enable Domain Security (Mutual Auth TLS) When TLS is enabled, you can also enable domain security to require mutual authentication.
-
Basic Authentication
Allows basic authentication. With basic authentication, the user name
and password specified are passed as base64-encoded text to the remote
domain.
-
Offer Basic Authentication Only After Starting TLS Allows basic authentication only within an encrypted TLS session.
-
Exchange Server Authentication Allows secure authentication for Exchange servers. With Exchange Server authentication, credentials are passed securely.
-
Integrated Windows Authentication Allows secure authentication using NT LAN Manager (NTLM) or Kerberos.
-
Externally Secured
Allows secure external authentication. With externally secured
authentication, credentials are passed securely using an external
security protocol for which the server has been separately configured,
such as IPsec.
Also when configuring Receive connector properties, you can specify
the security group that is allowed to connect on the Permission Groups
tab. Use any combination of the following:
-
Anonymous Users Allows unauthenticated, anonymous users to connect to the Receive connector.
-
Exchange Users Allows connections by authenticated users who are valid recipients in the organization (Hub Transport servers only).
-
Exchange Servers Allows connections by authenticated servers that are members of the Exchange Server Administrator group.
-
Legacy Exchange Servers Allows connections by authenticated servers that are members of the ExchangeLegacyInterop group (Hub Transport servers only).
-
Partners Allows
connections by authenticated servers that are members of partner
domains, as listed on the TLS Receive Domain Secure list.
In the Exchange Management Shell, you can view, update, or remove Receive connectors using the Get-ReceiveConnector, Set-ReceiveConnector, or Remove-ReceiveConnector cmdlets, respectively. Samples Example 10 through Example 12 provide the syntax and
usage. With Get-ReceiveConnector, you can return a list of all
available Receive connectors if you don't specify an identity or
server. If you want to see only the Receive connectors configured on a
particular server, use the –Server parameter.
Example 10. Get-ReceiveConnector cmdlet syntax and usage
Syntax
Get-ReceiveConnector [-Identity Server\ConnectorIdentity
]
[-Server Server
] [-DomainController DCName
]
Usage
Get-ReceiveConnector
Get-ReceiveConnector -Identity "Corpsvr127\Adatum.com Receive Connector"
Get-ReceiveConnector -Server "Corpsvr127"
Example 11. Set-ReceiveConnector cmdlet syntax and usage
Syntax
Set-ReceiveConnector -Identity Identity
[-AdvertiseClientSettings <$true | $false>]
[-AuthMechanism <None | Tls | Integrated | BasicAuth |
BasicAuthRequireTLS | ExchangeServer | ExternalAuthoritative>]
[-Banner Banner
]
[-BinaryMimeEnabled <$true | $false>]
[-Bindings Bindings
]
[-ChunkingEnabled <$true | $false >]
[-Comment Comment
]
[-Confirm <$true | $false >]
[-ConnectionInactivityTimeout TimeSpan
]
[-ConnectionTimeout TimeSpan
]
[-DefaultDomain DefaultDomain
]
[-DeliveryStatusNotificationEnabled <$true | $false>]
[-DomainController DCName
]
[-DomainSecureEnabled <$true | $false>]
[-EightBitMimeEnabled <$true | $false>]
[-EnableAuthGSSAPI <$true | $false>]
[-Enabled <$true | $false>]
[-EnhancedStatusCodesEnabled <$true | $false>]
[-Fqdn FQDN
]
[-LongAddressesEnabled <$true | $false>]
[-LiveCredentialEnabled <$true | $false>]
[-MaxAcknowledgementDelay MaxDelay
]
[-MaxHeaderSize MaxHeaderBytes
]
[-MaxHopCount MaxHops
]
[-MaxInboundConnection <MaxConn
| Unlimited>]
[-MaxInboundConnectionPercentagePerSource MaxPercentage
]
[-MaxInboundConnectionPerSource <MaxConnPerSource
| Unlimited>]
[-MaxLocalHopCount MaxHops
]
[-MaxLogonFailures MaxLogonFailures
]
[-MaxMessageSize MaxMessageSize
]
[-MaxProtocolErrors <MaxErrors
| Unlimited>]
[-MaxRecipientsPerMessage MaxRecipients
]
[-MessageRateLimit <RateLimit
| Unlimited>]
[-MessageRateSource <None | User | IPAddress | All>]
[-Name Name
]
[-OrarEnabled <$true | $false>]
[-PermissionGroups <None | AnonymousUsers | ExchangeUsers |
ExchangeServers | ExchangeLegacyServers | Partners | Custom>]
[-PipeliningEnabled < $true | $false>]
[-ProtocolLoggingLevel <None | Verbose>]
[-RemoteIPRanges IPRange1
, IPRange2
, . . .]
[-RequireEHLODomain <$true | $false>]
[-RequireTLS < $true | $false>]
[-Server Server
]
[-SizeEnabled <Disabled | Enabled | EnabledWithoutValue>]
[-SuppressXAnonymousTls < $true | $false>]
[-TarpitInterval TimeSpan
]
Usage
Set-ReceiveConnector -Identity "Corpsvr127\Custom Receive Connector"
-Bindings "0.0.0.0:425"
-Fqdn "mailserver85.cpandl.com"
-RemoteIPRanges "0.0.0.0-255.255.255.255"
Example 12. Remove-ReceiveConnector cmdlet syntax and usage
Syntax
Remove-ReceiveConnector -Identity ConnectorIdentity
[-Confirm <$true | $false >]
[-DomainController DCName
]
Usage
Remove-ReceiveConnector -Identity "CorpSvr127\Adatum.com Receive
Connector"